ยท10 min readยทBy BridgeFees.com Research

How Do Cross-Chain Bridges Actually Work? (Technical Guide 2026)

Cross-chain bridges move assets between blockchains using a combination of smart contracts, validators or relayers, and cryptographic proofs. Here is how each architecture works under the hood.

When you click “Bridge” in a DeFi app and your tokens appear on another chain a few minutes later, a surprisingly complex sequence of events has occurred: smart contracts locked your assets, off-chain systems verified the intent, and a destination contract minted or released new tokens. This guide explains the mechanics behind each bridge architecture — from simple validator sets to zero-knowledge proofs — in plain language with enough technical depth to understand the tradeoffs.

The core problem: blockchains cannot read each other

Ethereum and Arbitrum are separate state machines. Ethereum does not know what is happening on Arbitrum, and vice versa. There is no built-in mechanism for a smart contract on Ethereum to say “this user sent me 1 ETH, so release 1 ETH on Arbitrum.” Bridges solve this by creating an off-chain communication layer — something that reads events on Chain A and triggers actions on Chain B.

Everything that can go wrong with a bridge ultimately traces to this off-chain layer: who controls it, how they verify truth, and what happens if they lie or are compromised.

Lock-and-mint architecture

Lock-and-mint is the oldest and most widely deployed bridge design. Here is the full flow:

  1. User deposits. You call a deposit() function on a bridge smart contract on Chain A (e.g. Ethereum). Your ETH is transferred to and locked in the contract.
  2. Event emitted. The deposit triggers an on-chain event: Deposit(user: 0xABC, amount: 1 ETH, destinationChain: 42161).
  3. Validators/relayers observe. Off-chain software (run by bridge validators or relayers) watches Chain A for these events.
  4. Attestation. Validators sign a message confirming the deposit. Most bridges require a threshold of signatures (e.g. 5-of-9 validators) before proceeding.
  5. Mint on destination. A relayer submits the signed attestation to the bridge contract on Chain B. That contract verifies the signatures and calls mint(), creating wrapped tokens in the user’s wallet.
  6. Redemption (reverse). To bridge back, the wrapped tokens are burned on Chain B, validators observe the burn, and the original assets are unlocked on Chain A.

This architecture concentrates risk in two places: the lock contract (a single treasury holding all bridged value) and the validator set (a small group whose signatures authorize minting). The Ronin bridge hack in 2022 exploited a compromised validator set to forge withdrawal signatures and drain $625M from the lock contract.

Liquidity pool (LP) bridges

LP bridges eliminate the single lock contract. Instead, they maintain separate pools of native assets on each chain, funded by liquidity providers who earn fees. The flow is fundamentally different:

  1. User deposits USDC into Pool A on Ethereum. The pool contract emits an event.
  2. Relayer observes and signals Chain B. A relayer posts a message (with a small bond) to the bridge contract on Arbitrum.
  3. Destination pool releases USDC to user from its Arbitrum-native supply.
  4. Rebalancing. Periodically, the bridge moves capital between chain pools to rebalance supply and demand, using canonical bridges or other mechanisms.

The key advantage: you receive native USDC on the destination, not a wrapped derivative. Risk is more distributed across multiple smaller pools rather than one giant treasury. Across Protocol uses an optimistic variant of this model with a single hub on Ethereum and a 2-hour challenge window for disputes.

Optimistic bridges

Optimistic bridges (inspired by Optimistic Rollups) operate on a “prove fraud after the fact” principle rather than requiring upfront consensus:

  1. A relayer observes a deposit event and immediately posts a “claim” to the destination chain: “I assert user 0xABC deposited 1 ETH.”
  2. The claim is accepted optimistically after a challenge window (typically 2–4 hours for third-party bridges, 7 days for native L2 bridges).
  3. During the challenge window, any watcher can submit a fraud proof to invalidate a false claim. Fraudulent relayers lose their bond.
  4. After the window expires with no challenge, the destination contract releases funds.

