A blockchain bridge is a collection of on-chain and off-chain components that allows for the transfer of assets and data from one blockchain to another. Bridges enable interoperability between blockchains, which allows users to make use of their assets on more than one blockchain.
Before bridges, if users wanted to "transfer" assets from one blockchain to another, they would need to sell their existing assets on one blockchain and then buy new assets on another blockchain. This process required using an exchange that would buy and sell crypto assets for regular currency on multiple blockchains and was time consuming. Thus, as the number of blockchains has grown over the past few years, blockchain bridges were needed to allow users to transfer their assets quickly and seamlessly between blockchains.
Blockchain bridges play an important role in ensuring cross-chain interoperability, but what are the on-chain and off-chain components that make up a bridge?
What Makes a Blockchain Bridge a Bridge?
Bridges use smart contracts
Most, if not all, bridges will use smart contracts to initiate cross-chain transactions. Centralized exchanges may be the exception, where they could provide their own bridging services that may or may not use smart contracts. Otherwise, smart contracts serve as the primary interfaces that an end-user will interact with when transferring assets or sending data between blockchains.
Similarly, when sending an email from one person to another, both parties need to have an email address. This email address functions as the inbox and outbox for messages. So, just as email addresses are needed to send and receive email, a pair of smart contracts is required to send and receive assets via a bridge.
As part of the bridging process, a user will need to transfer their asset that they wish to bridge to the bridge's respective smart contract. From there, the smart contract could take several approaches to handle the asset:
- Escrowing: a bridge smart contract may choose to simply escrow a user's asset. This means the asset will either stay in the current smart contract or be moved to another contract, where it will remain until another user wishes to bridge an asset to the respective blockchain.
- Wrapping: a bridge smart contract could also choose to wrap a user's asset and return a wrapped token to denote that a user has bridged an asset.
- Burning: if the bridge's smart contract has the appropriate authority over the asset a user wishes to bridge, the smart contract may burn the asset on one blockchain and then mint an equivalent asset on another blockchain.
Bridges have an off-chain component
As it stands today, blockchains cannot directly communicate with each other. This means a bridge is required to have an off-chain component. The off-chain component is the major differentiator of most bridges and can vary widely in form and implementation. This component is typically classified into two categories: Trusted and Trustless.
Similar to custodial vs. non-custodial wallets, trusted vs. trustless bridges refer to whether the off-chain component of a bridge is a trusted, centralized entity, or uses node software and consensus algorithms to perform bridge operations. One of the more well-known examples of a trusted bridge is wrapped bitcoin (wBTC). wBTC enables holders of bitcoin (BTC) to bridge their assets to Ethereum, where users' BTC is ultimately held by trusted custodians who also have the authority to mint and burn wBTC accordingly.
On the other hand, Arbitrum’s trustless bridge uses Arbitrum’s underlying Optimistic Rollup-based consensus node software to validate transactions. Arbitrum also allows developers to create their own smart contract gateways through which users can bridge custom tokens, NFTs, and other assets. However, not all off-chain implementations for bridges will fall cleanly into either the trusted or trustless category.
Putting it all together
At a high level, the step-by-step process of what occurs when a user interacts with a bridge would look like the following:
- A user initiates a bridge interaction by transacting with its smart contract on blockchain A.
- The user's asset is transferred to the bridge's smart contract, where it could be wrapped, escrowed, or burned. What happens to the asset on blockchain A depends on the bridge.
- The off-chain component of the bridge is alerted to the new transaction. The off-chain component proceeds to verify the transaction. The verification of the user's transaction can occur in either a trusted or trustless fashion.
- Once the transaction is verified, the off-chain component will initiate another transaction to credit an equivalent asset to the user on blockchain B.
Common Use Cases of Bridges
The most common use case for bridges is transferring tokens from one blockchain to another. The ability to bridge tokens allows users to interact with smart contracts on other blockchains. For example, a user may be staking tokens in a protocol on Ethereum in order to earn interest. However, the user may realize that by staking their tokens using a protocol on Polygon Network (an L2), they could be earning a higher annual percentage yield (APY). In order to take advantage of the higher APY on Polygon, a user could unstake and bridge their tokens using the Polygon Bridge.
Another use case for bridges is sending cross-chain messages, where a message could contain any kind of data. This is especially useful for smart contracts that are deployed on one blockchain, and thus only exist on that blockchain, but want to interact with another blockchain. For example, a user may have a gnosis safe multi-signature wallet for added security, but without bridges, would be unable to interact with blockchains other than the one where the wallet is deployed to, unlike externally-owned accounts (EOAs).
Due to the cross-chain nature of bridges, they intrinsically have a more complicated architecture than most smart contracts. This complexity, coupled with the concentration of wealth (in tokens or other assets) in bridges, means that bridges make for attractive targets for hackers. In 2022 alone, nearly $2.5B has been stolen in bridge-related hacks, and that number continues to increase on almost a monthly basis.
One of the first and largest value bridge hacks in 2022 was the Ronin bridge hack. Ronin used an M-of-N style validator system as their off-chain component, where the larger M and N are the stronger the decentralization of the validation system. In Ronin's case, they used a 5-of-9 majority, which was surprisingly small. Additionally, 5 of the validators belonged to a single company - Sky Mavis, creators of Axie Infinity. As a result of Ronin's validators being highly centralized, they were hacked for over $600M when all 5 of Sky Mavis' validators were compromised. This allowed hackers to single-handedly validate the removal of funds from the bridge.
In another instance, Binance's BNB bridge was hacked for approximately $580M as a result of a flaw in their proof validation. This hack was initiated on-chain, but targeted the off-chain node software. Ultimately, a hacker was able to forge valid messages, and arbitrarily minted 2M BNB tokens.
Overall, the bridges that have been hacked thus far have not really shared any implementation flaws. Each bridge implementation is unique, and as a result, any hacks tend to be crafted specifically for the bridge targeted. Therefore, there is no panacea for preventing bridge hacks. However, there are security best practices that bridge developers and maintainers could follow in order to reduce the attack surface of their bridges.
AE Provides Bridge Security Consulting and Auditing
Arbitrary Execution (AE) provides bridge security consulting as well as audits for both on-chain and off-chain bridge components. We are a team of security research engineers who are bringing our expertise in traditional cybersecurity to the domain of decentralized technology. Interested in having your bridge audited? Reach out to us at email@example.com and take a look at our recent blog post, When to Schedule Your Smart Contract Audit for more information on our smart contract audit process.