Why Bridges Carry Risk
Cross-chain bridges have historically been targets for major DeFi exploits.| Incident | Loss | Cause |
|---|---|---|
| Ronin | $625M | Validator key compromise |
| Wormhole | $320M | Signature verification bug |
| Nomad | $190M | Merkle root vulnerability |
| Harmony | $100M | Multi-sig compromise |
TED Protocol’s Approach
Integration-Only Model
TED Protocol does not operate its own bridge. We integrate only battle-tested existing bridges.| Bridge | Operator | Value Secured |
|---|---|---|
| Circle CCTP | Circle (USDC issuer) | $25B+ |
| LayerZero | LayerZero Labs | $10B+ |
| Wormhole | Wormhole Foundation | $3B+ |
What We Don’t Do
- Run validators or guardians
- Custody bridged assets
- Modify bridge contracts
- Create wrapped tokens
What We Do
- Call official bridge SDKs
- Use verified contract addresses
- Display bridge selection transparently
- Monitor transfer completion
Bridge-Specific Risks
Circle CCTP
Uses centralized attestation by Circle.| Risk | Level | Notes |
|---|---|---|
| Circle compromise | Very Low | Regulated US company, institutional security |
| Attestation delays | Low | Timeout handling built in |
| USDC blacklist | Awareness needed | Characteristic of USDC itself |
LayerZero
Uses Decentralized Verifier Networks (DVNs).| Risk | Level | Mitigation |
|---|---|---|
| DVN collusion | Very Low | Multiple independent DVNs required |
| Message forgery | Very Low | Cryptographic verification |
| Liveness failure | Low | DVN redundancy |
Wormhole
Uses a guardian network of 19 validators.| Risk | Level | Mitigation |
|---|---|---|
| Guardian compromise | Low | Distributed keys, 13-of-19 threshold |
| Smart contract bugs | Low | Multiple audits post-2022 |
- Complete security overhaul
- Increased guardian count and diversity
- Enhanced monitoring and response
- $10M+ bug bounty program
Risk Comparison
| Aspect | CCTP | LayerZero | Wormhole |
|---|---|---|---|
| Trust Model | Centralized (Circle) | Decentralized (DVN) | Semi-decentralized (Guardians) |
| Track Record | Clean | Clean | Recovered from 2022 |
| Value Secured | $25B+ | $10B+ | $3B+ |
| Response Time | Fast | Fast | Medium |
User Protections
Before Transfer
- Bridge selection shown in UI
- All costs displayed upfront
- Expected completion time shown
- Minimum amount validation
During Transfer
- Real-time status tracking
- Direct links to bridge explorers
- Automatic retry for stuck transfers
After Transfer
- Completion notification on fund arrival
- Full transaction history recorded
- Support escalation for unresolved issues
What If a Bridge Fails?
Temporary Failure
Bridge is slow or temporarily unavailable.- Transfer is delayed, not lost
- Automatic retry mechanisms activate
- Manual retry available
- Funds remain safe on source chain until confirmed
Security Incident
An exploit is discovered.| Response | Description |
|---|---|
| Immediate disable | Affected bridge blocked |
| Traffic reroute | Route to alternative bridges |
| Status communication | Immediate user notification |
| Resolution wait | Wait for bridge team recovery |
Best Practices
Minimize Bridge Exposure
- Use native bridges when possible (CCTP for USDC is safest)
- Don’t bridge more than needed
- Split large transfers
- Verify destination address before confirming
Monitor Your Transfers
- Don’t close browser during cross-chain transfers
- Save transaction hash for troubleshooting
- Check bridge explorers for independent verification
- Contact support if transfer seems stuck (don’t assume funds are lost)
Emergency Procedures
If Transfer Stuck More Than 1 Hour
- Check bridge explorer (LayerZero Scan, Wormhole Scan)
- Verify source transaction confirmed
- Check destination chain for pending transactions
- Use manual retry if available
- Contact TED Protocol support if needed
If You Suspect an Issue
- Do not send additional transfers
- Screenshot all transaction details
- Check TED Protocol and bridge protocol status pages
- Report concerns to [email protected]