How Do Blockchain Bridges Work, and Why Are They Risky?
Bridges move assets between blockchains that cannot talk to each other natively. This guide explains lock-and-mint, liquidity pools, and why bridges are a top hacking target.
Explainers Lead · Jun 16, 2026 · 8 min read
Why do we need bridges in the first place?
Blockchains are self-contained systems. Ethereum has no native way to see what is happening on Solana, and a Bitcoin cannot simply appear on Ethereum, because each chain only knows about its own ledger. Yet users routinely want to move value between them, to chase yield, lower fees, or use an application that only exists on another chain. A bridge is the infrastructure that connects two otherwise isolated networks so an asset on one can be represented or spent on the other.
The important thing to grasp is that a bridge rarely moves the original asset. Your ETH does not physically leave Ethereum. Instead, the bridge creates a stand-in on the destination chain and guarantees, through some mechanism, that the stand-in is backed one-to-one by the real asset held elsewhere.
How does the lock-and-mint model work?
The most common design is lock-and-mint. It works in a simple loop:
- You deposit an asset into a bridge contract on the source chain, where it is locked, held in custody and unable to be spent.
- The bridge mints an equivalent amount of a wrapped token on the destination chain. This wrapped token is a claim on the locked original.
- When you want to go back, you send the wrapped token to be burned, and the bridge unlocks the original asset on the source chain.
Wrapped Bitcoin on Ethereum is a familiar example: real BTC sits locked with a custodian, and a matching token circulates on Ethereum. As long as the locked reserve genuinely backs every wrapped unit, the peg holds. The whole system depends on that backing being real and the party controlling the lock being trustworthy.
A second common design uses liquidity pools on both sides. Instead of minting a wrapped token, the bridge draws from a pool of pre-funded assets on the destination chain and hands you those, rebalancing the pools afterward. This can feel more like a native asset to the user, but it introduces its own dependency on pool depth and liquidity providers.
Why are bridges such a big security target?
Bridges have suffered some of the largest exploits in crypto history, with individual incidents draining hundreds of millions of dollars. The reason is structural: a bridge concentrates a huge pool of locked assets in one place, and its security is only as strong as the mechanism guarding that pool. Attackers follow the money.
A bridge is only as secure as its weakest validator, its smart contract code, and the honesty of whoever can authorise unlocks. Each of those is a separate attack surface.
The specific weak points tend to cluster around a few areas:
- Validator or multisig compromise — many bridges rely on a set of external validators or signers to approve transfers. If an attacker gains control of enough keys, they can authorise fraudulent unlocks and mint unbacked tokens.
- Smart contract bugs — a flaw in the lock or mint logic can let an attacker mint tokens without depositing anything, or withdraw more than they are owed.
- Fake deposit proofs — if the bridge accepts a forged message claiming a deposit happened, it may mint tokens against a deposit that never occurred.
When any of these fail, the wrapped tokens on the destination chain lose their backing and can collapse in value, harming everyone holding them, not just the attacker's victims.
How can you use bridges more safely?
Bridges are useful and often unavoidable, so the goal is informed caution rather than blanket avoidance. A practical checklist:
- Understand the trust model. Is the bridge secured by a small multisig, a larger validator set, or by the underlying chains themselves? Fewer trusted parties generally means more risk.
- Prefer battle-tested, audited bridges with a long track record and public security reviews over new, unaudited ones offering unusually high incentives.
- Move in reasonable sizes and avoid leaving large balances parked in wrapped assets longer than necessary.
- Check liquidity on liquidity-pool bridges, since thin pools can mean high slippage or an inability to exit at par.
The deeper takeaway is that a wrapped asset is a promise, not the real thing. Its value rests entirely on the bridge's ability to honour redemptions. When you bridge, you are adding a layer of trust on top of the two chains you already trust, and that added layer is precisely where most cross-chain failures happen.
Explainers Lead
Sofia turns dense on-chain mechanics into plain English. She writes Coin Currents Daily's Learn desk and edits the glossary.
Related reading
Oracle Design Is Still DeFi's Weakest Link in 2026
Jul 8, 2026 · 4 min read
Layer-2 Fragmentation Meets Intent-Based Interoperability
Jul 7, 2026 · 4 min read
DeFi Enforcement Shifts to Front-Ends and Governance
Jul 6, 2026 · 4 min read