Ethereum’s rollup-centric roadmap as well as the continued development of other specialized ecosystems form a multi-chain world, posing challenges to the industry in the form of fractured liquidity, duplication of wrapped tokens, and exploits. The usage and designs of cross-chain bridges have evolved tremendously over the past year and display a number of clear trends.
We find patterns of consolidation around early movers and a strong preference for decentralization and security in latecomers if they represent a substantial upgrade from existing market players. In particular, we have seen bridging activity increasingly consolidate around Ethereum rollups leading to a reduction in the size and frequency of bridge-related hacks. However, the current market size for cross-chain protocols is still small relative to leading DeFi protocols, but that may change with improved technologies and new use cases.
Consolidation of Token Standards
When transferring assets between chains, bridges need to mint a new wrapped token if there is no preexisting equivalent token on the destination chain. The minted token’s value is backed by a pool of tokens locked in escrow on the source chain.
However, this poses two fundamental issues: (1) different bridging implementations can mint different versions of the same underlying on the destination chain and (2) a hack of the escrow contracts can render all minted tokens on the destination chain worthless. In light of (1), most rollups and alternative layer-1 networks (L1s) launch with a canonical bridge, a bridge that is created by the same development team as the network itself. Canonical bridges are the de facto standard for minting non-native tokens, which can then be leveraged by third party bridges. However, not every bridge design reuses the canonical bridged token, leading to fractured liquidity within a destination chain.
Difficulties with tokenization standards and their consolidated patterns are perhaps best exemplified by tokenized bitcoin on Ethereum as there is no canonical bridge between the two. There are a number of tokenized bitcoin versions, including wBTC, renBTC, tBTC, imBTC, bBTC, and hBTC. The former three tokens are minted via decentralized bridges, while the latter three are bridged via a centralized custody and minting platform. As one might expect, the centralized tokens have not seen adoption in many DeFi protocols, and more than half of their total supply is concentrated in a single address. See chart 1. On the other hand, tokens minted via decentralized bridges have a wider distribution of holders and see greater usage across various protocols. In our view, decentralization will remain a key aspect of long-term adoption for bridged tokenization standards.
Among decentralized bitcoin tokens, wBTC sees the most usage by a wide margin. The top 10 holding addresses for wBTC are either in lending protocols or bridges, and less than 1% of its supply on Ethereum is in any single automated market maker (AMM) pool. The top 3 addresses – consisting of over 25% of the wBTC supply – are in Aave and Compound contracts, indicating that the current leading demand for bridges is to use non-native tokens as collateral for leverage.
In contrast, the top holding address for renBTC and tBTC are both in Curve smart contract pools at 9% and 32% respectively, and are paired against other forms of tokenized bitcoin (Source: Etherscan). Although renBTC and tBTC are a minor fraction of tokenized bitcoin supply today, they had market capitalizations of over $1B and $100M at their peaks respectively, which has since dwindled due to the consolidation around wBTC (Source: Coingecko).
Notably, wBTC was launched in early 2019, while renBTC and tBTC launched more than a year later in 2020. Today, the supply of wBTC is more than 400 times that of renBTC and tBTC combined. Early adoption, along with decentralized trust and security, often create a flywheel effect that drives the dominance of a bridge and its wrapped token versions
Parallels in Bridging Consolidation
We see a similar consolidation structure in the underlying usage of bridges as well. At the start of 2022, approximately Ξ400k was locked in canonical rollups, representing less than 25% of all bridged ETH. As of October 2023, this has quadrupled to more than Ξ1.8M, growing to a dominant 80% of all bridged ETH. See chart 2. This reflects a shift in activity from L1s into rollups as users bridge their ETH back into Ethereum-centric networks.
Noteworthy reductions of escrowed ETH in bridges over the same timeframe include an 85% reduction in the Avalanche Bridge escrow from more than Ξ520k to less than Ξ55k and a 98% reduction in the Multichain Bridge from more than Ξ530k to less than Ξ10k (prior to the July 2023 hack). Currently, the Polygon PoS bridge is the largest non-rollup escrow of bridged ETH with about Ξ200k in escrow – a 60% drop from a February 2022 peak of Ξ540k (Source: Coinbase). Given that the destination of most bridged ETH is to another EVM-compatible blockchain, this once again suggests that capital aggregates to networks with better understood security principles.
In our view, ETH in escrow is a comparatively clearer metric for bridging adoption on Ethereum since many other commonly bridged tokens like USDC and USDT are now natively issued on several rollups and L1s, which has reduced their bridging demand. While we saw strong growth in the quantity of bridged ETH in 2023, the quantity of bridged USDC and USDT has dropped by more than 50% from its April 2022 peak, indicating a strong market preference for native tokens where available. See chart 3.
We shy away from using bridging volume as a metric for adoption due to the behavior of airdrop farmers who may continuously bridge back and forth to generate onchain activity for airdrop eligibility as highlighted in our recent commentary on mercenary liquidity. For example, the highest volume bridge in September 2023 was the feeless zkSync Era bridge with nearly $1.3B in volume (Source: DefiLlama). At the same time, the amount of ETH locked in the zkSync Era bridge decreased by approximately $10M while USDC and USDT increased by $11M, keeping the value in escrow relatively flat (Source: Coinbase).
In Rollups we Trust
The most egregious hacks in crypto history have been against bridges, with more than $1.5B in assets stolen in 2022. However, the value lost to bridge related hacks have declined 90% in 2023 year-to-date to less than $140M, and in fact, the peak of these exploits occurred in 1Q22. See chart 4. While risks certainly still exist, bridge related hacks are likely to continue trending lower while bridging demands for rollups remains dominant and bridge designs continue to leverage canonical rollup bridges for escrow.
To oversimplify, most cross-chain bridging and interoperability protocols have the following workflow:
- Step 1: Source chain commit. Data is sent to a bridge contract on the source chain which gets committed to the ledger state. This data could be a combination of tokens and instructions.
- Step 2: Cross-chain relay. One or more off-chain relayers sees the state change in the bridge contract, signs the data payload, and broadcasts it to the bridge contract on the destination chain. (See footnote 3)
- Step 3. Destination chain processing. The destination bridge contract validates the data payload, verifies the signature, and then executes the prescribed actions.
Many of the largest bridge hacks that have occurred are a result of the complexities around steps 2 and 3 – in particular the signing and validation of messages by the relayers. In the Ronin bridge hack (March 2022), the validation of a message required the approval of 5 out of 9 relayers. With the private keys of those relays compromised in a social phishing attack, the hacker was able to forge data payloads to signify withdrawals. The Multichain hack (July 2023) also saw the private key of the relayers leaked, leading to valid signatures for fraudulent transactions.
On the other hand, the PolyNetwork exploit (August 2021) saw the hacker brute-force a weak implementation of signature verification, and spoof a function aptly named `verifyHeaderAndExecuteTx`. Likewise, the Wormhole hack (February 2022) occurred due to a bug in the `verify_signatures` function logic on the destination chain. The Nomad hack, Binance Bridge hack, Harmony Bridge hack, and most other major bridge hacks were exploited around steps 2 and 3.
Compared with third party bridges, the attack vector of canonical rollup bridges is much smaller due to their close integration with the fundamental proof-based security of the rollup itself and the high level of scrutiny placed on their development. In line with the increased amount of ETH locked in rollup escrow, the magnitude and rate of bridge related hacks has dropped.
Bridging Business Models
Fee structures vary widely across bridges. Most canonical bridges do not charge any fees, while most third parties ones do. Common costs for bridges include a combination of (1) fees for liquidity providers on the destination blockchain, (2) fixed fees for general usage, typically a percentage of value transferred, and (3) fees for relayers in an intermediate network layer, typically bundled together with gas costs. On top of these protocol fees, users are also responsible for covering gas costs on both the source and destination chains. The fee structures for some of the highest volume bridges are listed in Table 1.
Table 1. Fee structures of select popular bridges
Name | Fee Structure |
---|
Across | Fixed bridge fees (typically 0.06% to 0.12%) and a dynamic fee to the relayers. |
Allbridge | Flat 0.3% bridge fee, down to 0.1% on select chains. The bridge fee can be reduced to 0.05% by staking the token ABR. |
Arbitrum Bridge | No additional fees. |
Avalanche Bridge | Flat 0.025% fee, with a min of $3 and a max of $250. Only applied when bridging from Ethereum to Avalanche. |
Base Bridge | No additional fees. |
Connext | Flat 0.05% swap fee and a dynamic fee to the relayers. |
Gravity Bridge | Flat 0.04% bridge fee. |
Hop | Flat 0.04% swap fee and a dynamic bonder fee between 0.05-0.30%. |
Meson | Flat 0.05% service fee and dynamic fees to liquidity providers ranging from 0%-0.1%. |
Optimism Bridge | No additional fees. |
Polygon PoS Bridge | No additional fees. |
Portal via Wormhole | Fees are less than one cent. |
Rainbow Bridge | No additional fees on the original version. For the Fast Rainbow Bridge, there is a flat 0.1% bridge fee. |
Satellite via Axelar | Dynamic fees for the underlying relayer network. |
Stargate.Finance via LayerZero | Flat 0.06% fees and a dynamic rebalancing fee. |
Synapse | Dynamic fees for the underlying relayer network. |
zkSync Era Bridge | No additional fees. |
Most bridges with fees are in the range of 0.05% - 0.30%, skewing slightly higher than Curve and Uniswap V3’s AMM fees at 0.04% and 0.01/0.05/0.30% tiers respectively. However, revenue from bridges pale in comparison to those on DEXs due to the massive disparity in volume. The most used fee-bearing bridge in September was Stargate Finance, with a total volume of $1.2B. Over that same timeframe, Uniswap saw more than $17.7B in aggregated volume across all chains, and that was Uniswap’s lowest volume month since 2020 (Source: DefiLlama). Cross-chain swapping demand is small relative to demand for swaps within a single chain. However, we believe that the demand for bridges may rise as more assets are uniquely issued on distinct chains.
Generic Interoperability
While most early bridges focused solely on the transfer of tokens, a number of high profile projects promote the ability to send arbitrary data between unrelated networks. These messages can contain not only token information, but also generalized execution information, unlocking generic cross-chain execution.
Meta-networks, like Cosmos, Avalanche, or Polkadot continue to build out cross-chain interoperability focused within their domains (IBC for Cosmos, AWM for Avalanche, XCM for Polkadot, etc.). Likewise, Ethereum is finalizing EIP-5164 for cross-chain EVM messaging standards. Moreover, third-party projects such as Chainlink's CCIP, Layer Zero, Wormhole, Axelar, and more promise interoperability both within and between different meta-networks.
Although adoption of generic interoperability protocols is still nascent, we see value in enabling communication across chains with unique native tokens, protocols, and network properties – particularly in a world where major traditional behemoths like Citigroup, Goldman Sachs, J.P. Morgan, and others are actively tokenizing real world assets (RWAs) on different blockchain networks. However, like with early bridging technologies, we are cognizant of the importance of verifying the security of new cross-chain applications as they emerge.
Challenges
The primary headwinds we see in the cross-chain space are technical overheads and a lack of standardization. Despite improvements to interoperability technology, existing applications that are built to execute on a single chain cannot be easily retrofitted to support cross-chain functionality. Since a transaction must be settled on the source chain before having its message posted to the destination chain, cross-chain transactions are inherently asynchronous and settle across multiple blocks. This introduces a new class of bugs and limits forms of smart contract composability like flash loans that require single block settlement.
Furthermore, standardization issues with non-native tokens across different bridging protocols will continue to exist as competitors fight for market share, particularly for discrete ecosystems without a canonical bridge. Unlike in some other technical fields where communities collaborate to achieve common technical specification, the crypto community is far more gated as there is a direct link between an uncompromising adoption of one standard and economic gains. It will be worth keeping an eye on regulatory or regulated-industry standards of adoption surrounding the bridging of tokenized RWAs as that will be a driving force for consensus.
Conclusion
Among various cross-chain interoperability protocols, the unique value propositions boil down to the core axes of developer & user experience, security, and fees. In our view, we see consolidation around interoperability protocols following a similar flywheel to tokenization standards, where early adoption and a focus on decentralization and security are predictors of long-term success.
As dominant standards for secure bridging and interoperability emerge, we will likely continue to see fewer exploits, with concentration of liquidity primarily in canonical bridges and a handful of third party bridges. In our view, the true transformative value of bridging and interoperability will arise in tandem either with the mass issuance of RWAs on separate tokenization platforms or with the growth of unique protocols on separate chains. Despite some short to medium-term headwinds, we believe that bridges are here to stay and will continue to play a key role in the ecosystem.