Quiz — Chapter 19: Interoperability: Bridges, Cross-Chain Communication, and the Multi-Chain Future
Multiple Choice
1. Why can't Ethereum validators natively verify transactions on Solana?
a) Solana uses a different programming language than Ethereum b) Each blockchain is a separate state machine with its own consensus, and validators only process their own chain's transactions c) Solana does not support smart contracts d) Ethereum's proof-of-stake cannot communicate with Solana's proof-of-history
Answer: b) Each blockchain is a separate state machine with its own consensus, and validators only process their own chain's transactions. The isolation is not about programming language differences but about the fundamental architecture: each chain's validators maintain and verify only their own state.
2. In a lock-and-mint bridge, what happens to the original asset on the source chain when a user initiates a cross-chain transfer?
a) It is destroyed (burned) permanently b) It is sent to a smart contract vault where it is locked and cannot be spent c) It is converted into a wrapped token on the same chain d) It is transferred to the bridge's validator committee
Answer: b) It is sent to a smart contract vault where it is locked and cannot be spent. The locked asset serves as the backing for the wrapped token minted on the destination chain. If the locked asset is stolen, the wrapped tokens become worthless.
3. Which of the following is the primary security concern with the lock-and-mint bridge model?
a) The wrapped tokens may not be compatible with the destination chain's token standard b) The bridge vault creates a "honeypot" — a single concentration of funds that attracts attackers c) Lock-and-mint bridges cannot support ERC-20 tokens d) The minting process is irreversible
Answer: b) The bridge vault creates a "honeypot." All locked assets from all users are concentrated in a single smart contract, making it an extraordinarily high-value target. A successful vault compromise affects every user of the bridge simultaneously.
4. The Ronin bridge hack was primarily caused by:
a) A zero-knowledge proof vulnerability b) A flash loan attack on the bridge's liquidity pool c) Social engineering that compromised enough validator keys to meet the signing threshold d) A reentrancy vulnerability in the bridge's smart contract
Answer: c) Social engineering that compromised enough validator keys to meet the signing threshold. The attacker (attributed to North Korea's Lazarus Group) compromised 5 of 9 validator keys — 4 from Sky Mavis and 1 from the Axie DAO — through social engineering, meeting the 5-of-9 threshold.
5. What made the Nomad bridge hack uniquely devastating compared to other bridge hacks?
a) It targeted multiple bridges simultaneously b) The exploit was trivially copyable — anyone could replay the attack by changing the recipient address c) It used quantum computing to break cryptographic signatures d) The attacker held the stolen funds for ransom
Answer: b) The exploit was trivially copyable. Because the bug caused the bridge to accept any message as valid, the original attacker's transaction calldata could be copied, the recipient address changed, and the new transaction broadcast by anyone. Approximately 300 addresses participated in the drain.
6. How does IBC (Inter-Blockchain Communication Protocol) verify cross-chain messages?
a) A committee of bridge-specific validators signs attestations b) The destination chain uses a light client of the source chain to cryptographically verify proofs c) A centralized oracle reports events from the source chain d) Both chains share the same validator set
Answer: b) The destination chain uses a light client of the source chain to cryptographically verify proofs. IBC eliminates the need for a trusted intermediary by having each connected chain maintain a light client of the other, using the source chain's own consensus to verify message authenticity.
7. What is the key security advantage of Polkadot's cross-chain communication (XCM) compared to third-party bridges?
a) XCM uses zero-knowledge proofs for verification b) All parachains share the Relay Chain's consensus, eliminating the need for a separate bridge trust assumption c) XCM only supports token transfers, reducing attack surface d) Polkadot's validators are selected by a central authority
Answer: b) All parachains share the Relay Chain's consensus. Because the same validator set secures all Polkadot parachains, cross-chain messages between parachains are verified as part of normal consensus — no additional bridge or trusted party is needed.
8. In LayerZero's architecture, what are Decentralized Verifier Networks (DVNs)?
a) Smart contracts that automatically verify cross-chain proofs on the destination chain b) Independent verification services that applications can choose to validate their cross-chain messages c) A fixed set of validators operated by LayerZero Labs d) Decentralized exchanges that provide liquidity for cross-chain swaps
Answer: b) Independent verification services that applications can choose to validate their cross-chain messages. LayerZero's modular architecture allows each application to select which DVNs must verify its messages, creating a configurable security model.
9. What is the "chain of custody" problem in cross-chain transfers?
a) The legal difficulty of tracking stolen crypto across jurisdictions b) Each bridge crossing adds a potential point of failure, and the security of bridged assets is only as strong as the weakest link in the entire path c) The challenge of maintaining transaction ordering across multiple chains d) The risk of double-spending during the bridging process
Answer: b) Each bridge crossing adds a potential point of failure. When an asset crosses a bridge, its security depends on the consensus of both chains AND the bridge. Multiple bridge crossings compound the risk multiplicatively — any single failure in the chain of custody results in loss.
10. Cross-chain MEV differs from single-chain MEV primarily because:
a) Cross-chain MEV is illegal in most jurisdictions b) Cross-chain operations cannot be executed atomically, introducing bridging delay risk and partial execution risk c) Cross-chain MEV can only be extracted by block producers d) Cross-chain MEV is always larger than single-chain MEV
Answer: b) Cross-chain operations cannot be executed atomically. On a single chain, arbitrage can be executed in a single atomic transaction that either fully succeeds or fully reverts. Cross-chain arbitrage requires separate transactions on separate chains, with bridging delay between them, creating risks that do not exist in single-chain MEV.
11. Which of the following is an argument FOR the mono-chain thesis?
a) Different applications have fundamentally different performance requirements b) Bridges are the most exploited infrastructure in crypto, and a single chain eliminates bridge risk entirely c) No single chain can process enough transactions for all use cases d) Application sovereignty requires separate chains
Answer: b) Bridges are the most exploited infrastructure in crypto. The mono-chain thesis argues that the $2.5 billion in bridge hack losses demonstrates a fundamental security problem with the multi-chain approach, and that concentrating activity on one chain preserves atomic composability and eliminates bridge risk.
12. Chainlink CCIP's "Active Risk Management" (ARM) network serves what unique function?
a) It generates zero-knowledge proofs for cross-chain messages b) It provides an independent monitoring layer that can halt the system if suspicious activity is detected c) It manages the liquidity pools used for cross-chain swaps d) It sets the fees for cross-chain transfers
Answer: b) It provides an independent monitoring layer that can halt the system if suspicious activity is detected. The ARM operates independently from the Committing and Executing DONs, creating a "defense in depth" approach where an attacker must compromise all three layers to execute a successful exploit.
13. The burn-and-mint bridge model eliminates the honeypot vault problem. Why is it not used for all cross-chain transfers?
a) Burning tokens is prohibitively expensive on most chains b) Only token issuers who can mint on multiple chains can use burn-and-mint — you cannot burn-and-mint a token without the issuer's cooperation c) Burn-and-mint is too slow for practical use d) Regulatory restrictions prevent token burning in most jurisdictions
Answer: b) Only token issuers who can mint on multiple chains can use burn-and-mint. Burn-and-mint requires the ability to create new tokens on the destination chain, which is only possible for tokens whose issuer participates in the bridge (like Circle's CCTP for USDC). Native chain assets like ETH cannot use this model.
14. A ZK bridge would verify cross-chain messages by:
a) Having a committee of validators sign attestations after observing the source chain b) Generating and verifying a cryptographic proof that an event occurred on the source chain, without trusting any intermediary c) Requiring both chains to use the same consensus mechanism d) Storing the full state of the source chain on the destination chain
Answer: b) Generating and verifying a cryptographic proof that an event occurred on the source chain, without trusting any intermediary. ZK bridges use zero-knowledge proofs to verify that a message was included in a valid block on the source chain. The verification is purely mathematical — there are no validators to bribe or keys to steal.
