Crypto bridging is the process of moving a digital asset or message from one blockchain to another by locking, burning, or attesting to its existence on the source chain and issuing a corresponding asset or message on the destination chain. The two chains run separate consensus and cannot read each other's state, so a bridge contract or off-chain network has to stand between them and prove that an action on one side justifies a release on the other.
​

The mechanism varies. Lock-and-mint bridges hold the original asset in a custody contract on the source chain and mint a wrapped IOU on the destination. Burn-and-mint bridges burn supply on one side and mint canonical supply on the other, which is how Circle's Cross-Chain Transfer Protocol moves native USDC. Liquidity-pool bridges keep inventory on every supported chain and let solvers front the destination asset before the source funds finalize. Each design trades speed against trust against capital efficiency.
​

Bridges have also been the largest single attack surface in crypto. Chainalysis attributed roughly $2 billion in stolen funds to bridge exploits across 13 separate hacks in 2022, and Rekt News still ranks Ronin ($624M, March 2022), Poly Network ($611M, August 2021), and Wormhole ($326M, February 2022) among the worst incidents the industry has recorded. The numbers shape how teams evaluate bridges today: trust model, finality time, and asset coverage carry as much weight as fee quotes.
​

This article explains the three architectures in production today, the four trust models that govern them, the recurring failure modes, the major bridge providers in 2026, and how aggregators like Li.Fi and Squid sit on top. It closes on how Eco abstracts bridging across rails so application teams stop choosing one of these every transfer.
​

A bridge is the connective tissue between blockchains that do not share consensus. Ethereum mainnet and Solana cannot read each other's blocks. Arbitrum and Polygon settle to different state roots. A user holding USDC on Base who wants to pay a counterparty on Tron has no native path, because the issuing contracts are completely separate and the chains do not communicate. Bridges fill that gap by either holding the asset in escrow and issuing a representation, or by destroying supply on one side and recreating it on the other under instructions a destination contract can verify.
​

The verification problem is the core of bridge design. To safely release funds on chain B, the bridge contract has to know that the deposit on chain A actually happened, that it has not already been spent, and that the source chain will not reorg the deposit out of existence. Different bridges solve this with different combinations of multisigs, light clients, optimistic windows, and zero-knowledge proofs. The choice determines how fast a transfer settles and how much an attacker would have to compromise to steal the float.
​

Bridges also carry messages. LayerZero, Hyperlane, Wormhole, and Axelar's General Message Passing all let smart contracts on one chain trigger calls on another. A token transfer is the simplest case: the message says "I locked 100 USDC on Ethereum, mint 100 USDC on Polygon." More elaborate messages can swap, deposit into a vault, or repay a loan in a single cross-chain transaction. The messaging layer and the asset layer are usually separate concerns, even when one bridge product covers both.
​

According to DeFiLlama's bridge dashboard, the top bridges collectively process several billion dollars per week in 2026, with native USDC routing via CCTP, intent-based liquidity flowing through Across, and message-based execution split between LayerZero, Wormhole, and Hyperlane. The mix has shifted noticeably since 2022, when wrapped-token lockups dominated and total value bridged was a smaller share of stablecoin flow.
​

Production bridges fall into three architectural families. Each family makes different tradeoffs around custody, finality, and capital.
​

The oldest pattern. A user deposits an asset, like ETH, into a custody contract on the source chain. Validators or a light client confirm the deposit, then a destination contract mints a wrapped representation, like wETH, on the target chain. The wrapped token is an IOU backed one-for-one by the locked supply. To redeem, the user burns the wrapped token and the bridge unlocks the original.
​

Polygon's PoS Bridge, Arbitrum's canonical bridge, and the original Wormhole token bridge all use lock-and-mint. The model is conceptually clean but creates fragmented liquidity: USDC.e on Avalanche, USDC.e on Polygon, and bridged USDC on Optimism are all distinct tokens with different liquidity pools, and they cannot be combined without going back through the bridge. The lockup contract is also a fat target. Ronin lost $624M because attackers compromised five of nine validator keys controlling the lockup. Poly Network lost $611M to a contract bug that let an attacker re-execute withdrawal instructions.
​

Burn-and-mint bridges destroy supply on the source chain and let an authorized issuer mint canonical supply on the destination. Circle's CCTP is the canonical example for stablecoins: USDC is burned on Ethereum, an attestation is signed by Circle's network, and the same USDC contract on Solana mints fresh supply. The token on the destination is the same token, not a wrapped version, so liquidity does not fragment.
​

CCTP V2 added fast finality with an optional 8-12 second confirmation path on supported chains, down from roughly 13-20 minutes for the original V1 hard-finality flow. Other native-mint approaches include LayerZero's OFT standard for non-USDC tokens and Wormhole NTT, which lets token issuers run a similar burn-and-mint model on top of Wormhole's guardian network. The tradeoff is that the issuer (or a designated network) becomes the trust root: if Circle stops attesting, USDC stops moving cross-chain via CCTP.
​

Liquidity-pool bridges hold inventory on every supported chain. A user deposits on chain A, and the bridge releases pre-positioned funds on chain B without waiting for chain A to finalize. Across popularized the intent-based variant: a user signs an intent ("I will pay X USDC on Ethereum to anyone who delivers Y USDC on Base within Z seconds"), and a competitive solver network fronts the destination asset, then claims the source deposit after Across's optimistic verifier confirms the deposit. The user sees ~30 second settlement on most routes; the solver carries the inventory risk.
​

Stargate uses Δ-algorithm-managed unified pools backed by LayerZero messaging. Hop targets rollups specifically with bonders fronting funds and arbitraging the discount. deBridge runs an intent-based protocol with a similar solver pattern but a different message-verification layer. The common thread: pools or solvers absorb the latency of source-chain finality so the user gets a fast exit, and the bridge takes inventory risk and rebalancing cost in exchange for the fee.
​

Independent of architecture, every bridge has to decide who attests to a source-chain event. Arjun Bhuptani's bridge trilemma classifies four models that span the security spectrum.
​

Trusted (multisig or MPC): A fixed set of validators sign cross-chain messages. Speed is high and verification is cheap, but the validator set is the trust assumption. Ronin's nine-of-twelve multisig and the original Multichain MPC fall here. When five Ronin keys leaked in 2022, the entire $624M float drained.
​

Light client (validity proof): The destination chain runs a light client of the source chain and verifies block headers cryptographically. IBC between Cosmos chains is the cleanest example, and zk light clients like the ones Polyhedra and Succinct ship are extending the model to EVM. Trustless but expensive in gas; not all chain pairs have efficient light clients.
​

Optimistic: Messages are accepted after a challenge window during which any watcher can submit a fraud proof. Nomad used this model before its August 2022 exploit, in which a misconfigured initialization let any user replay a message and drained $190M in twenty minutes. Across uses optimistic verification for solver settlement (not user funds, which solvers have already fronted), with UMA's optimistic oracle as the dispute layer.
​

Zero-knowledge: A succinct proof attests that a source-chain event happened. zkBridges remove the trust assumption almost entirely but cost more compute and add proving latency. Wormhole's ZK light client, Polyhedra's zkBridge, and Succinct's zk-IBC are early production instances. Adoption is rising; L2Beat tracks several rollup-to-rollup bridges shipping ZK validation in 2025-2026.
​

Bridges hold concentrated value with permissionless access, which makes them the highest-EV target in the industry. Five failure modes account for most of the historical losses.
​

Validator-key compromise. Ronin (March 2022, $624M) and Harmony Horizon (June 2022, $100M) both lost when attackers obtained enough multisig keys to authorize fraudulent withdrawals. Pure-multisig models without dispersed key custody and quorum rotation remain a target.
​

Smart contract bugs in verification logic. Wormhole's February 2022 hack ($326M) exploited a signature verification bug that let an attacker forge a guardian message and mint 120,000 wETH out of nothing. Rekt's writeup walks through the missing signature account check. Nomad's exploit was a one-line initialization flaw that treated any unproven message as proven.
​

Approve-and-drain on token approval contracts. Multichain in July 2023 lost roughly $130M after CEO key custody collapsed and unaudited admin paths exfiltrated funds from approved contracts. Approval architecture matters as much as bridge architecture: anything users approve to a bridge router is exposed if the router admin keys leak.
​

Liquidity-pool exhaustion under stress. Stargate, Hop, and similar liquidity bridges can degrade under heavy directional flow. If everyone wants to bridge from Arbitrum to Ethereum during volatility, pool depth on the destination side determines worst-case slippage. This is a UX failure rather than a security failure, but it shows up in real losses for users transferring under stress.
​

Reorg risk on weak source chains. A bridge that releases funds before source-chain finality is gambling that the deposit block does not get reorged. CCTP V1 waits ~13 minutes on Ethereum for a reason; bridges that release after fewer confirmations on probabilistic chains have eaten reorg losses, particularly during Ethereum's pre-Merge transition.
​

The recovery has been steady. DeFiLlama's hack dashboard shows bridge-specific losses dropped from ~$2B in 2022 to ~$300M in 2024 and lower still in 2025, as MPC migrated to TEE-backed signing, light clients matured, and bridges adopted formal verification on critical contracts. The category is no longer the largest source of losses in 2026; centralized exchange hacks have retaken the top spot in Chainalysis's quarterly reports.
​

The bridge landscape consolidated around a smaller number of providers after 2022. The names below cover most production volume.
​

Across — Intent-based liquidity bridge across Ethereum, all major rollups, and 15+ chains. Ships ERC-7683 intents natively and clears most user transfers in 2-30 seconds via competitive solvers. UMA's optimistic oracle handles dispute resolution on solver settlement.
​

LayerZero — General messaging protocol used by hundreds of applications, including Stargate (its native pool bridge) and OFT-standard tokens. V2 introduced configurable Decentralized Verifier Networks (DVNs), letting applications mix-and-match security committees per route.
​

Circle CCTP — Native USDC mint/burn across Ethereum, Solana, Arbitrum, Base, Avalanche, Polygon, Optimism, Noble, Sui, Aptos, Linea, Codex, and Unichain in 2026. CCTP V2 added fast finality with sub-15-second clears on most routes.
​

Wormhole — Multichain messaging with 19-guardian validation, Native Token Transfers (NTT) for canonical multichain assets, and a ZK light client road in active rollout. Ranks high on supported chain count, including Solana, Sui, Aptos, and Cosmos via IBC bridge.
​

Stargate — Liquidity-pool bridge built on LayerZero. Unified pools share liquidity across chains via the Δ algorithm, so users get instant guaranteed-finality transfers for the supported asset list (USDC, USDT, ETH, others).
​

Hyperlane — Permissionless interchain messaging where any chain can deploy a Hyperlane mailbox without core-team approval. Modular Interchain Security Module (ISM) lets applications choose their own validators or use defaults. Powers a growing share of rollup-launch bridges.
​

Axelar — Cosmos-based proof-of-stake interchain network with General Message Passing. Strong coverage of Cosmos, EVM, and an expanding list of non-EVM chains. Used by Frax, Squid, and dYdX integrations.
​

deBridge — Intent-based protocol focused on cross-chain swaps with deterministic execution. Solver competition drives 1-3 second clears on supported routes; deSwap aggregator front-end exposes the routing.
​

Bridges optimize for different points on the speed-trust-coverage triangle. Across and deBridge prioritize speed via solver fronting; CCTP prioritizes trust by inheriting Circle's issuer model; Wormhole prioritizes coverage with the largest chain count. No bridge wins on all three axes, which is why aggregators exist and why orchestration platforms like Eco select between rails per route.
​

For a deeper protocol-by-protocol breakdown, the cross-chain messaging protocols guide ranks the seven leading messaging layers by adoption, security model, and developer experience. The top cross-chain liquidity protocols guide covers the bridges that hold pre-positioned float.
​

Aggregators do not run their own bridges. They route across the bridge providers above, picking the cheapest, fastest, or most reliable path for a given transfer. Li.Fi, Squid, Jumper (Li.Fi's user-facing front-end), and Rango all sit at this layer.
​

Aggregators help when the user does not know which bridge to use, when supply on one bridge is exhausted and another has inventory, or when no single bridge supports the source-and-destination pair. They route automatically and quote in advance, which removes the manual comparison work. Squid specifically wraps Axelar GMP and adds Cosmos coverage; Li.Fi covers the broadest set of EVM bridges and DEX hops.
​

They hurt when the abstraction hides the trust model from the user. A swap quoted as "USDC on Ethereum to USDC on Solana" might route through CCTP (high trust, slow), Wormhole (medium trust, faster), or a wrapped path through Stargate (different token on the destination). The aggregator's UI usually surfaces the route, but users who do not read it can end up holding wrapped USDC.e instead of native USDC on the destination, with downstream liquidity fragmentation as a result.
​

Aggregators also charge a small markup, typically 0.1-0.3% on top of the underlying bridge fee, in exchange for the routing service. For high-volume teams the markup adds up, which is one reason many treasury and payment platforms run their own routing on top of bridge primitives instead of using third-party aggregators.
​

The same token name can mean three different assets depending on how it crossed chains. The distinction matters because the assets do not interchange and have different liquidity profiles.
​

Native USDC is USDC issued directly by Circle on a chain. Native USDC exists on Ethereum, Arbitrum, Solana, Base, Avalanche, Polygon, Optimism, Noble, Sui, Aptos, and others. Circle's CCTP burns native USDC on the source chain and mints native USDC on the destination, so the token after the bridge is exactly the same token a user could buy directly from Circle.
​

Canonical bridged USDC (often labeled USDC.e or USDC.b) is wrapped USDC issued by a chain's official bridge. USDC.e on Avalanche was the canonical version before Circle deployed native USDC there; many chains still have legacy USDC.e supply that users have not migrated. Canonical bridged USDC is fungible with native USDC only through the canonical bridge or a CCTP migration path Circle provides.
​

Wrapped USDC via a third-party bridge is a representation issued by a non-canonical bridge (Wormhole, Multichain historically, etc.). These tokens trade at slight discounts in some pools and depend on the bridge's solvency for redemption. Wormhole's wrapped USDC on Solana ceased to be the dominant version once Circle launched native USDC on Solana, but legacy supply and pools persist.
​

