The frequency of cross-chain bridge incidents has been rising again. Honestly, every time I see the three words “await confirmation,” I can’t help but laugh—as if waiting for a few more blocks will somehow erase the hacker’s activity in the multisig and the oracle delay.



At its core, bridge security is a question of “who you trust.” Who controls the multisig? How many routes are there for the oracle’s data sources? The confirmation mechanism, in plain terms, is betting on a threshold time difference. And now a bunch of people aren’t even checking what that threshold is, yet they still charge in.

Recently, hardware wallets have been out of stock, and phishing links are flying everywhere. Security awareness may be improving, but for traps like cross-chain bridges—ones that are buried deep—many people still aren’t vigilant. In any case, I personally try to cross as little as possible. If I really have to cross, I only use the few options where the verification logic is the most transparent and the data sources are the most public. As for the rest, in plain terms, it’s just a custodial account on-chain—you might as well use a CEX directly.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned