Cross-Chain Bridges — The Hard Problem of Moving Bitcoin
Moving Bitcoin to other chains is one of crypto's hardest problems. Here's why bridges keep getting hacked and what solutions exist.
Uvin Vindula — IAMUVIN
Published 2026-03-12 · Updated 2026-03-19
Cross-Chain Bridges
Moving Bitcoin across chains is simultaneously one of the most desired and most dangerous operations in crypto. Bridges have been hacked for billions of dollars. Understanding why is essential for anyone in this space.
Why Bridges Are Hard
Bitcoin doesn't know other blockchains exist. It can't verify Ethereum state, and Ethereum can't verify Bitcoin state. So moving BTC to another chain requires some entity or mechanism to:
- Lock BTC on Bitcoin
- Verify the lock happened
- Mint a representation (wrapped BTC) on the destination chain
- Reverse the process when returning to Bitcoin
Step 2 is the hard part. Who verifies? How do you prevent fraud?
Bridge Trust Models
Centralized Custodian
A company holds BTC and mints wrapped tokens. Examples: WBTC (BitGo), cbBTC (Coinbase).
- Pros: Simple, fast, liquid
- Cons: Complete trust in custodian. Single point of failure. Regulatory risk
Federation / Multi-sig
A group of known entities jointly custody BTC. Examples: Liquid (federation), tBTC (threshold network).
- Pros: Distributed trust, no single point of failure
- Cons: Collusion risk. Federation members are known and pressurable
Optimistic / Fraud Proof
Assume the bridge operator is honest unless challenged. If fraud is detected, the operator loses their bond. Examples: BitVM bridges (in development).
- Pros: Only 1-of-N honest verifier needed. Economically secured
- Cons: Challenge period delays. Liveness requirements. Complex
Light Client / Relay
Run a light client of one chain inside the other. Example: ZK-verified Bitcoin headers on Ethereum.
- Pros: Most trustless approach
- Cons: Expensive on-chain verification. Bitcoin can't run smart contracts to verify other chains natively
Major Bridge Hacks
| Bridge | Year | Loss | Cause |
|---|---|---|---|
| Ronin (Axie) | 2022 | $625M | Compromised validator keys |
| Wormhole | 2022 | $320M | Signature verification bug |
| Nomad | 2022 | $190M | Configuration error allowing anyone to drain |
| Harmony Horizon | 2022 | $100M | Compromised multisig (2-of-5) |
Pattern: most bridge hacks exploit the custody/verification layer, not the cryptography itself. The trusted parties get compromised.
The BitVM Bridge Hope
BitVM's fraud proof model could enable the first truly trustless Bitcoin bridge. If anyone in the world can challenge a fraudulent peg-out, the trust assumptions collapse to "at least one honest person is watching." This is a dramatically better trust model than any existing bridge.
Several teams are racing to build this: Citrea (ZK-rollup on Bitcoin), BOB (Build on Bitcoin), and others.
My Recommendation
Until trustless bridges exist:
- Minimize bridge use. Keep most BTC on the Bitcoin network
- If you must bridge: Use established custodial bridges (WBTC, cbBTC) for short periods
- Never bridge more than you're willing to lose
- Consider Liquid or Lightning for Bitcoin-native transfers instead of bridges to other chains
Bridges are crypto's Achilles heel. Every bridge hack proves the same lesson: trusted intermediaries are security holes. The solution isn't better intermediaries — it's eliminating the trust requirement. That's what BitVM aims to do.
Stay updated on bridge technology on our blog.
By Uvin Vindula — IAMUVIN
Sri Lanka's leading Bitcoin educator. Author of "The Rise of Bitcoin".
Learn more →Related Articles
The Bitcoin Brief: LK
Weekly Bitcoin insights, market analysis, and Sri Lanka crypto news. Join 1,000+ readers.
Unsubscribe anytime · Educational content only