The practical advice: when bridging USDC for any production purpose (treasury, payments, settlement), specify CCTP or another native-mint route. Wrapped versions are fine for short-term DeFi but introduce a fragmentation tax that compounds as liquidity migrates. The digital dollars primer covers the broader USDC infrastructure.
​

The evaluation criteria reduce to four questions, with concrete numeric targets that distinguish production-grade rails from one-off integrations.
​

1. Trust model. Native-mint (CCTP, OFT, NTT) inherits the issuer's trust. Light client and ZK bridges approach trustless. Optimistic adds a challenge window, usually hours. Multisig and MPC depend on the validator set; sub-7-of-N quorums are aggressive, 13-of-19 (Wormhole guardian) is mainstream, and dispersed key custody matters as much as the threshold. Reject any bridge whose validator set is not publicly enumerated.
​

2. Finality time. Across and deBridge clear most user transfers in 2-30 seconds. CCTP V2 fast-finality lanes clear in 8-12 seconds; CCTP V1 hard finality is 13-20 minutes on Ethereum. Wrapped-token bridges typically clear in 1-30 minutes. For payments and treasury, sub-minute matters; for periodic settlement, finality consistency matters more than headline speed.
​

3. Asset and chain coverage. CCTP covers 13+ chains for USDC only. LayerZero, Wormhole, and Hyperlane each cover 30+ chains for arbitrary messages. Across covers 15+ chains for liquidity-bridge supported tokens. Match coverage to the routes the application actually uses; over-coverage is dead weight and adds attack surface.
​

4. Fee structure. Bridges charge a fixed gas component (source-chain transaction + destination-chain delivery) and a percentage component (0.04-0.4% on liquidity-pool routes, 0% on burn-and-mint native routes plus message gas). For a $10,000 USDC transfer, CCTP costs roughly $1-3 in gas; Across charges roughly $4-12 depending on speed; Stargate charges roughly $20-40 with a 6 bp pool fee. Compare end-to-end cost, not just the headline percentage.
​

The stablecoin API latency and fees article covers how these costs compose when bridges are used inside payment flows.
​

Eco is the stablecoin orchestration platform that abstracts bridge selection across rails. Instead of integrating CCTP for USDC routes, Across for fast generic transfers, LayerZero for messaging, and Hyperlane for permissionless rollup deployment separately, an application integrates Eco once and gets unified routing across all of those rails. Eco Routes (the CLI and API surface) submits an intent like "deliver 1,000 USDC on Base to address 0xabc within 30 seconds at minimum cost," and the network selects the cheapest qualifying path: CCTP V2 fast-finality if available, Across solver if faster, LayerZero OFT if the asset is non-USDC, and so on.
​

The selection is route-by-route, not bridge-by-bridge. A team running 10,000 stablecoin transfers per month does not need to know whether any specific transfer used CCTP or Across; they need the throughput, the cost ceiling, and the SLA. Eco operates at the layer above the bridges, with solvers competing on Eco's network to clear the intents the team submits. The cross-chain intent protocols guide covers the orchestration layer in more depth, and the stablecoin swap aggregators guide covers how aggregators sit on top.
​

For users who just want to swap stablecoins across chains in a single click, Eco Portal is the front-end equivalent: routes USDC, USDT, USDS, FDUSD, PYUSD, and RLUSD across 15+ chains with best-price routing and instant settlement.
​

Bridge security has improved substantially since the 2022 peak. DeFiLlama shows bridge-specific losses dropped from roughly $2B in 2022 to under $300M in 2024 and lower in 2025. Native-mint bridges (CCTP, OFT) and ZK light clients are the safest production options; pure multisig remains the highest-risk tier.
​

A bridge moves the same asset between chains (USDC on Ethereum to USDC on Solana). A cross-chain swap exchanges one asset for another across chains (USDC on Ethereum to USDT on Tron). Most aggregators handle both by chaining a bridge with a DEX hop on the destination, which is what Li.Fi and Squid expose.
​

Bridges hold concentrated value with permissionless access and rely on multiple verification layers, any of which can fail. Validator key compromise (Ronin), signature verification bugs (Wormhole 2022), and admin-key custody collapse (Multichain) account for most historical losses. The exposure is structural, not incidental.
​

No. Bridges support specific asset lists and chain pairs. CCTP supports USDC on 13+ chains. Across supports a curated list of ETH, USDC, USDT, and a handful of other tokens across 15+ chains. Long-tail tokens often require wrapping through LayerZero OFT or Wormhole NTT, or routing through a DEX hop on the destination.
​

Intent-based bridges (Across, deBridge) clear most user transfers in 2-30 seconds. CCTP V2 fast-finality lanes clear in 8-12 seconds on supported chains. Wrapped-token bridges typically clear in 1-30 minutes depending on source-chain finality and validator confirmation cadence.
​