Trusted relays are obsolete. They introduce a single point of failure and rent-seeking, as seen in early versions of Axelar and Wormhole. The future is cryptographic verification of state.
layer-2-wars-arbitrum-optimism-base-and-beyond
Blog
The Future of State Proofs and the End of Trusted Relays
Trusted relay bridges are a systemic risk. This analysis explores how ZK proofs of consensus state, pioneered by Succinct and Polymer, enable chains to verify each other directly, rendering intermediaries obsolete and redefining L2 security.
introduction
THE TRUST MINIMIZATION IMPERATIVE
Introduction
The evolution from trusted relays to cryptographic state proofs is the definitive path to secure, permissionless interoperability.
State proofs are the atomic unit. A Succinct Non-interactive Argument of Knowledge (SNARK) or validity proof for a blockchain's state is the only trust-minimized primitive for cross-chain communication.
LayerZero's model is a hybrid. It uses an oracle-relayer separation to reduce, but not eliminate, trust. This contrasts with pure cryptographic systems like zkBridge or Polygon's AggLayer.
Evidence: The 2022 Wormhole hack, a $325M loss, exploited a trusted multisig. This failure accelerated the industry's pivot to proofs, with Ethereum's consensus layer now being the primary verification target.
thesis-statement
THE TRUST MINIMIZATION
Thesis Statement
Trusted relays are a systemic vulnerability; the future of interoperability is built on cryptographic state proofs.
Trusted relays are obsolete. They create centralized points of failure and rent extraction, as seen in early designs of Axelar and Wormhole. The industry shift is toward cryptographic verification of state.
State proofs are the new primitive. Protocols like Succinct Labs and Herodotus are building infrastructure to prove arbitrary state transitions. This enables light client bridges where validity is mathematically guaranteed, not socially assumed.
This kills the oracle problem. A proven state root from Ethereum can be verified on any chain, eliminating the need for a multisig to attest to data. zkBridge and Polymer are architectures built on this principle.
Evidence: The IBC protocol on Cosmos, which uses light clients and Merkle proofs, has secured over $40B in transfers without a single bridge hack, demonstrating the model's resilience.
market-context
THE TRUST TAX
Market Context: The $3B Bridge Problem
Cross-chain bridges have hemorrhaged over $3B to hacks, a systemic failure rooted in their reliance on centralized, trusted relayers.
Trusted relays are systemic risk. Bridges like Multichain and Wormhole failed because their security model concentrated trust in a single entity's private keys. This creates a single point of failure that attackers exploit.
State proofs eliminate trusted intermediaries. Protocols like zkBridge and LayerZero's TSS model replace human-operated relays with cryptographic verification. The destination chain validates the source chain's state directly.
The shift is from social to cryptographic security. The future is light clients verifying consensus proofs, not multisig committees signing off on transactions. This is the core innovation behind Succinct Labs and Polymer's architecture.
Evidence: The 2022 Wormhole hack lost $325M via a compromised multisig. In contrast, zkBridge's testnet processes proofs from Ethereum to Gnosis in under 3 minutes with cryptographic finality.
key-trends
THE END OF TRUSTED RELAYS
Key Trends Driving the Shift
The reliance on trusted relayers for cross-chain communication is being obsoleted by cryptographic state proofs, fundamentally realigning security and economic incentives.
01
The Problem: The $2B+ Bridge Hack Tax
Trusted relayers are a single point of failure, responsible for over $2B in cross-chain bridge hacks. Their security model is a liability, not an asset.\n- Centralized Attack Vector: Compromise the relayer, compromise all bridged assets.\n- Economic Misalignment: Relayer incentives are often insufficient to prevent collusion or failure.
$2B+
Hacked
100%
Trust Required
02
The Solution: Light Client & ZK State Proofs
Projects like Succinct, Polymer, and zkBridge are replacing trust with cryptographic verification. They generate succinct proofs that a state transition (e.g., a transaction) occurred on a source chain.\n- Cryptographic Security: Validity is proven, not assumed.\n- Permissionless Verification: Anyone can verify the proof, eliminating the trusted middleman.
~5 min
Proof Gen Time
~10 KB
Proof Size
03
The Catalyst: Intent-Based Architectures
Frameworks like UniswapX, CowSwap, and Across abstract execution. Users declare what they want (an intent), and a decentralized solver network competes to fulfill it, often using the most secure bridge.\n- Security as a Commodity: Solvers naturally route through the cheapest, most secure bridge (e.g., one using ZK proofs).\n- End-User Abstraction: Users get optimal outcomes without managing bridge security.
-90%
User Complexity
10x
Solver Competition
04
The Network Effect: Shared Security Layers
Instead of each app building its own bridge, protocols like EigenLayer, Avail, and Celestia enable the creation of shared security and data availability layers.\n- Amortized Cost: A single state proof can serve thousands of rollups and applications.\n- Universal Verifiability: A proof verified on a shared layer is trusted by all connected chains.
1000x
Cost Efficiency
1 → N
Proof Reuse
THE STATE PROOF SHOWDOWN
Bridge Architecture Comparison: Trusted vs. Trustless
A technical breakdown of how bridging security models differ, focusing on the role of state proofs in eliminating trusted intermediaries.
| Core Feature / Metric | Trusted (Multisig) Relay | Optimistic (Fraud-Proof) Bridge | Light Client / ZK (Validity-Proof) Bridge |
|---|---|---|---|
Security Assumption | Trust in N-of-M signers | Trust in a 7-day challenge window | Trust in cryptographic proof & underlying chain consensus |
Canonical Example | Multichain, Wormhole (pre-Solana), Celer | Nomad (pre-hack), Across (optimistic verification) | Succinct (Telepathy), Polymer (IBC), zkBridge |
Latency to Finality | ~2-5 minutes | ~7 days + 5 minutes | ~2-5 minutes (proof generation time) |
Relayer Operational Cost | High (active monitoring & signing) | Medium (bond required, active only during disputes) | Low (prover cost, automated) |
User Cost | $10-50 (gas + fee) | < $1 (gas + fee, often subsidized) | $2-10 (gas + fee + proof cost) |
Supports Arbitrary Data / Cross-Chain Calls | |||
Inherently Censorship Resistant | |||
Architectural Complexity & Attack Surface | Low (simple multisig) | High (complex fraud-proof system) | Very High (cryptographic circuits & light clients) |
protocol-spotlight
THE END OF TRUSTED RELAYS
Protocol Spotlight: The Builders
State proofs are shifting blockchain interoperability from trusted intermediaries to cryptographic verification, eliminating a $1B+ annual security subsidy.
01
The Problem: The Trusted Relay Tax
Every major bridge like LayerZero and Wormhole historically required a multisig or MPC committee to attest to state. This creates a centralized failure point and forces protocols to pay a security tax for relayers' operational costs and insurance.
- Single Point of Failure: Compromise of relayers leads to fund loss.
- Ongoing Cost: Security scales with operator incentives, not cryptography.
- Limited Finality: Users must trust the relay's liveness and honesty.
$1B+
Security Tax
7/11
Attack Vector
02
The Solution: Succinct State Proofs
Protocols like Succinct, Polygon zkBridge, and zkLink Nova generate ZK proofs of consensus or state transitions. The light client on the destination chain verifies a proof, not a signature.
- Trust Minimization: Security reduces to the cryptographic soundness of the proof system.
- Cost Scaling: Proof verification is a fixed gas cost, decoupling security from market rates.
- Universal Finality: Enables direct verification of Ethereum's consensus for any chain.
~5 min
Proof Time
~200k gas
Verify Cost
03
The Architect: EigenLayer & Restaking
EigenLayer doesn't create state proofs but solves the economic bootstrapping problem. It allows ETH restakers to slashably attest to the correctness of proof systems like Succinct or Lagrange, creating a decentralized network of provers.
- Economic Security: Taps into Ethereum's $50B+ staked ETH for cryptoeconomic security.
- Decentralized Provers: Avoids a single entity controlling proof generation.
- Modular Stack: Separates proof generation, verification, and economic security layers.
$50B+
Pooled Security
10+
Active AVSs
04
The New Stack: Prover Markets
The end-state is a competitive market for proof generation. Risc Zero, SP1, and Jolt provide general-purpose zkVMs, while Aggregators like AltLayer and Hyperbolic batch proofs from multiple rollups.
- Cost Competition: Provers compete on hardware efficiency (GPU/FPGA) to drive down costs.
- Proof Aggregation: Batching proofs from Optimism, Arbitrum, zkSync reduces per-proof cost.
- Universal Interop: Any chain can verify a proof of any other chain's state.
100x
Cost Reduction
< 1¢
Target Cost
deep-dive
THE TRUST MINIMIZATION
Deep Dive: How State Proofs Actually Work
State proofs replace trusted relayers with cryptographic verification, enabling secure cross-chain communication without new trust assumptions.
