The first time I sent ETH across a crypto bridge, I sat staring at my laptop for twenty minutes convinced I had just lit two thousand dollars on fire. So when somebody asks me what is a crypto bridge, I always answer the same way first: it’s a piece of infrastructure that connects two otherwise isolated blockchains so assets can move between them. Then I tell them the other half — bridges are also where roughly 40% of every dollar ever stolen in crypto has disappeared.
This guide explains how crypto bridges actually work, why they keep getting drained, and how I personally use them without getting rekt. I’ve been bridging assets across Ethereum, Layer 2s, and alt-L1s since 2021, and I’ve watched friends lose life-changing money to bridge exploits. Let’s talk about it honestly.
Quick answer: A crypto bridge is a protocol that connects two separate blockchains so you can move tokens or data between them. Most bridges either lock tokens on the source chain and mint a wrapped version on the destination, or they burn tokens on one side and re-mint them natively on the other. Since 2021, over $2.8 billion has been stolen from bridge exploits — making them the single most attacked piece of DeFi infrastructure.
What Is a Crypto Bridge?
A crypto bridge is a protocol that connects two separate blockchains so assets and data can move between them. Blockchains are isolated by design. Ethereum cannot “see” Solana any more than a regional bank in Germany can directly wire funds to a credit union in Iowa without an intermediary network handling the handoff.
That isolation is the entire point of decentralization — but it creates what we in the space call the “walled garden” problem. Bridges exist to solve it. They act as a trusted (or sometimes trust-minimized) relay between chains, telling chain B that something verifiable just happened on chain A.
The first time I used one was during the 2021 cycle. I was moving ETH from mainnet to a new Layer 2 crypto network, and I’d never done it before. The funds left my wallet on Ethereum almost instantly. The destination wallet showed nothing. For twenty minutes I watched a loading bar pretend to move. I refreshed Etherscan obsessively. Eventually the tokens appeared on the other side, but I aged five years in that window.
If you’ve never bridged before, that initial silence is normal. It’s also why understanding the mechanics matters before you click anything.
How Crypto Bridges Actually Work
Every bridge has to solve the same fundamental problem: how does chain B trustlessly verify what really happened on chain A? Different bridges answer that question with different architectures, and the architecture is usually where the security risk lives. There are three main mechanisms you should know.
Lock-and-Mint: The IOU Model
This is the original cross-chain bridge design. Your tokens get locked inside a smart contracts on the source chain. In exchange, the bridge mints a “wrapped” version on the destination chain that represents your locked collateral.
If you’ve ever held WBTC on Ethereum, you’ve used lock-and-mint. The actual Bitcoin sits in custody, and a tokenized IOU lives on Ethereum. Most wrapped tokens on the market today exist because of this model. The trade-off is obvious: you’re trusting that the lockbox on chain A actually contains what the IOU on chain B claims.
Burn-and-Mint: The Clean Slate Approach
Burn-and-mint takes a different path. Tokens on the source chain get permanently destroyed. The same amount is then minted natively on the destination chain. There’s no custody, no IOU, no wrapped token sitting somewhere as collateral.
It’s a cleaner architecture and it removes one whole layer of trust assumptions. Chainlink’s technical definition of burn-and-mint token transfers walks through the mechanism in detail if you want the protocol-level breakdown. The catch is that burn-and-mint only works when the same issuer controls the asset on both chains — which is why USDC’s CCTP works this way but a random token from 2022 probably doesn’t.
Liquidity Pool Bridges: Speed Over Simplicity
The third model uses pre-funded reserves on both chains. Liquidity providers deposit assets into crypto liquidity pools on each side. When you bridge, you deposit on chain A and the pool pays you out on chain B. No minting, no burning — just a swap across two parallel pools.
This is the fastest method, often settling in seconds. It’s also the most capital-dependent. If the pool runs dry, you wait or pay a worse rate. And the LPs funding it face real impermanent loss exposure when prices drift between chains.
Why Crypto Bridges Are the Biggest Hack Target in DeFi
Here’s the part most explainer articles skip. I won’t.
Bridges hold enormous concentrated pools of locked capital. That makes them the richest targets in crypto — and attackers know it. Over $2.8 billion has been stolen from bridges since 2021. That’s roughly 40 cents of every dollar ever stolen across all of Web3, and bridge hacks alone account for around 69% of total DeFi ecosystem losses over the past two years.
I’ve watched these in real time. One of my closest friends from a recovery meeting had a six-figure stack on Axie Infinity when the Ronin bridge went down. He didn’t make a bad trade. He didn’t get phished. The infrastructure failed underneath him. Watching him process that loss was harder than watching my own bad trades from years before.
The Ronin Bridge Hack: $620 Million Gone
March 2022. Attackers — later linked to North Korean state actors — compromised five of the nine validator keys protecting the Ronin bridge. Once they controlled a majority of validators, they fed the bridge false transaction data and authorized withdrawals that never had real backing. Total damage: about $620 million.
The Wormhole Exploit: $320 Million in Minutes
February 2022. A flaw in Wormhole’s Solana-side signature verification let an attacker mint 120,000 wETH out of nothing — collateral that simply did not exist. Jump Trading, a major backer, eventually replaced the missing funds, but the architectural lesson stood: one signature bug equals total compromise.
