Fluid Multi-Chain Deployment: Evaluating Bridge Solutions

Context

Fluid team proposes to allocate 0.25% of the $FLUID supply to establish $FLUID liquidity on L2s starting with Arbitrum to start incentives on the DEX. We are looking for community feedback on the best bridge provider for $FLUID.

1. Introduction

As we prepare to deploy our token across multiple networks, we must choose a bridging solution that ensures:

• Security: Avoiding exploits and ensuring robust verification models.
• Cost Efficiency: Reducing gas fees and transaction costs.
• Decentralization: Minimizing trust assumptions and avoiding central points of failure.
• Liquidity Management: Maintaining token supply consistency across networks.
• User Experience: Enabling fast, seamless transactions without complexity.

This research evaluates native bridges (such as the Arbitrum Bridge) and third-party solutions (LayerZero, Socket, Axelar, Wormhole, CCTP) to help determine the best approach.

2. Overview of Bridge Types

A. Native Bridges (e.g., Arbitrum, Optimism, Base, Polygon PoS, Avalanche)

Native to the chain, usually the most secure option.
Fully trustless, uses the chain’s own security mechanisms.
Does not introduce wrapped assets (preserves token integrity).

Fragmented liquidity. deployment via a native bridge is a wrapped asset technically, and prevents tokens from freely moving between supported networks.
Slow finality for some networks (e.g., Arbitrum takes 7 days for withdrawals).
Limited interoperability (cannot move tokens to non-native chains).

B. Third-Party Bridges (LayerZero, Socket, Wormhole, Axelar)

Fast cross-chain transactions (seconds to minutes).
Broader chain support (beyond just L2s).
Can offer enhanced security with decentralized verification networks (DVNs) or optimistic relayers.
Security varies by implementation (e.g., Wormhole has been exploited before).
Trust assumptions (some require trusted relayers or multi-signature committees).

3. Comparative Analysis of Bridge Solutions

Solution	Security	Decentralization	Speed	Cost	Liquidity Model	Best Use Case
Arbitrum Bridge	(Rollup security)	Fully trustless	Slow (7-day exit)	Low	Native	Ethereum ↔ Arbitrum transfers
LayerZero (OFTs)	(DVNs configured by omnichain applications)	permissionless set of 40+ decentralized verifier networks	Fast	Low	Native	Cross-chain token standardization and composable messaging
Socket	(Depends on implementation)	Configurable trust models	Fast	Low	Native	flexibility with rate limits and switchboards
Axelar GMP	(Cosmos validators)	Fully decentralized	Fast	Medium	Wrapped	Secure & composable messaging
Wormhole	Previously exploited	19 Guardian validators	Fast	Medium	Wrapped	Solana & high-speed transfers

Native Bridges Assessment

Arbitrum Bridge (and Other L2 Native Bridges)

• Uses Ethereum’s rollup security with fraud proofs for withdrawal verification.
• Optimistic Finality: Deposits are instant, but withdrawals take 7 days due to fraud challenge periods.
• Best for moving assets within Ethereum’s ecosystem but not suitable for cross-chain use cases (e.g., moving assets to Avalanche, Solana).

Pros:

• Fully trustless and inherits Ethereum’s security.
• No reliance on third-party relayers or bridges.

Cons:

• Slow finality for withdrawals (7-day delay on Arbitrum, Optimism).
• Only works for Ethereum-compatible chains (not multichain).

LayerZero (OFT Model) Assessment

LayerZero v2 introduced Decentralized Verifier Networks (DVNs), offering tailored security for cross-chain messaging. Fluid can utilize LZ’s existing 40+ DVNs, 112+ Endpoints, and $85B+ in OFT tokens.

Key Benefits:

• Modular Security: OApp owners configure DVN security stacks.
• Universal Composability: OFTs maintain consistent addresses across chains.
• Unified Liquidity: Eliminates wrapped assets, preventing fragmentation.
• Flexible Cost Structure: Projects decide security trade-offs and fees.

Pros:

• Fast finality (~seconds).
• No wrapped tokens = 1:1 backed liquidity across chains.
• Highly modular security/network path/fee setups.

Cons:

• Requires initial setup to configure security models (trade-off for customization).

Socket (SuperToken) Assessment

Socket’s SuperToken framework enables tokens to maintain unified liquidity across multiple chains while allowing modular security configurations.

Key Features:

1. Modular Security via Switchboards

• Native Rollup Verification for L1 → L2 transfers.
• Fast Switchboard for L2 → L1 transfers (with rate limits to mitigate risks).

2. Built-in Rate Limits

• Configurable daily caps to enhance security.

Pros:

• Flexible security models, enabling customized trust assumptions.
• No liquidity fragmentation, ensuring efficient token movement.

Cons:

• Requires relayers for some transfers (partially centralized verification).

Axelar ITS Assessment

Axelar provides a secure and composable interoperability layer for cross-chain assets, enabling tokens to move across multiple blockchains using its Interchain Token Service (ITS).

Key Features:

• Decentralization: Secured by Cosmos validators and a proof-of-stake mechanism.
• Composable Messaging: Allows smart contracts to interact with assets across chains.
• Wrapped Tokens: Tokens are locked on the source chain and minted as wrapped assets on the destination chain.
• General Message Passing (GMP): Facilitates cross-chain function calls and execution.

Pros:

• Fully decentralized, leveraging Cosmos SDK and Tendermint consensus.
• Supports arbitrary smart contract calls, beyond basic token bridging.
• High security with proof-of-stake validators securing transactions.

Cons:

• Wrapped Assets: Uses synthetic representations, leading to potential liquidity fragmentation.
• Speed: Transactions typically take 30 seconds, slower than LayerZero and Socket.

Wormhole Assessment

Wormhole is a cross-chain messaging protocol that connects a wide variety of blockchains, including Solana, Ethereum, and more.

Key Features:

• Speed: Offers near-instant transactions between connected chains.
• Security Model: Secured by 19 independent guardian nodes that verify and validate cross-chain transactions.
• Interoperability: Enables token transfers, governance actions, and NFT bridging.

Pros:

• Fast transaction finality for high-speed use cases.
• Supports multiple blockchains, including Solana, Ethereum, and Terra.
• Backed by a strong ecosystem of developers and applications.

Cons:

• Security Concerns: Previously exploited
• Trust Model: Relies on a fixed set of guardian nodes, introducing some centralization risks.
• Wrapped Tokens: Uses wrapped assets, leading to liquidity fragmentation and potential depegging risks.

.

7. Cost Estimates for Bridging Solutions:

1. Native Bridges (e.g., Arbitrum Bridge):

• Fee Structure: Utilizes the underlying blockchain’s gas fee model.
• Example: Transferring assets from Ethereum to Arbitrum involves paying Ethereum’s gas fees for the transaction.
• Consideration: While Arbitrum aims to reduce transaction costs through rollups, the initial cost of bridging assets can be substantial due to Ethereum’s gas fees.

2. LayerZero:

• Fee Structure: Involves gas fees on both the source and destination chains, along with potential fees for DVN operations which comprises fees for DVNs and gas abstraction executor contracts.
• Example: To send a message using LayerZero, users only pay gas from the source chain because of the unique gas abstraction service the executor runs.
• Consideration: The total cost is influenced by the gas fees of the involved chains and the pricing that the protocol selects based on their custom DVN configuration.

3. Socket:

• Fee Structure: No bridge fees, utilizes gas fees for messaging incurring varying fees depending on the selected route.
• Example: Users bridging 100 TokenA receive 100 TokenA on the target network, no additional cost
• Consideration: Socket fees can vary based on the chosen path.

4. Axelar:

• Fee Structure: Charges fees for cross-chain transfers, including gas fees on source and destination chains and fees for Axelar’s services.
• Example: A transfer from Ethereum to Cosmos via Axelar would incur Ethereum gas fees, Cosmos transaction fees, and Axelar’s service fees.
• Consideration: Axelar’s decentralized model may lead to variable costs depending on network conditions and transaction complexity.

5. Wormhole:

• Fee Structure: Involves gas fees on both source and destination chains, plus fees for guardian node services.
• Example: Bridging assets from Solana to Ethereum would require Solana transaction fees, Ethereum gas fees, and any additional fees imposed by Wormhole.
• Consideration: Wormhole’s fees are subject to the gas costs of the involved chains and any service fees from the network’s guardians.

8. Summary

Bridge Type	Pros	Cons	Best For
Native Bridges (Arbitrum, Optimism, Polygon PoS)	Fully trustless, Secure, No relayers	Slow (7-day exits), Limited to L2s	Ethereum L2 token transfers
LayerZero (OFTs)	Fast, No wrapped tokens, Flexible	Oracle/relayer model (semi-centralized)	Cross-chain token standardization
Socket	Fast, No wrapped tokens, Flexible	Requires relayers for some transfers	Cross-chain bridging
Axelar GMP	Secure, Fully decentralized	Wrapped assets	General-purpose bridging
Wormhole	Fast, Cross-chain support	Previously hacked, Requires Guardians	Solana & high-speed transfers

Wrapped Assets

Wrapped assets are tokens that represent an asset from one blockchain on another blockchain. For example, Wrapped Ether (WETH) is an ERC-20 token representing Ether on the Ethereum network.

Why Are Wrapped Assets a Concern?

• Security Risks: Wrapped assets rely on the integrity of the bridge that issues them. If the bridge is compromised, the wrapped assets can lose their value.
• Liquidity Fragmentation: Multiple versions of the same asset across different chains can lead to fragmented liquidity, reducing capital efficiency.
• Trust Assumptions: Users must trust the entity managing the wrapping process, which may introduce centralization risks.

Security Analysis

A. Native Bridges (e.g., Arbitrum, Optimism, Base, Polygon PoS, Avalanche)

Pros:

• Security: Inherits the security properties of the underlying blockchain.
• Trustlessness: Operates without reliance on third-party validators or relayers.
• No Wrapped Assets: Transfers native assets without the need for wrapping.

Cons:

• Limited Interoperability: Typically restricted to specific ecosystems (e.g., Ethereum and its Layer 2 solutions).
• Withdrawal Latency: Some bridges, like Arbitrum, have extended withdrawal periods (e.g., 7 days) due to security protocols.

Flexibility: Limited to specific ecosystems; not ideal for broader cross-chain interactions.

B. Third-Party Bridges

1. LayerZero (Omnichain Fungible Token - OFT Standard)

Pros:

• Interoperability: Facilitates seamless token transfers across multiple blockchains.
• Unified Liquidity: Eliminates the need for wrapped assets by locking tokens on the source chain and minting them on the destination chain, or by using OFTAdapter contracts to connect non-OFT tokens into the rest of the LayerZero infrastructure
• Security: Employs a decentralized network of validators called DVNs for transaction validation, that can be personally selected by each individual protocol using LZ v2 to ensure that their security stack is configured to their exact specifications

Cons:

• Complexity: requires OApp owners to configure their own DVN security stack.
• Trust Assumptions: Relies on the security and reliability of external oracles and relayers.

Flexibility: Highly flexible, supporting a wide range of blockchains and use cases.

2. Socket

Pros:

• Speed: Enables rapid cross-chain transactions (~2-5 minutes latency).
• Custom Security: Modular security using Switchboards with customizable trust models.
• No Lock-in: Avoids single bridge dependency, allowing migration to different security models.
• Built-in Rate Limits: Enables risk mitigation by limiting daily transfer caps.

Cons:

• Security dependency on bridge trust models: Can integrate native rollup security but still relies on selected verification methods. Need more information on the entities running watchers.

Flexibility: Offers moderate flexibility with a focus on user-centric applications.

3. Axelar General Message Passing (GMP)

Pros:

• Decentralization: Operates with a decentralized validator set, enhancing security.
• Composability: Supports complex cross-chain interactions beyond simple token transfers.
• Security: Utilizes the Cosmos SDK and Tendermint consensus for robust security.

Cons:

• Speed: Transaction finality may be slower compared to other solutions.
• Complexity: May require more intricate integration efforts for developers.

Flexibility: Highly flexible, suitable for a variety of cross-chain applications.

4. Wormhole

Pros:

• Speed: Facilitates quick cross-chain transfers.
• Interoperability: Connects multiple blockchains, including Solana, Ethereum, and others.
• Ecosystem Support: Backed by a broad ecosystem of applications and developers.

Cons:

• Security History: Has experienced significant exploits in the past, raising concerns.
• Trust Model: Relies on a set of guardians for transaction validation, which may introduce centralization risks.

Flexibility: Moderately flexible

Conclusion

After gathering initial community feedback, a governance proposal will be published allowing the community to choose the bridge solution for $FLUID.

This is honestly a really good breakdown and shows how much effort the FLUID teams puts into every decision affecting the core protocol.

If I had to summarize the core advantages of going with Socket:

• Modular security: Socket is the only solution that let’s FLUID get the best of both worlds: native Arbitrum security for L1 → Arbitrum transfers and fast transfers for Arbitrum → L1 via the Fast Switchboard

• Fluid and any other party can run Watchers in the Fast Switchboard config

• once you deviate from native rollup security you NEED to have security checks in place. Socket SuperToken comes with built-in smart contract enforced rate limits. For example, one could limit the Arbitrum → Ethereum transfers to $1m/day.

• tap into Bungee distribution and chain abstracted swaps: get $FLUID integrated on Bungee and allow people to buy $FLUID on Arbitrum with e.g $USDC on Base. Bungee API is integrated in Coinbase Wallet, Rainbow, Zapper, Zerion, Kraken wallet etc.

Socket x Fluid ftw

gm Fluid! It’s super exciting to see FLUID exploring crosschain expansion.The Wormhole protocol facilitates asset migration across chains safely, at scale, and with speed via Wormhole’s Native Token Transfers (NTT) framework. Wormhole’s Native Token Transfers (NTT) framework is that unlock. Leading organizations such as Sky (formally MakerDAO) are using NTT for USDS, while the Lido DAO elected to use the NTT framework to bring stETH to Binance Smart Chain. M^0, Agora, Transfero and other major stablecoin protocols have also adopted NTT to support their expansion efforts.

About NTT

• No Wrapped Tokens: FLUID-enabled NTT tokens are canonical tokens issued by you, Fluid, for maximum interoperability.

• Proven Scale: The NTT framework has facilitated $1B+ in volume while charging zero fees.

• Customizable Security: Wormhole has 19 industry-leading Guardians, a decentralized set of validators responsible for observing and attesting to cross-chain messages. If you require additional security assurances, you can customize your NTT deployments by adding additional verifiers.

While Wormhole has been targeted by malicious actors in the past, it is the only bridge where no users have ever lost funds - a testament to the security-first design. Wormhole’s infrastructure has been carefully audited and publicly verified. The Uniswap Foundation’s Bridge Assessment Report has recognized Wormhole as the most suitable crosschain solution.

By adopting NTT, Fluid’s token would enjoy seamless interoperability, unified liquidity, fast native transfers, and a customizable consensus model that can be configured with additional verifiers as needed. The Wormhole contributors are excited to better introduce the Fluid community with all the benefits of $FLUID using NTT and are ready to answer all the community’s questions as part of your Request For Proposal process.

Resources for further reading:
NTT Platform
NTT Analytics
Wormhole security

hi and thank you for your comment!

I am also attaching Uniswap Foundation report which highlights Wormhole security

GM everyone, honored to be part of this process, and thank you to the FLUID team for their thorough due diligence!

Quick summary – LayerZero V2 is the leading interoperability protocol due to many of the reasons the FLUID team highlighted. Our infrastructure is trusted by many of the premier teams in the industry, including USDT0, BitGo (WBTC), Ethena (USDe, sUSDe, USDtb, ENA), PayPal (PYUSD), Ondo (USDY), Etherfi (weETH), Curve (CRV, crvUSD), Solv Protocol (SOLVBTC), Kelp DAO (rsETH), Swell (swETH), Syrup Finance (SYRUP), Resolv (USR, RLP), Usual Money (USD0, USD0++), Pudgy Penguins (PENGU), and many more.

Here are some main reasons we believe LayerZero v2 to be the best choice to take FLUID omnichain:

• OFT is the most used interoperability token standard – Between stablecoins, governance tokens, LST’s and more, the OFT standard secures over $100B across 200+ tokens. This makes it the most widely adopted token standard, outside of ERC-20.
• True configurable security that is owned by the application, on a per pathway basis – Instead of a one-size fits all verification model, LayerZero allows Fluid to control and configure its own cross-chain validation flow, on a per-pathway basis, and swap out DVNs offered by 42+ providers at any point in the future. Fluid can also operate its own DVN, giving them full control over message verification.
• LayerZero offers an open standard, without the lock in – Use of the LayerZero Labs DVN and Executor are completely optional. LayerZero is a messaging framework that in its most minimal form accrues no value to LayerZero Labs. CCIP and Axelar can be used as DVNs for example.
• LayerZero supports over 115 chains, including multiple VMs – We are live on Solana, Aptos and TON in addition to 100+ other chains. This will only continue to expand and will give Fluid optionality for where the community wants to go in the future.
• Secure and cheap omnichain governance – Voting across multiple chains used to be impractical due to the UX barriers and high gas costs of sending individual “write” messages to aggregate a user’s voting power across chains. lzRead solves this by using cheap “read” messages to calculate a user’s full voting power across all chains, allowing them to vote once from any chain. e.g., ZRO Fee Switch Referendum Vote.
• The LayerZero protocol has safely facilitated $70B+ in cross-chain asset transfers – LayerZero is immutable, permissionless, and censorship resistant. The LayerZero protocol has never had a vulnerability in its core smart contracts and powers over 58,000+ smart contracts currently in production.

We at LayerZero are excited about this opportunity to support the FLUID team in this initiative and are happy to answer any questions below.

Exciting proposal and analysis !
Why is Chainlink’s CCIP not an option ?

We will be adding CCIP as an option and already requested Chainlink team to share information about CCIP on the forum

Thank you @DMH for including Chainlink in this process. We’d like to use this opportunity to provide with some additional context about the Chainlink Cross-Chain Interoperability Protocol (CCIP) and how it’s the best solution to secure FLUID’s cross-chain bridging architecture and accelerate the growth of FLUID across the multi-chain ecosystem.

Chainlink has supported the growth of Fluid’s lending protocol by providing decentralized data feeds that secure the majority of Fluid’s $940M+ TVL. Integrating CCIP would deepen the alignment between the Fluid and Chainlink ecosystems and simplify future integration of additional Chainlink services to support Fluid’s continued growth with no added trust assumptions or vendor risk.

Chainlink CCIP is the most compelling cross-chain infrastructure for Fluid as it matches the DAO’s selection criteria:

• Security and decentralization. CCIP is built on the same Chainlink platform that has operated flawlessly for over five years, secured over $75 billion in DeFi TVL at its peak, and enabled $19+ trillion in transactional value since the beginning of 2022. CCIP features a robust, defense-in-depth design that utilizes multiple Decentralized Oracle Networks (DONs) and an independent Risk Management Network to ensure cross-chain transactions operate with the highest levels of security.
• Cost efficiency. CCIP’s fee model is simple and transparent, and is adaptable to whatever token or message bridging format(s) the DAO requires. Users can pay to use CCIP in native blockchain gas tokens and in LINK.
• Liquidity management. CCIP was designed from the ground up to support developer choice in how best to align liquidity management with their protocol’s needs, offering a multitude of different transfer mechanisms, including native burn-and-mint transfers that remove the need for liquidity pools or wrapped tokens for cross-chain transfers.
• Messaging and governance. CCIP was also designed for both arbitrary data transfers as well as token movements, making it an optimal platform for cross-chain bridging. CCIP already powers this use case for the likes of Aave for token transfers and several other dApps for cross-chain governance.
• User experience. CCIP powers a growing number of token bridging applications. These frontends provide users with a seamless experience to transfer FLUID to any destination chain that CCIP is integrated with.

Chainlink CCIP

CCIP is the standard for cross-chain interoperability, enabling users to transfer both tokens and/or data between any public or private blockchain network. CCIP currently supports 35 blockchain networks in production, with many more being added in the near future. Notably, CCIP has been adopted as the canonical cross-chain infrastructure by over 20 blockchain ecosystems including Sony’s Soneium, Celo, Ronin, Mode, and many more.