State proofs are cryptographic receipts that prove a specific state existed on a source chain. Protocols like Succinct Labs and Polygon zkEVM generate these proofs, which are then verified on a destination chain. This process eliminates the need for a trusted third-party relayer to attest to the state.
Zero-knowledge proofs (ZKPs) are the dominant mechanism. A zk-SNARK or zk-STARK compresses the entire state transition into a small proof. This is computationally intensive but provides succinct verification on-chain. The alternative, fraud proofs used by Optimistic Rollups, requires a challenge period and is slower for finality.
The verification cost is the bottleneck. Deploying a zkEVM verifier on Ethereum Mainnet is expensive. Projects like zkSync Era and Scroll optimize verifier circuits to reduce gas costs. Without these optimizations, state proof verification is economically unviable for most applications.
Light clients are the ultimate consumer. A trust-minimized bridge like Succinct's Telepathy uses state proofs to allow an Ethereum light client on Gnosis Chain to verify Ethereum Mainnet headers. This creates a cryptographically secure communication channel without introducing new validators.
counter-argument
THE REALITY CHECK
Counter-Argument: The Latency & Cost Trap
State proof verification introduces prohibitive latency and gas costs that trusted relays sidestep.
On-chain verification latency is the primary bottleneck. A zk-proof for a large state root can take minutes to generate, while an optimistic fraud proof window is 7 days. This makes real-time cross-chain composability impossible for applications like high-frequency DEX arbitrage or gaming.
Gas costs are non-trivial. Verifying a single Ethereum state proof on another chain can cost thousands of dollars in gas, a fee that must be amortized across users. This creates a perverse economic incentive where cheaper, faster trusted relays like Wormhole or LayerZero remain the pragmatic choice for most users.
The endgame is specialized hardware. To be viable, state proof systems like Succinct Labs' SP1 or RISC Zero must rely on dedicated proving networks with FPGAs/ASICs. This recentralizes trust into a few high-performance provers, merely swapping one trust assumption (the relay) for another (the prover network).
Evidence: The IBC protocol, which uses light client state proofs, processes only ~1% of all cross-chain volume. The dominant bridges—LayerZero, Wormhole, Axelar—use trusted off-chain attestation committees because their latency is sub-second and cost is a fraction of a cent per transaction.
risk-analysis
THE TRUST MINIMIZATION FRONTIER
Risk Analysis: What Could Go Wrong?
State proofs promise a trustless future, but their implementation path is fraught with technical and economic pitfalls that could stall adoption.
01
The Oracle Problem Reincarnated
Light client state proofs often rely on a small committee of attesters, creating a new centralization vector. A 51% collusion or a critical bug in the proving system could forge fraudulent state transitions.
- Key Risk: Replaces a trusted relay with a trusted proving set.
- Key Mitigation: Diversified, economically slashed attestation committees and formal verification of proof circuits.
1-of-N
Trust Assumption
$1B+
Slashable Stake
02
Proving Cost & Latency Wall
Generating a ZK proof for a full Ethereum block is computationally intensive, creating a proposer-centralization risk and finality delays. High costs could price out smaller chains from interoperability.
- Key Risk: ~10-20 minute proof generation time creates MEV and reorg vulnerabilities.
- Key Mitigation: Parallel proving, specialized hardware (ASICs/FPGAs), and recursive proof aggregation (e.g., zkSync's Boojum).
~15 min
Proof Time
$50K+
Hardware Cost
03
The Liveliness vs. Safety Trade-off
To avoid downtime, systems may implement optimistic modes or fallback to trusted relays. This creates a hybrid trust model where the security floor reverts to the weakest link during failures.
- Key Risk: Polygon Avail-style data availability crises or EigenLayer operator churn can trigger trust fallbacks.
- Key Mitigation: Clear, automated failure modes with strong crypto-economic penalties for liveness faults.
7 Days
Challenge Window
Hybrid
Trust Model
04
Fragmented Security & Bridge Wars
Multiple competing proof systems (zkBridge, LayerZero, Wormhole) create fragmentation. Liquidity and security are split, increasing systemic risk and user confusion about security guarantees.
- Key Risk: A $100M TVL bridge secured by a novel proof system is less battle-tested than the Ethereum L1 it validates.
- Key Mitigation: Standardization via IBC or shared security layers (e.g., EigenLayer for attestations).
10+
Competing Standards
Fragmented
TVL Security
05
Upgradeability & Governance Attacks
Proof systems require upgrades for efficiency and new features. If upgrade keys are held by a multisig, you've reintroduced a trusted party. Malicious upgrades can compromise the entire system.
