mev-toolkit/MEV_and_trading/bridges

bridges

centralized

• Centralized bridges are essentially hot wallets straddling the fence between multiple chains.
• They hold a user’s assets on one chain and issue them a corresponding amount of tokens on another chain.
• Liquidity on both sides is managed by the centralized entity.
• Binance is probably the best example of a centralized bridge operator, straddling the fence between Ethereum and Binance Smart Chain.
• The security risks of a centralized bridge are the same security risks that exist for exchanges and custodians.
• Their primary responsibility is securing private keys (key management), and as a result centralized bridges have proven to be pretty secure.

proof-of-stake bridge

• Proof of Stake bridges are like little blockchain networks narrowly focused on facilitating cross-chain activity.
• Whereas centralized bridges are managed by a single entity, proof of stake bridges are managed by a group.
• They often involve multisigs or some form of escrow mechanism controlled by a group of signers/validators that watch and vote on the ability to unlock corresponding assets on another chain.
• Because POS bridges involve both smart contracts and a group of centralized gatekeepers, they inherit all the code risk of Web 3 and the traditional security risks of Web 2 (key management, access controls).
• POS bridges have the most attack vectors, and have unfortunately been the victims of most of the major exploits.

decentralized bridge

• Decentralized bridges take a proof of deposit from one chain and validate it on the other chain (ex: Polygon Plasma Bridge).
• Decentralized bridges are all code. They don’t rely on centralized signers/validators, so while there’s more code risk, they don’t have to worry about the traditional security risks that POS bridges deal with.
• Decentralized bridges are newer and facilitating less activity than the other bridge types, but there are no known exploits.