A wrapped token is a token that exists on one blockchain and represents an equivalent-value claim on an asset from another blockchain or system. WBTC is the canonical example β it is an ERC-20 token on Ethereum that represents one bitcoin, backed one-to-one by real BTC held by a custodian. When you hold one WBTC, you hold a claim that you can redeem for one real BTC through the appropriate channel. The wrapping serves a practical purpose: BTC cannot natively interact with Ethereum’s DeFi ecosystem because Bitcoin’s scripting language does not support the kind of smart contracts that Ethereum needs. But a token that represents BTC on Ethereum can be used in Ethereum DeFi protocols, traded on Uniswap, used as collateral on Aave, and integrated everywhere else that Ethereum-native tokens work.
Wrapped tokens are sometimes called “synthetic assets” when the underlying is tracked by some mechanism other than a custodial one-to-one backing (for example, a token that tracks the price of gold without actually holding gold in a vault). The difference matters for the security model, but the terminology is used loosely. “Wrapped” usually implies a direct backing relationship; “synthetic” usually implies a more indirect one. Most of the major wrapped assets in crypto are actually wrapped in the strict sense, with real backing held somewhere.
How Wrapped Tokens Get Made
There are several models for how a wrapped asset is actually produced and backed.
Custodial wrapping. WBTC is the biggest example. BitGo acts as the custodian: they hold real BTC in cold storage and mint corresponding WBTC on Ethereum when authorised merchants (larger institutions) bring in real BTC to wrap. When someone wants to unwrap, they send WBTC to a burn address and BitGo releases the corresponding real BTC. The process has a few trusted intermediaries (BitGo as custodian, the merchants who can initiate wrapping and unwrapping) and the security model is essentially “trust that BitGo is solvent and honest”. As of 2026, this model has worked fine for WBTC, which has held over hundreds of thousands of wrapped BTC across multiple chains since 2019, though the centralised trust assumption has been a recurring critique.
Federated wrapping. Some wrapped assets use a federation of validators rather than a single custodian. The idea is that wrapping happens on a chain where multiple independent parties run consensus, and the assets are held in a multi-sig wallet controlled by that federation. This distributes trust across multiple entities and is harder to compromise than a single custodian, but it is also more complex and has more moving parts. Liquid Network’s L-BTC on Bitcoin uses a federated model, as do several bridge designs.
Lock-and-mint bridges. A common pattern for EVM-to-EVM wrapping is to lock the original asset on the source chain and mint the wrapped version on the destination chain through a bridge contract. The bridge’s security depends on whatever consensus or proof mechanism it uses to verify that the locking actually happened on the source chain. This is the model used by most cross-chain bridges between Ethereum and its L2s, between Ethereum and other L1s, and between L1s more generally. The security varies enormously depending on the specific bridge, and several of the biggest crypto hacks in history (Ronin, Wormhole, Nomad, Multichain) have involved compromises of lock-and-mint bridges.
Native cross-chain asset. Some newer assets are designed from the start to exist on multiple chains with native support rather than being “wrapped” in the traditional sense. USDC is the clearest example β Circle mints USDC natively on Ethereum, Solana, Base, Arbitrum, and many other chains, and moves supply between them via its CCTP (Cross-Chain Transfer Protocol) rather than requiring users to go through external bridges. The result is that USDC on Solana is “as real as” USDC on Ethereum, with no trusted-bridge risk beyond Circle’s own operations. This model produces a cleaner user experience but requires the issuer to actively support every chain they want to be on.
The Bridge Hack Problem
Wrapped assets are one of the most frequently-exploited targets in crypto. The cumulative dollar value lost to bridge hacks since 2021 is well over $3 billion, concentrated in a small number of catastrophic incidents.
Ronin ($620 million, March 2022): The Ronin chain used a 5-of-9 validator set to bridge between Ethereum and the Axie Infinity sidechain. An attacker compromised 5 of the validator keys through a combination of a social engineering attack on a Sky Mavis engineer and a previously-granted over-permissioned signature. The compromised validators signed withdrawals that drained the bridge’s ETH and USDC reserves, and the wrapped assets on the Ronin side instantly became unbacked.
Wormhole ($320 million, February 2022): A bug in Wormhole’s signature verification on its Solana-side contract allowed an attacker to mint wrapped ETH without actually locking the corresponding real ETH on Ethereum. The attacker minted 120,000 wETH out of nothing and started selling it. Jump Crypto, Wormhole’s parent company, covered the shortfall with their own funds to keep the wrapped tokens backed, but the bridge’s security model had clearly failed.
Nomad ($190 million, August 2022): An update to Nomad’s verification contract accidentally marked the zero message root as valid, which let anyone submit a withdrawal request claiming any amount and have it processed. The exploit was so easy that dozens of addresses piled on within hours, making it one of the most chaotic bridge drains in history.
Multichain ($126 million+, July 2023): Multichain (formerly Anyswap) operated bridges for many assets across many chains. Its CEO disappeared (was reportedly detained by Chinese authorities), admin keys became inaccessible, and users eventually saw large amounts of bridged assets drained from the contracts. The incident illustrated that a bridge can fail not just through hacks but through the operator simply becoming unavailable.
What This Means for Users
Holding a wrapped asset is holding a claim that depends on the integrity of whatever system is doing the wrapping. WBTC is only as trustworthy as BitGo. A bridged token on a new L2 is only as trustworthy as that L2’s bridge. USDC on any chain is only as trustworthy as Circle’s native issuance on that chain. The underlying asset (BTC, ETH, USDC at Circle) is usually fine, but the wrapped version can break if the wrapping mechanism breaks, and breakages have happened often enough that this is not a theoretical concern.
For day-to-day use, wrapped assets are mostly fine β the major ones on the major chains have held up across years of activity and the practical risk is low. For large positions or long-term holdings, the question to ask is always: what specifically is backing this wrapped token, and what happens if the backing mechanism fails? For the most widely-used wrapped assets (WBTC, wrapped stablecoins from Circle and Tether, native L2 ETH deposits), the answers are acceptable. For more exotic wrapped assets from smaller bridges, the answers are often less reassuring, and the history of bridge hacks suggests that caution is warranted.