In all, more than 120 DeFi and other protocols have selected CCIP for cross-chain token and/or data transfers. Chainlink’s deep roots in DeFi are reflected in protocols adopting Price Feeds and CCIP, minimizing trust assumptions in using the battle-tested and trusted Chainlink DONs. These include:

• Aave, the leading DeFi lending market with $20B TVL, integrated CCIP to enable native cross-chain transfers of their GHO stablecoin as well as cross-chain governance, supporting their multi-chain expansion.
• Lido launched Direct Staking, a CCIP-powered cross-chain staking solution that enables users to stake their ETH and receive wstETH directly on L2 networks.
• Solv, with $2.5B TVL, integrated CCIP, Proof of Reserve (PoR), and Price Feeds for its SolvBTC ecosystem, enabling cross-chain transfers of their LSTs such as -SOLVBTC.BNN, SOLVBTC.ENA, and others.
• Lombard, with $1.9B+ TVL, adopted CCIP, PoR, and Price Feeds for its LBTC token.
• Magpie uses CCIP to secure its $1.6B Eigenpie ecosystem, as well as its Cakepie and Radpie ecosystems.
• Usual, with $1.1B TVL, adopted CCIP and Price Feeds for its Usual ecosystem tokens.
• Liquity, with $350M+ TVL, adopted CCIP for its BOLD stablecoin.
• Liquid Collective, with $290M+ TVL, adopted CCIP for its LsETH liquid staking token.

CCIP is also central to Chainlink’s work with the world’s largest banking and capital markets institutions to enable interoperability between private and public blockchains, as well as allowing tokenized assets to be interacted with through existing legacy infrastructure. Some highlights include:

• The Society for Worldwide Interbank Financial Telecommunication (Swift), the interbank messaging network used by 11,500+ banks globally, collaborated with Chainlink and 12+ of the world’s largest financial institutions and market infrastructures to successfully demonstrate how Swift member banks can use Chainlink CCIP to transfer tokenized assets across any public/private blockchain. Participants included the DTCC, Euroclear, Clearstream, ANZ Bank, Citi, BNY Mellon, BNP Paribas, Lloyds Banking Group, and SIX Digital Exchange (SDX).
• The Depository Trust & Clearing Corporation (DTCC), the world’s largest securities settlement system that processes $2+ quadrillion annually, collaborated with Chainlink and 10 of the world’s largest financial institutions to successfully demonstrate how Chainlink CCIP can make mutual fund NAV data available across any public/private blockchain. Participants included Euroclear, Swift, UBS, Franklin Templeton, Wellington Management, CACEIS, Vontobel, and Sygnum Bank.
• The Australia and New Zealand Banking Group Limited (ANZ Bank), one the world’s largest banks with $1+ trillion in total assets under management, collaborated with Chainlink to successfully demonstrate how Chainlink CCIP can power the cross-border, cross-chain, and cross-currency settlement of tokenized assets.
• SBI Digital Markets and UBS Asset Management, the asset management arm of one of the world’s largest banks with $5+ trillion in total assets under management, collaborated with Chainlink in a pilot leveraging the Chainlink platform to streamline tokenized fund operations.

The rest of this thread provides more detail on our proposed solution and its benefits for Fluid.

Security and decentralization: Avoiding exploits and ensuring robust verification models

CCIP is underpinned by Chainlink’s proven infrastructure, which takes the form of Decentralized Oracle Networks (DONs) where independent oracle nodes come to consensus on a particular computation and/or data point. DONs in the Chainlink ecosystem are operated by a geographically distributed collection of Sybil-resistant, security-reviewed node operators with significant experience running mission-critical infrastructure across Web2 and Web3.

Rather than operating as a single monolithic network, which can lead to speed and reliability issues due to constrained throughput, CCIP is composed of multiple DONs per chain lane—with each lane consisting of a unique source chain and destination chain. This approach allows CCIP to be horizontally scalable, as additional DONs are added to CCIP for each additional blockchain network supported as opposed to funneling all cross-chain traffic through a single network.

Specifically, each CCIP chain lane consists of three unique oracle networks—the Committing DON, the Executing DON, and the Risk Management Network.

• The Committing DON is a decentralized network of 16 independent node operators that monitor events on a given source chain, wait for source chain finality, bundle transactions to create a Merkle root, come to consensus on that Merkle root, and commit that Merkle root to the destination chain.

• The Executing DON is a decentralized network of 7 independent node operators that submit Merkle proofs on a destination chain, which are then verified onchain by the Risk Management Network.

As the value secured by CCIP expands over time, the number of node operators within each network can scale to meet the need for greater security. More information about the architecture and security model of CCIP can be found in the Chainlink documentation.

Risk Management Network

The Risk Management Network is a separate network that continuously monitors and validates the behavior of CCIP, providing an additional layer of security by independently verifying cross-chain operations for anomalous activity. The Risk Management Network utilizes a separate, minimal implementation of the Chainlink node software, creating a form of client diversity for increased robustness while also minimizing external dependencies to prevent supply chain attacks.

The Risk Management Network was written in a different programming language (Rust) than the primary CCIP system (Golang), developed by a different internal team, and uses a distinct non-overlapping set of node operators compared to the CCIP DONs. The Risk Management Network is a wholly unique concept in cross-chain interoperability that builds upon established engineering principles (N-version programming) seen in mission-critical systems in industries such as aviation, nuclear, and machine automation.

To increase the security and robustness of CCIP, the Risk Management Network engages in two types of activities:

• Secondary Approval: The Risk Management Network independently recreates Merkle roots based on transactions from the source chain, which are then published on the destination chain and compared against the Merkle roots published by the Committing DON. Cross-chain transactions can only be executed if the Merkle roots from the two networks match.

• Anomaly Detection: The Risk Management Network monitors for abnormal behavior from the CCIP network (e.g., committed transactions with no source chain equivalent) as well as the behavior of chains (e.g., deep block reorgs). If anomalous activity is detected, the Risk Management Network can trigger an emergency halt to pause all CCIP lanes and limit any losses.

Security is the number one priority for the Chainlink ecosystem, a value we do not and will not compromise. Chainlink Labs has put an immense amount of resources into developing the security model of CCIP, which is the most audited Chainlink solution to date.

The onchain and offchain code for CCIP and the Risk Management Network have undergone more than two dozen audits and counting by five leading security firms—Cure53, Dedaub, NCC Cryptography Services, Sigma Prime, and Trail of Bits—in preparation for the initial mainnet launch and subsequent deployments.

Additionally, four crowdsourced audits of CCIP and the Risk Management Network have been conducted on the Code4rena and CodeHawks platforms.

All valid findings were remediated and fixes confirmed with the respective auditors. In some cases, findings represented expected behaviors and were reviewed with auditors upon receipt of audit reports.

Finally, CCIP is covered by the Chainlink bug bounty program on Immunefi, with a $3 million maximum bounty for critical smart contract vulnerabilities.

We are happy to provide public links for the community to review. The onchain source code for CCIP is also publicly viewable on GitHub.

Cost Efficiency: Reducing gas fees and transaction costs

CCIP Fees are paid a single time by end-users on the source chain when initiating a CCIP transaction. CCIP fees cover the estimated gas costs of CCIP executing transactions on the destination chain—including a buffer for reliable transaction execution due to gas price volatility—and a small service fee paid to CCIP service providers for their work securing the protocol. The size of the service fee portion of CCIP Fees depends on the type of CCIP transaction, the token transfer method used, and the blockchain lanes used.

CCIP supports fee payments in blockchain native gas tokens and in LINK. For more detail on our pricing model, please see our documentation.

Liquidity Management: Maintaining token supply consistency across networks

Token contract and token pool contracts on both the source and destination chains are owned by the token developer, in this case Fluid. The destination chain deployments could also be owned by an approved third party of Fluid’s choosing such as the destination chain team.

CCIP also includes a growing range of measures that enable protocols and developers to further customize their infrastructure and user experience without compromising on security. These include configurable rate limits, which developers can establish on a per-token and per-lane basis. They can specify the maximum token amount per transfer (capacity), as well as how fast capacity is refilled (refill rate). This is configurable per lane, so developers can accommodate for different risk profiles or throughput requirements.

The CCIP v1.5 upgrade introduced the Cross-Chain Token (CCT) standard, which enables token developers to integrate new and existing tokens with CCIP in a self-serve manner in minutes via the Token Manager. With the Token Manager, developers retain full ownership of their token contracts, CCIP token pools, lane expansion, and customized implementation logic, including rate limits across chains. This autonomy eliminates the need for vendor lock-in, hard-coded logic, or external dependencies, allowing developers to customize functionality without compromising security.

CCIP supports three distinct methods of transferring tokens cross-chain:

• Burn and mint—Tokens are burned on a source chain, and an equivalent amount are minted on a destination chain. This enables the creation of cross-chain native tokens with a dynamic, unified supply across chains.

• Lock and mint—Tokens are locked on the chain they were natively minted on, and an equivalent amount of fully collateralized tokens are minted on a destination chain. These minted tokens can be transferred across other non-native destination chains via burn and mint or be burned to unlock tokens back on the original minting source chain.

• Lock and unlock—Tokens are locked on the source blockchain, and an equivalent amount of tokens are released on the destination blockchain.

Thank you @Chainlink_Labs for all this information, the DAO and the team will evaluate Chainlink CCIP solution and add it for the voting

Happy to share @DMH, and thanks again for including us!

Just to be sure we’ve covered what you and the community are looking for, a few more data points:

Cross-chain governance

CCIP was designed to support cross-chain transfers of messaging as well as tokens. Programmable Token Transfers enable smart contracts to transfer tokens cross-chain along with instructions on what the receiving smart contract should do with those tokens once they arrive on the destination chain. Users can send tokens, arbitrary data, or tokens and arbitrary data via CCIP with the same interface. This can enable FLUID holders on an L2 to vote for governance proposals on an L1, and vice versa.

CCIP’s support for transferring arbitrary messages cross-chain unlocks crosschain governance as a key use case for integrating protocols. CCIP-powered cross-chain governance is at the core the live governance system currently deployed by Aave DAO, which supports a more efficient experience for DAO participants and delegates. As one of the very first use-cases, CCIP-powered governance is also in production today for protocols such as QiDao, StakeDAO, and others.

User Experience: Enabling fast, seamless transactions without complexity

CCIP powers a growing number of token bridging applications, including Interport Finance, OpenOcean, Transporter, and XSwap. These frontends provide users with a seamless experience to transfer FLUID to any destination chain that CCIP is integrated with.

In order to maximise security, CCIP waits for finality on the source blockchain, which is crucial when transacting across multiple networks to ensure actions taken on the destination blockchain are based on transactions on the source blockchain that are extremely difficult or impossible to revert. The time to achieve finality varies across blockchains and impacts the total CCIP execution latency. Further detail on the end-to-end lifecycle of CCIP transactions can be found in developer docs. Notably, CCIP transfers for L2 networks are significantly faster than the native bridge, which for certain rollups can take up to seven days to complete.

Conclusion

We’re excited for the opportunity to extend our work together as an existing core infrastructure provider and growth partner to the Fluid DAO. As Fluid already leverages Chainlink Data Feeds, integrating CCIP will allow FLUID to securely move cross-chain with little-to-no additional trust assumptions or new vendor risk.

Thank you for welcoming us to submit a proposal for your consideration. We’re happy to address questions, comments, clarifications, and feedback!

GM everyone, appreciate the well-structured overview.

You should also consider Router Nitro as a bridging solution for $FLUID. Unlike traditional bridges, Nitro has two models:

1. Solver model for fast and cheap transfers of popular tokens
2. Mint-and-burn model (called the asset bridge flow), ensuring unified liquidity across chains while eliminating reliance on wrapped assets.

Security is maintained through a decentralized validator set of 47 nodes on Router Chain, providing a robust and trust-minimized bridging experience.

Comparative Analysis

Router Nitro Assessment

Security

Router Nitro is secured by a decentralized set of 47 validators on the Router Chain. Router Chain utilises Cosmos SDK and it leverages tendermint’s BFT consensus engine. Transactions are verified using a threshold signature mechanism, ensuring that bridge operations are resistant to single points of failure.

Speed

Nitro facilitates quick cross-chain transfers. On average, mint-and-burn transactions on Router Nitro complete in approximately 50 seconds. This time includes verification, finality, and execution across supported chains.

Interoperability

Router Nitro supports cross-chain token and instruction transfers across 40+ chains including non-EVMs like Sui, Solana, and Tron. Its modular design allows easy integration with new chains, and its intent-based architecture enables advanced cross-chain functionality beyond simple token bridging.

Cost

Router Nitro’s cost depends on the execution cost on the destination chain, i.e., there is no additional bridge fee for the mint-and-burn mechanism.

Existing Integrations

Router Nitro powers omnichain connectivity for tokens like RBNT and ROUTE and is the bridge provider for Matchain, Saakuru, Redbelly, and multiple other chains, bringing stablecoins to these networks. It already supports various altVMs, integrating chains like Solana and Sui, and with its modular architecture, it seamlessly integrates additional chains.

Given these advantages, it would be worth considering Router Nitro as an option for bridging $FLUID.