Why Economic Finality is the Only Finality That Matters for Bridges

Layer 1 finality (e.g., Ethereum's ~12 minutes) is a latency trap for bridges. Fast-chain reorgs (Solana, Avalanche) can revert "finalized" transfers, creating a race condition for attackers. Bridges like Multichain and Wormhole were exploited because they acted on probabilistic, not absolute, finality.\n- Reorg Risk: A 32-block reorg on Ethereum can undo $B+ in "finalized" transfers.\n- False Security: Users assume settlement is complete when it's only probabilistically safe.

Protocols like Across and Nomad (pre-hack model) use economic security. A set of bonded attestors cryptographically sign off on events, staking capital that can be slashed for fraud. Finality is achieved when the cost of corruption exceeds the profit. This creates a cryptoeconomic firewall.\n- Capital Efficiency: Security scales with staked value, not validator count.\n- Deterministic Safety: Users know the exact financial penalty for a fraudulent attestation.

LayerZero abstracts finality by introducing a configurable Verifier (e.g., Oracle + Relayer). The security model depends on the economic security of the chosen verifier network (like Google Cloud or a decentralized set). It doesn't invent new crypto-economics but outsources finality to a network with its own stake. The hard truth: its safety reduces to the weakest-linked verifier's cost-of-corruption.\n- Flexible Finality: Developers choose their security/trust trade-off.\n- Oracle Risk: Consolidates to the economic security of the message service.

A chain's internal consensus (e.g., Tendermint finality, Ethereum's 15-block confirmation) is meaningless to an external bridge. An attacker can finalize a fraudulent withdrawal on the source chain and present it as valid. This is the core failure mode of most native bridges and many third-party solutions.

• Relies on a single chain's liveness
• Zero cost to present a fraudulent proof
• Creates systemic reorg risk

Security is enforced by a bonded third-party (relayers, verifiers) who stake capital to attest to the validity of a cross-chain message. If they are wrong, their stake is slashed. This creates a direct, quantifiable cost of attack that must be overcome.

• Security scales with staked capital (e.g., $200M+ pools)
• Universal: works across any chain with a light client or oracle
• Enables fast, optimistic execution (~3 min delay)

Separates routing from verification. Users submit intent signatures, and a decentralized network of solvers competes to fulfill them via the most efficient path (DEXs, bridges). The winning solver posts a bond, guaranteeing the outcome. Economic finality is achieved via the solver's bond and the competitive auction.

• Optimal routing via solver competition
• User gets guaranteed output, abstracts complexity
• Liquidity becomes a commodity; security is a constant

All economic models ultimately depend on an oracle (a set of nodes) to report on-chain events. The security of the oracle's data feed becomes the new bottleneck. Solutions like LayerZero's Decentralized Verifier Network or Chainlink CCIP attempt to decentralize this layer, but it introduces a new staking/trust assumption.

• Moves the trust assumption, doesn't eliminate it
• Oracle liveness is critical for safety
• Requires robust governance and slashing

Layer 1 consensus finality (e.g., Ethereum's ~12 minutes) is probabilistic and can be reversed in deep chain reorganizations. A bridge that only observes this can have its attestations invalidated, leading to double-spends and insolvency.\n- Real Risk: A malicious validator coalition can revert a block containing your bridge deposit.\n- Example: The 2020 Ethereum Classic 51% attacks repeatedly reorged 100+ blocks.

Protocols like Across and Chainlink CCIP use a model where attestors (oracles, relayers) post bonded capital that can be slashed for signing invalid state transitions. Finality is achieved when the cost of corruption exceeds the profit from an attack.\n- Key Benefit: Finality time collapses to block time + fraud challenge window (~10 min vs. hours).\n- Key Benefit: Security is quantifiable as the total bonded value (e.g., tens of millions) at risk.

Zero-Knowledge proofs provide cryptographic finality for state transitions, but the bridge's security still depends on the economic security of the data availability layer and prover network. Optimistic systems (like Nomad pre-hack) failed due to inadequate bonding, not the fraud-proof mechanism.\n- Verdict: A well-bonded optimistic bridge can be safer than an under-funded ZK bridge.\n- Design Imperative: Map every cryptographic guarantee to a concrete slashing condition and bond size.

Networks like UniswapX and CowSwap abstract the bridge entirely by using a fill-or-kill intent model. A solver network competes to fulfill the cross-chain swap, bearing the reorg and liquidity risk themselves. Economic finality is enforced via solver bonds and execution guarantees.\n- Key Benefit: User perceives instant finality; the economic risk is offloaded to professional market makers.\n- Systemic Benefit: Aligns incentives—solvers are punished for failures, not users.

For canonical bridges (e.g., Polygon PoS, Arbitrum), the economic finality is the cost to corrupt the multi-sig or validator set. This is often the weakest link. Polygon's 5/8 multi-sig has a lower attack cost than stealing from Ethereum's consensus.\n- Audit Question: What is the dollar cost to corrupt the attesting committee?\n- Red Flag: If this cost is less than the bridge's TVL, the system is under-collateralized.

1. Measure L1 Finality: Is it probabilistic (PoW/PoS) or absolute (Tendermint)?\n2. Identify Risk Bearer: Who loses money if a reorg occurs? (Relayer, Solver, User).\n3. Calculate Attack Cost: Sum all slashable bonds + reputational cost.\n4. Compare to TVL: Economic finality is secure only if Attack Cost >> Maximum Exploitable Value.\n- Tool: Model this like a traditional insurance or custody balance sheet.