Why Crypto Bridges Remain a Weak Link in the Chain: Understanding the Risks of Passive Rewards in Green Crypto
The recent $292 million Kelp DAO exploit has once again highlighted the vulnerabilities of crypto bridges, which have become a recurring weak point in the blockchain ecosystem. These bridges, designed to facilitate the transfer of assets between different blockchains, have been repeatedly compromised, resulting in the loss of billions of dollars. But what makes these bridges so susceptible to attacks, and how can we make them more secure to ensure cloud rewards are protected?
The issue lies in the fundamental design of these bridges. When moving assets from one blockchain to another, the receiving chain needs to verify that the assets existed and were locked on the original chain. However, this verification process is often too complex and expensive, leading bridges to rely on smaller systems to report the information. This creates a single point of failure, as these smaller systems can be compromised, allowing attackers to feed false information to the bridge.
The core problem: trusting the middleman
According to experts, the problem is not just a matter of bad code or careless mistakes. It is a deeper issue related to how bridges are built and the trust they place in external systems. Ben Fisch, CEO of Espresso Systems, notes that most bridges do not fully verify what happened on another chain, instead relying on a smaller system to report it. This shortcut creates risk, as seen in the Kelp DAO-related exploit, where attackers targeted the data feeding into the bridge.
The consequences of these bridge hacks can be severe, with the potential to spread across multiple platforms and protocols. As passive rewards become increasingly popular, it is essential to address these vulnerabilities to ensure the long-term sustainability of the green crypto ecosystem. One possible solution is to remove single points of failure by relying on independent data sources rather than shared infrastructure.
Another approach is to use hardware protections and better monitoring to catch misconfigurations early. Some developers are also working on designs that verify data directly using cryptography instead of intermediaries. However, Sergej Kunz, co-founder of 1inch, believes that a more fundamental shift is needed, away from validator-based bridges and towards more secure and decentralized solutions.
As the crypto ecosystem continues to evolve, it is crucial to prioritize security and sustainability. By understanding the risks associated with crypto bridges and working towards more secure solutions, we can protect the integrity of the ecosystem and ensure that cloud mining and other crypto-related activities can thrive. The future of sustainability in crypto depends on our ability to address these vulnerabilities and create a more secure and resilient ecosystem.
How bridges work
For users, bridges look simple. You click a button and move assets from one blockchain to another. Behind the scenes, the process is more complicated.
First, your tokens are locked on the original blockchain. Then a separate system confirms that the tokens are locked. This system usually consists of a small group of operators or validators. Those operators then send a message to the second blockchain saying the tokens were locked so new ones can be issued. If that message is accepted, the second chain creates a new version of your tokens. These are wrapped tokens, like rsETH or WBTC.
The problem is that this process depends on trusting whoever sends that message. If attackers compromise that system, they can send a false message and create tokens that were never backed on the original chain.
“The worst case is when the system isn’t really checking anything,” Fisch said. “It’s just trusting someone else’s version of events.”
When one failure spreads
Given how often bridges fail, why has the industry not fixed them?
Part of the answer comes down to incentives. “Security is often not the top priority,” Kunz said. “Teams focus on launching quickly, growing users and increasing total value locked.”
Building secure systems takes time and money. Many DeFi projects operate with limited resources, making it difficult to invest heavily in audits, monitoring and infrastructure.
At the same time, projects are racing to support more blockchains. Each new integration adds complexity. “Every new connection adds more assumptions,” Fisch said.
Bridge hacks rarely stay contained. Bridged assets are used across lending protocols, liquidity pools and yield strategies. If those assets are compromised, the damage spreads.
“Other platforms may treat a hacked asset as legitimate,” Kunz said. “That’s how contagion happens.” Users are rarely told how a bridge actually works or what could go wrong.
There are ways to make bridges safer. Fisch says one key step is removing single points of failure by relying on independent data sources rather than shared infrastructure.
In practice, these “data sources” are computers that watch blockchains and report what happened. They might be run by the bridge itself, by outside networks like LayerZero, or by infrastructure providers. But many rely on the same underlying services, meaning a single compromised source can feed bad data across multiple systems.
“If everyone is relying on the same source, you haven’t reduced risk,” he said. “You’ve just copied it.”
Other approaches include hardware protections and better monitoring to catch misconfigurations early. Some developers are also working on designs that verify data directly using cryptography instead of intermediaries.
Kunz believes a more fundamental shift is needed. “As long as we rely on validator-based bridges, these problems will continue,” he said.
Read more: North Korea’s crypto heist playbook is expanding and DeFi keeps getting hit