To avoid the wait, bridges like Across use fast liquidity: a relayer fronts the capital immediately from its own reserves and is reimbursed (plus fees) after the challenge window. Users get near-instant settlement; relayers bear the short-term liquidity risk. For more on how Across compares, see our Across Protocol review.

Zero-knowledge (ZK) bridges

ZK bridges replace the trust in validators or optimistic assumptions with cryptographic proof. Instead of asking “do we trust these 5 validators?”, a ZK bridge asks “is this proof mathematically valid?”

The mechanism: when a deposit occurs on Chain A, a ZK prover generates a succinct proof (a SNARK or STARK) that the deposit transaction was included in a valid block with a valid state transition. The proof is posted to Chain B’s verifier contract, which can check its validity in a single transaction — no matter how large the original computation.

ZK bridges offer the highest theoretical security because there is nothing to trust other than math. The practical limitations in 2026 are proving cost (generating ZK proofs requires significant compute and cost, though this has dropped dramatically) and coverage (ZK verification on a destination chain requires the destination to implement a light client for the source, which is complex engineering). Projects like Succinct Labs and zkBridge are making this practical at scale.

Canonical tokens vs. wrapped tokens

A canonical token on a chain is the “official” version of that token — either natively issued on that chain or verified and endorsed by the token issuer. A wrapped token is a derivative backed by a lock somewhere else. The distinction matters enormously:

  • Native USDC on Arbitrum is issued directly by Circle and redeemable 1:1 at any time. It has deep liquidity on all Arbitrum DEXes.
  • Bridged USDC via a third-party bridge is a wrapped version. It may trade at a slight discount, have less DEX liquidity, and lose its peg entirely if the bridge is exploited.
  • Multiple wrapped versions of the same token can co-exist on a chain (e.g. “USDC.e” from the Polygon PoS bridge vs native USDC on Polygon). They are not fungible without a swap.

Always check what token contract address you are receiving when bridging. CoinGecko and Etherscan both list official contract addresses for canonical tokens on each chain.

How bridge fees are calculated

Most users see a single fee quote but several layers contribute to it:

  • Gas on source chain: Ethereum mainnet gas is the dominant cost for ETH→L2 bridges. At 30 gwei, a simple bridge deposit costs roughly $5–$15 in gas alone. At 5 gwei (off-peak Sunday), the same transaction costs $1–$3.
  • LP fee: Liquidity providers charge a percentage (typically 0.03–0.25%) to bear the capital risk of fronting liquidity.
  • Relayer fee: The off-chain entity that posts transactions on the destination chain charges a small fee for gas cost coverage and profit margin.
  • Protocol treasury fee: Some protocols take a cut to fund development (often 10–20% of the LP fee).
  • Slippage (AMM bridges): AMM-based bridges like Stargate have pool imbalance costs that increase non-linearly with transfer size. See our bridge slippage explained guide.

Read more in our comprehensive cross-chain bridge fees breakdown.

Validator sets vs. decentralized verification

Most deployed bridges today use validator sets — a fixed group of entities who run off-chain software and co-sign cross-chain messages. The security of these bridges is only as strong as the security of their validator set. Key questions to ask:

  • How many validators are there? (more is better, up to a point)
  • What threshold is required? (5-of-9 is safer than 3-of-5)
  • Who controls the validator private keys? (hardware security modules vs. hot wallets)
  • Is the validator set permissioned (fixed) or permissionless (anyone can join)?
  • Are validators financially bonded? (staked capital that can be slashed for fraud)

Bridges are steadily moving toward decentralized verification through either permissionless validator sets with slashing (like LayerZero’s DVN model) or trustless ZK verification. But as of 2026, most production bridges still rely on trusted validator sets for performance and cost reasons.

Multi-hop routing

Not every chain pair has a direct bridge. If you want to move tokens from Avalanche to Optimism, there may be no direct route. Bridge aggregators solve this by chaining transfers through intermediate chains — typically through Ethereum as a hub. A transfer might route Avalanche → Ethereum → Optimism, executing two bridge hops in sequence.

