Bridged Token

A bridged token is a wrapped representation of a native asset from another chain. It is minted on the destination chain (e.g., Wrapped BTC on Ethereum) and is typically backed 1:1 by the original asset locked in a custodial vault or smart contract on the source chain. The token's value is pegged to the original, but its technical implementation (e.g., ERC-20, SPL) is native to the new environment.

The existence and security of a bridged token are entirely dependent on the underlying bridge. Key risks include:

• Smart Contract Risk: Bugs in the bridge's locking/minting contracts.
• Custodial Risk: For trusted bridges, reliance on a central validator or multi-sig.
• Liquidity Risk: Inability to redeem the underlying asset if the bridge fails. This creates a distinct risk profile compared to the native asset.

Bridged tokens are categorized by their issuance authority:

• Canonical (Official): Issued by the bridge recognized as the standard by the asset's native community (e.g., WETH, WBTC).
• Non-Canonical (Unofficial): Issued by third-party bridges, leading to multiple wrapped versions of the same asset (e.g., renBTC, multichain BTC) on one chain. This can fragment liquidity and create confusion.

The supply of bridged tokens is controlled by a deterministic mint-and-burn process:

1. Lock/Mint: User locks Asset A on Chain X, providing cryptographic proof to Chain Y's bridge contract, which mints wrapped Asset A on Chain Y.
2. Burn/Release: To redeem, the user burns the wrapped token on Chain Y, providing proof to unlock the original asset on Chain X. This mechanism maintains the 1:1 peg.

Bridged tokens unlock composability by allowing assets to be used in decentralized applications on foreign chains. For example, wBTC (Wrapped Bitcoin) on Ethereum can be used as collateral in lending protocols like Aave, deposited into liquidity pools on Uniswap, or integrated into yield strategies. This is their primary utility, but it inherits the bridge's security assumptions.

Bridges use different consensus mechanisms to verify transactions and authorize minting:

• Externally Verified (Trusted): Relies on a federation or multi-sig of known entities.
• Locally Verified (Trust-Minimized): Uses light clients or cryptographic proofs (like zk-SNARKs or optimistic verification) to validate state transitions from the source chain. The proof mechanism is the core security layer for the bridged asset.

The most common bridging model where the native asset is locked or burned in a smart contract on the source chain, and an equivalent amount of the wrapped token is minted on the destination chain. This creates a 1:1 pegged representation.

• Example: Locking ETH on Ethereum to mint WETH on Arbitrum.
• Custody: Assets are held by a custodian, which can be a multi-sig wallet, a decentralized validator set, or the protocol's smart contracts themselves.

Some bridges use liquidity pools on both chains instead of minting tokens. Users deposit assets into a pool on Chain A and withdraw from a corresponding pool on Chain B.

• Atomic Swaps: Facilitates near-instant transfers without a central custodian holding funds.
• Examples: Connext and Hop Protocol use this model for fast, trust-minimized transfers of stablecoins and other assets.

A critical distinction for security and composability.

• Canonical Bridge: The officially sanctioned bridge for a Layer 2 or appchain, often deployed by the core development team. Tokens bridged this way are the native canonical representation on the new chain (e.g., ETH bridged via the official Optimism bridge).
• Non-Canonical Bridge: A third-party bridge. Using it creates a different token contract, which can lead to fragmentation and is not recognized by all native DeFi applications.

Bridge security models define the trust required for asset safety.

• Trusted (Custodial): Relies on a centralized federation or multi-sig. Users trust the bridge operators not to collude or get hacked.
• Trust-Minimized: Uses cryptographic proofs and decentralized validator sets. Light client bridges and ZK-proof bridges fall here, offering stronger security by verifying state proofs from the source chain.

Key infrastructure enabling cross-chain asset transfers.

• Wormhole: A generic message-passing protocol that uses a decentralized guardian network for attestations.
• LayerZero: An omnichain interoperability protocol using an Oracle and Relayer for lightweight message verification.
• Axelar: A blockchain network providing cross-chain communication via a proof-of-stake validator set.
• Polygon PoS Bridge: The canonical bridge for the Polygon network, using a federated security model with checkpointing to Ethereum.

Using bridged tokens introduces specific risks beyond smart contract vulnerabilities.

• Bridge Risk: The bridge itself is a central point of failure; several have been exploited for billions.
• Wrapped Asset Depeg: The bridged token can lose its 1:1 peg if the bridge is compromised or the custodian acts maliciously.
• Composability Risk: Non-canonical tokens may not be integrated into the destination chain's core DeFi protocols, reducing utility.

