Blockchain bridges—critical infrastructure for cross-chain interoperability—have emerged as the largest financial risk vector in Web3 due to recurrent security breaches. This paper systematically analyzes the design and operational mechanisms of 43 mainstream bridges, introducing three foundational bridge security priors, formally characterizing 13 architectural patterns, and distilling 23 real-world attack vectors. We propose a layered threat model spanning source chain, off-chain relayer layer, and destination chain. Methodologically, we develop a novel defense framework integrating hierarchical verification and dynamic circuit-breaking, supported by static analysis, transaction tracing, formal modeling, and empirical benchmarking to identify recurring vulnerability patterns in access control, verification logic, and trust assumptions. Our contributions include a reusable security assessment methodology and a principled design decision framework for bridges, enabling standardized, high-resilience cross-chain infrastructure development.

Blockchain bridges have become essential infrastructure for enabling interoperability across different blockchain networks, with more than $24B monthly bridge transaction volume. However, their growing adoption has been accompanied by a disproportionate rise in security breaches, making them the single largest source of financial loss in Web3. For cross-chain ecosystems to be robust and sustainable, it is essential to understand and address these vulnerabilities. In this study, we present a comprehensive systematization of blockchain bridge design and security. We define three bridge security priors, formalize the architectural structure of 13 prominent bridges, and identify 23 attack vectors grounded in real-world blockchain exploits. Using this foundation, we evaluate 43 representative attack scenarios and introduce a layered threat model that captures security failures across source chain, off-chain, and destination chain components. Our analysis at the static code and transaction network levels reveals recurring design flaws, particularly in access control, validator trust assumptions, and verification logic, and identifies key patterns in adversarial behavior based on transaction-level traces. To support future development, we propose a decision framework for bridge architecture design, along with defense mechanisms such as layered validation and circuit breakers. This work provides a data-driven foundation for evaluating bridge security and lays the groundwork for standardizing resilient cross-chain infrastructure.