Multi-hop routing increases complexity and cost but opens up many more chain pairs. Our multi-hop bridge routes guide explains when it makes sense and how BridgeFees.com optimizes across these routes automatically.

Security comparison: architecture risk profiles

  • Lock-and-mint + small validator set: Highest risk. Concentrated value + small trusted group = high exploit surface.
  • Lock-and-mint + permissionless validators + slashing: Medium risk. More decentralized, but still concentrated lock contracts.
  • Liquidity pool + optimistic: Medium-low risk. Distributed pools, challenge period catches fraud. Main risk: LP capital efficiency attacks.
  • Canonical L2 bridge: Low risk for deposits. 7-day withdrawal window is a feature, not a bug — it allows fraud proofs to work. Risk is in the rollup’s validity proof mechanism.
  • ZK bridge: Lowest trust assumption risk, but proving infrastructure is still maturing.

โ†’ Compare real-time bridge fees on BridgeFees.com — no wallet needed

Frequently Asked Questions

What is the most secure bridge architecture?

ZK bridges offer the strongest theoretical security because they rely on cryptographic proofs rather than trusted parties. In practice, the official canonical bridges for L2 networks (Arbitrum, Optimism, Base) are considered the most battle-tested because they inherit the security of Ethereum itself. Third-party bridges with optimistic challenge windows and large LP pools (like Across) offer a good balance of security and speed for most users.

What is a relayer and can I trust them?

A relayer is software (often a bot) that observes events on Chain A and submits the corresponding transaction on Chain B. Relayers are typically permissionless — anyone can run one — which means even if one relayer goes offline, others can pick up the transaction. In optimistic bridge designs, relayers post a financial bond to disincentivize fraud, and watchers can slash them if they submit false claims.

Why do optimistic L2 withdrawals take 7 days?

Optimistic rollups (Arbitrum One, Optimism Mainnet) use a 7-day fraud-proof challenge window. This means any withdrawal from L2 to Ethereum requires waiting 7 days for the security period to pass. This is a core security feature: it gives anyone time to submit a fraud proof if the rollup posted an invalid state root. Third-party bridges like Across bypass this for users by fronting liquidity; they absorb the 7-day wait on the back end.

What is the difference between Ethereum L1 bridge deposits and withdrawals?

Deposits (L1 → L2) are fast — ~10 minutes — because the L2 sequencer can accept your transaction immediately. Withdrawals (L2 → L1) require waiting through the challenge/finality window, which is 7 days for Optimism and Arbitrum and ~20 minutes for ZK rollups (zkSync Era, Starknet) which have cryptographic finality rather than optimistic finality.

Can a bridge give you the wrong amount?

Yes, in two ways. First, AMM bridges can deliver less than expected due to slippage if pool depth is insufficient for your transfer size. Always check the “minimum received” value before confirming. Second, fee configurations can change — the quote you see at the time of signing may differ slightly from execution if network conditions shift. Reputable bridges show a clear “minimum received” guarantee and will fail rather than give you less than that floor.

How do bridges handle token standards on different chains?

Most EVM chains (Ethereum, Arbitrum, Polygon, Optimism, BSC) use ERC-20 as the token standard, making cross-chain bridging straightforward. Non-EVM chains (Solana, Cosmos, Bitcoin) require more complex wrapping. Bridges like Wormhole handle cross-ecosystem transfers using their own VAA (Verified Action Approval) message format. See our Wormhole bridge guide for details on cross-ecosystem transfers.

#bridges#technical#education#guide

Compare live bridge fees

Apply what you just read. See real-time quotes from 10+ bridges without connecting a wallet.

Compare Bridge Fees

Related Guides

๐ŸŒ‰

What Is a Blockchain Bridge? Complete Beginner's Guide (2026)

8 min read

๐ŸŒ‰

The Cheapest Way to Bridge ETH from Ethereum to Arbitrum in 2026

7 min read

๐Ÿ’ก

Cross-Chain Bridge Fees Explained: Full Comparison of What You Pay

7 min read