The Nomad Crowdsource Drain: $190 Million
August 2022. A single smart contract initialization bug allowed any wallet to copy and paste the original exploit transaction with their own address swapped in. It became a public, on-chain crowdsourced robbery — hundreds of opportunists draining Nomad live, in real time, before the team could pause anything. Google Cloud’s Mandiant threat intelligence analysis of the Nomad bridge hack remains one of the cleanest forensic breakdowns of how a permissioned bridge collapsed into a free-for-all.
And the pattern hasn’t broken. CoinDesk’s coverage of the $292 million Kelp DAO exploit in April of this year is just the most recent reminder that bridges remain the soft underbelly of multi-chain crypto.
The Root Problem: Trust Assumptions
Why does this keep happening? Because most bridges don’t actually verify what happened on the other chain. They rely on a smaller, often centralized, system to report it — and that reporting layer becomes the real attack surface.
“Most bridges don’t fully verify what happened on another chain. Instead, they rely on a smaller system to report it. That system becomes the thing you trust.”
— Ben Fisch, CEO of Espresso Systems and Assistant Professor of Computer Science, Yale University
Fisch also said something that should be tattooed on every cross-chain user’s brain: “Every new connection adds more assumptions.” ACM peer-reviewed research on cross-chain bridge security challenges backs this up at the academic level — the more relays, validators, and signers in the chain of trust, the more failure modes exist. Some bridge architectures also create perfect setups for flash loans to amplify exploits or for MEV (maximal extractable value) bots to front-run transactions, depending on how settlement works.
The Most Used Crypto Bridges in 2026
I’m not in the business of ranking bridges or telling you which one to use. I’ll tell you the names that show up most in my own research and what makes each architecturally interesting.
- Stargate (LayerZero): Unified liquidity pools across many chains, sub-second settlement on supported networks, a flat 0.06% fee. Probably the most widely integrated cross-chain bridge in DeFi today.
- Across Protocol: Intent-based architecture. You declare what you want, relayers compete to deliver it optimally. Consistently among the cheapest and fastest in independent testing.
- LayerZero (the layer, not a bridge): Often confused for a bridge but it’s actually transport infrastructure. Stargate runs on top of it. Other bridges do too.
- Aggregators (LI.FI, Eco Routes): The modern UX trend — pick the best bridge for each transfer automatically based on price, speed, and security. I lean on these heavily now.
How to Use a Crypto Bridge Without Getting Rekt
This is the practical playbook I follow every time. Mistakes here are expensive and often unrecoverable.
- Verify the official URL. Phishing sites clone bridge UIs perfectly. I bookmark the real one and never type it from memory.
- Connect a self-custody crypto wallet — never an exchange wallet. Bridges expect you to control your keys.
- Confirm what you’ll receive. Native USDC and bridged USDC are different assets. Wrapped ETH and ETH are different assets. Read the destination side before signing.
- Budget for gas fees on both chains. You need gas on the destination chain to do anything once you arrive.
- Split large amounts. Three smaller bridges sting less than one massive one if something goes sideways.
- Triple-check the destination address. Some bridges allow custom recipient addresses. One typo = goodbye funds.
Are Crypto Bridges Worth the Risk?
For small DeFi positions, yield farming, or moving working capital between chains — yes, with caution and the playbook above. For large holdings or long-term storage — absolutely not. The right home for serious size is cold storage. If you’re new to that distinction, the difference between a hot wallet vs cold wallet setup matters more than which bridge you use.
The future of bridging is improving. ZK proof–based designs are the most promising — they let the destination chain cryptographically verify the source chain’s state without trusting an intermediary set of validators. The math is real. The implementations are still maturing. But the trajectory is right.
Until then, my framing is simple: a bridge is the weakest link in any cross-chain strategy. Treat it like an international wire transfer, not a magic button. Right-size the position. Pick reputable infrastructure. Move on.
Frequently Asked Questions
Is a crypto bridge the same as an exchange?
No. An exchange swaps one asset for another, usually on the same chain or off-chain on a centralized order book. A bridge moves the same asset from one blockchain to another. They solve different problems and have very different risk profiles.
How long does a bridge transaction take?
Anywhere from a few seconds to forty-five minutes, depending on the bridge architecture, the source and destination chains, and any fraud-proof or challenge windows. Liquidity pool bridges are usually fastest. Optimistic bridges with challenge periods are the slowest.
Can I get my money back if a bridge gets hacked?
Sometimes. Wormhole’s backers made users whole. Most exploited bridges did not, or did so only partially. Plan for the worst-case scenario, because the recovery story is not under your control.
Do I need to pay tax when I use a bridge?
Tax treatment varies by jurisdiction and depends on whether you’re swapping assets in the process. Talk to a crypto-savvy CPA — this is not the place to wing it.
The Bottom Line
Crypto bridges are critical infrastructure for a multi-chain world. They recreate value on another chain by locking, burning, or pooling it on the source side. They are also the single most exploited category of DeFi infrastructure, and that hasn’t materially changed in five years.
Use them with clear eyes. Small amounts. Audited bridges. Official URLs. Native token awareness. That’s the discipline.
If you want to keep going on the topic cluster, my next reads would be the deep dives on Layer 2 crypto, wrapped tokens, and the foundations of the DeFi ecosystem — they all touch the bridge story from different angles. The more of these mental models you stack, the less every new bridge headline rattles you.