- Key Risk: A 5-of-9 multisig controlling the Succinct Labs prover network becomes the ultimate trusted relay.
- Key Mitigation: Timelocks, decentralized governance (with high thresholds), and immutable canonical versions.
Multisig
Admin Key
30 Days
Timelock Min
06
Economic Sustainability & Free-Riding
Who pays for perpetual proof generation and verification? Without a sustainable fee model, provers may be underfunded, leading to centralization or service degradation. Chains may free-ride on others' security.
- Key Risk: A low-fee environment disincentivizes provers, creating a tragedy of the commons.
- Key Mitigation: Protocol-native fee markets, proof subsidy pools, and verifier-pays models.
$0.01
Target Fee/Proof
Subsidy
Required
future-outlook
THE TRUST MINIMIZATION
Future Outlook: The 24-Month Roadmap
Trusted relays will be obsolete within two years as on-chain state proofs become the universal standard for cross-chain communication.
On-chain state proofs are the final piece for trust-minimized interoperability. Protocols like Succinct Labs and Herodotus are building the infrastructure to verify any chain's state directly on another, eliminating the need for off-chain multisig committees that dominate bridges like Wormhole and LayerZero.
The modular stack wins because specialized proof systems (e.g., RISC Zero, SP1) will outsource heavy computation. This creates a competitive market for provers, similar to the current sequencer and prover markets in Optimism and Arbitrum rollups.
Proof aggregation is inevitable to manage cost and latency. Projects like Avail and EigenLayer will enable the batching of proofs from hundreds of rollups into a single, verifiable attestation, making per-transaction proofs economically viable for mass adoption.
Evidence: Polygon zkEVM already uses a ZK state proof for its bridge, and Celo's upcoming migration to an Ethereum L2 is predicated on this architecture, signaling a clear industry direction.
takeaways
THE TRUST MINIMIZATION FRONTIER
Key Takeaways
The era of trusted relayers is ending. State proofs are the cryptographic primitives enabling verifiable, permissionless interoperability.
01
The Problem: The Oracle/Relayer Cartel
Today's bridges rely on a small set of trusted signers, creating centralized points of failure and censorship. This model has led to over $2.8B in bridge hacks.\n- Centralized Risk: A handful of entities control $10B+ in TVL.\n- Economic Capture: Relayers extract rent for a purely custodial service.
$2.8B+
Bridge Hacks
~5-20
Trusted Signers
02
The Solution: Light Client State Proofs
Cryptographically prove the state of one chain on another using minimal client logic, eliminating trusted intermediaries. This is the foundation for protocols like Succinct, Herodotus, and Lagrange.\n- First-Principles Security: Inherits the security of the source chain's validators.\n- Permissionless Verification: Anyone can run a prover, breaking the cartel.
~1-5 min
Proof Time
L1 Security
Guarantee
03
The Catalyst: zk-SNARKs & Proof Aggregation
Zero-knowledge proofs compress verification work, making light client proofs economically viable. Aggregators like Succinct and Espresso batch proofs across chains.\n- Cost Collapse: Verification gas drops from ~2M gas to ~200k gas.\n- Universal Interop: A single proof can attest to state across Ethereum, Cosmos, Solana.
10x
Cheaper Verify
Multi-Chain
Single Proof
04
The Endgame: Intents & Prover Markets
State proofs enable intent-based architectures (e.g., UniswapX, CowSwap) where solvers compete to fulfill cross-chain orders verified by proofs. This creates a permissionless prover network.\n- User Sovereignty: Users express what they want, not how to do it.\n- Efficiency Frontier: Solvers optimize for MEV capture and proof cost, passing savings to users.
-50%+
Better Prices
Permissionless
Solver Set
05
The Incumbent Pivot: LayerZero V2 & CCIP
Even messaging giants are forced to adopt state proofs. LayerZero V2's 'Decentralized Verification Network' and Chainlink CCIP with off-chain reporting are hybrid transitions.\n- Legacy Drag: Must maintain backward compatibility with $20B+ in locked value.\n- Strategic Risk: Pure cryptographic solutions threaten their economic moat.
$20B+
Legacy TVL
Hybrid
Architecture
06
The New Stack: AVS & Shared Security
State proof systems are becoming Actively Validated Services (AVS) on restaking networks like EigenLayer. This creates a shared security marketplace for verification.\n- Capital Efficiency: Provers slash costs by leveraging pooled cryptoeconomic security.\n- Modular Growth: New chains plug into a universal verification layer, not custom bridges.
Shared
Security Pool
Plug-and-Play
Interop
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall