Bridges concentrate enormous value in a few contracts, which makes them one of the most attacked targets in crypto. Some of the biggest thefts ever have been bridge hacks. This lesson is a deliberate warning before you move funds across chains.
Why bridges are such a target
A lock-and-mint bridge holds all the real assets locked on one side while wrapped versions circulate on the other. Break the contract or the keys that control it, and an attacker can mint unbacked tokens or drain the locked reserves — often hundreds of millions in a single exploit.
Three cautionary cases
| Bridge | When | Loss | What went wrong |
|---|---|---|---|
| Ronin | Mar 2022 | ~$600M | Attackers obtained five of nine validator keys (via spear-phishing) and forged withdrawals; later attributed by US authorities to North Korea's Lazarus Group |
| Wormhole | Feb 2022 | ~$320M | A signature-verification flaw let the attacker mint 120,000 wrapped ETH with no collateral |
| Nomad | Aug 2022 | ~$190M | A faulty update let almost anyone spoof valid messages — it was "crowd-looted" by hundreds of copycats |
Different root causes — compromised keys, a code bug, a botched upgrade — but the same lesson: the bridge layer is where a great deal can go wrong at once.
How to reduce your exposure
- Prefer established, audited bridges with a long track record and, ideally, decentralized validation rather than a few keys.
- Don't let funds sit in wrapped form longer than needed — bridge, use, and move on.
- Test with a small amount every time, and verify the official URL to dodge fake "bridge" phishing sites.
- Spread risk — avoid routing your entire balance through one bridge in one go.
- Check for incidents — a quick look for recent exploit news on a bridge is worth the minute.
Bridging is sometimes necessary, and modern bridges are better audited than the 2022 generation — but treat it as the highest-risk routine action in DeFi and size accordingly.
- Bridging a large sum through an unfamiliar or unaudited bridge to save a little.
- Holding wrapped assets long-term, maximizing the window an exploit can hit.
- Trusting a 'bridge' link from an ad or DM — fake bridges are a common phishing lure.