15. If you hold wrapped BTC (wBTC) on Ethereum that was obtained through Bridge X, and Bridge X is subsequently hacked, what happens?
a) Your wBTC is unaffected because it exists on Ethereum's secure consensus b) Your wBTC becomes worthless because the BTC that backed it has been stolen from the bridge vault c) Your wBTC is automatically converted to native ETH d) The Ethereum protocol compensates you from its insurance fund
Answer: b) Your wBTC becomes worthless because the BTC that backed it has been stolen from the bridge vault. Wrapped tokens are IOUs — their value derives entirely from the guarantee that they can be redeemed for the underlying asset. When the bridge vault is drained, that guarantee is broken, and the wrapped tokens lose their backing.
Short Answer
16. Explain the interoperability trilemma and describe which property each of the following systems sacrifices: (a) IBC, (b) a centralized exchange transfer, (c) LayerZero.
Answer: The interoperability trilemma states that a cross-chain system can optimize for at most two of three properties: generalizability (works across any chain pair), extensibility (easy to add new chains), and trust minimization (no trusted intermediary beyond the chains themselves).
(a) IBC sacrifices generalizability — it requires both chains to implement the IBC standard (primarily Cosmos SDK chains), but provides trust minimization (light client verification) and extensibility within the Cosmos ecosystem.
(b) A centralized exchange sacrifices trust minimization — you must trust the exchange to hold your funds and execute the transfer honestly, but it is highly generalizable (supports any chain the exchange lists) and extensible.
(c) LayerZero sacrifices (potentially) trust minimization — while it provides generalizability and extensibility, its actual security depends on the DVN configuration chosen by each application, which may involve trusted intermediaries.
17. Why did Vitalik Buterin argue in January 2022 that the future should be "multi-chain" but not "cross-chain"? How did subsequent events support or challenge his position?
Answer: Buterin argued that bridging introduces fundamental security risks: the security of a bridged asset degrades to the weakest link in the chain of custody (source chain, destination chain, and bridge). He advocated for multiple chains existing independently rather than being heavily interconnected through bridges. The Ronin hack ($625M) two months later dramatically validated his concern about bridge security. However, the growth of IBC (billions in volume without major exploit) and the development of ZK bridges suggest that trustless bridging mechanisms may eventually address the security concerns he raised, partially challenging the absoluteness of his position.
18. Describe how the Wormhole attack differed from the Ronin attack in terms of the vulnerability exploited, even though both were validator/guardian-based bridges.
Answer: The Ronin attack compromised the validator keys themselves through social engineering — the bridge's code worked exactly as designed, but the attacker controlled enough keys to meet the signing threshold. The Wormhole attack did not compromise any guardian keys; instead, it exploited a vulnerability in the Solana-side smart contracts that allowed the attacker to forge a guardian set, bypassing the signature verification entirely. Ronin was a key management failure; Wormhole was a smart contract logic failure. Both resulted in unauthorized minting, but through fundamentally different attack vectors.
19. Explain why liquidity pool bridges do not create wrapped tokens and what advantages and disadvantages this creates compared to lock-and-mint bridges.
Answer: Liquidity pool bridges use pre-deposited native assets on both chains. When a user deposits on Chain A, they receive native assets from a pool on Chain B — no wrapped tokens are created. Advantages: users receive real native assets (no depeg risk), transfers can be faster (no need to wait for finality attestation), and there is no single vault honeypot. Disadvantages: transfer sizes are limited by available pool liquidity, liquidity providers must lock capital on both chains (opportunity cost), pricing may be unfavorable during high demand (slippage), and liquidity providers bear the risk of bridge exploitation.
20. What is cross-chain MEV, and why does the loss of atomic composability make cross-chain arbitrage riskier than single-chain arbitrage?
Answer: Cross-chain MEV refers to value extraction opportunities that span multiple blockchains, such as arbitraging price differences for the same asset across chains. On a single chain, an arbitrage can be executed atomically in one transaction — if any step fails, the entire transaction reverts, and the trader loses only gas fees. Cross-chain arbitrage requires separate transactions on separate chains connected by a bridge with time delay. The trader executes the buy on Chain A but cannot guarantee the sell price on Chain B because prices may move during the bridging delay. If the price moves unfavorably, the trader cannot revert the purchase on Chain A — they are left holding an asset at an unfavorable price with no recourse. This bridging delay risk and loss of atomic reversion is the fundamental difference.