The most critical risk is the custodial model of the bridge. In a custodial or trusted bridge, users deposit assets with a centralized entity, creating a single point of failure. Non-custodial bridges rely on decentralized validator sets or cryptographic proofs, but can still be vulnerable if the consensus mechanism is compromised. The security of the bridged token is only as strong as the bridge's ability to protect the locked collateral.

The bridge's smart contracts on both the source and destination chains are high-value targets for exploits. Vulnerabilities can lead to:

• Unlimited minting of bridged tokens without backing collateral.
• Theft of locked funds in the bridge's vault.
• Logic errors that prevent users from redeeming their original assets. Major breaches like the Wormhole ($325M) and Ronin Bridge ($625M) exploits were due to smart contract vulnerabilities.

Many bridges use external validators or oracles to attest to cross-chain transactions. This creates attack vectors:

• Collusion: A supermajority of validators can approve fraudulent withdrawals.
• Oracle compromise: If the data feed is manipulated, invalid state transitions can be certified.
• Liveness failure: If validators go offline, assets can be stuck. This risk is central to fraud-proof and optimistic bridge designs.

Users often confuse bridged/wrapped tokens (e.g., USDC.e on Avalanche) with native tokens (e.g., native USDC on Avalanche). Key risks include:

• Liquidity fragmentation across multiple versions of the same asset.
• Depeg risk if the bridge is compromised, while the native asset remains sound.
• Protocol incompatibility, as some DeFi applications may only accept the native canonical version. Always verify the token contract address.

The ability to redeem a bridged token for the original asset depends on the bridge's liquidity and operation status. Risks include:

• Bridge shutdown: If the bridge ceases operation, redemption may become impossible.
• Insolvency: If the locked collateral is stolen or depleted, bridged tokens become unbacked.
• Withdrawal delays: Some bridges have long challenge periods (e.g., 7 days) for fraud proofs, during which funds are inaccessible.

The canonical bridge (often built or endorsed by the destination chain's core team) is typically the most secure option for bridging assets. It benefits from:

• Direct integration with the chain's security and upgrade mechanisms.
• Greater scrutiny and formal verification.
• Official token status, reducing confusion. Using unofficial third-party bridges increases exposure to the aforementioned risks and should involve thorough due diligence.

The official, protocol-endorsed bridge connecting two blockchains. It is typically the most secure and integrated method for moving assets, as it is maintained by the core development teams of the respective chains. Examples include the Optimism Gateway for Ethereum→Optimism or the Arbitrum Bridge.

• Key Feature: Often uses a mint-and-burn model where tokens are locked on the source chain and newly minted on the destination.
• Security: Generally considered the most trusted bridge for a given chain pair.

The most common bridging mechanism where the native asset is locked in a smart contract on the source chain and an equivalent wrapped representation is minted on the destination chain. To return the original asset, the bridged token is burned, unlocking the collateral.

• Example: Bridging ETH from Ethereum to Avalanche via the Avalanche Bridge locks ETH in an Ethereum contract and mints WETH.e on Avalanche.
• Custody: The security of the locked assets defines the bridge's trust assumption.

A bridge model that uses pooled liquidity on both chains rather than locking and minting. Users swap assets via liquidity pools on each side, facilitated by relayers or liquidity providers. This is common for cross-chain DEXs.

• Examples: Stargate Finance and Synapse Protocol.
• Advantage: Often faster for high-volume assets and enables native asset transfers (e.g., USDC on Ethereum for USDC on Arbitrum).
• Consideration: Relies on the economic security of liquidity pools rather than validator sets.

A wrapped token is a representation of an asset on its native chain (e.g., WETH on Ethereum), while a bridged token represents an asset on a foreign chain. All bridged tokens are wrapped, but not all wrapped tokens are bridged.

• Key Distinction: Wrapping is a single-chain operation; bridging is inherently cross-chain.
• Composability: Both enable assets to be used in DeFi protocols, but bridged tokens introduce bridge risk.

The additional smart contract and custodial risk assumed when using a bridge. This is the primary security consideration for any bridged asset, as bridges have been major attack vectors.

• Smart Contract Risk: Bugs in the bridge's code.
• Custodial Risk: For trusted bridges, the risk that the validator set or multisig signers act maliciously.
• Liquidity Risk: For liquidity-based bridges, the risk of insufficient pool depth.
• Impact: A bridge hack can render all bridged tokens on the destination chain worthless.

The underlying protocol that allows bridges to communicate state changes (like a deposit) between chains. This is the messaging layer that enables token bridging.

• Examples: LayerZero, Wormhole, Axelar, and Chainlink CCIP.
• Function: These protocols relay and verify messages, instructing the destination chain to mint or release tokens.
• Importance: The security of the bridged token is directly tied to the security of this messaging layer.