Clearing & Settlement

Cross-Chain Bridge Settlement

Settlement via cross-chain bridges — compliance gap at bridge layer, oracle security at finality.

Vendors

Chainlink CCIP · LayerZero · Wormhole

Compliance center

Compliance gap at bridge layer (Authorization) + oracle security (Facilitation)

post-tradebridgecciplayerzerowormholecompliance-gaporacle
Filter by shape:
|
PT6 · POST-TRADECross-chain bridge settlement·5 stations(2 compliance, 3 infra)·chainlink
S1INTENTS2S3S4S5TRANSPORTS6AUTHORIZATIONS7FACILITATIONS8FINALITY01Deposit02Bridge03Oracle Feed04Bridge05Filing
3+5 shape system
GatePre-condition — blocks if it failsMonitorConcurrent — observes without haltingObligationPost-settlement — reports after the factsolid = codedashed = policy
How to read this diagram
Each station on the rail represents a compliance or infrastructure event in the Cross-chain bridge settlement path. Hover any station to inspect it. The shape tells you what kind of event it is. The ring tells you how it's enforced.
Gate Monitor Obligation| Ingress Crossing Transform Settlement Venue
This path at a glance
5 stations across 5 of 8 segments. 2 are compliance checkpoints, 3 are infrastructure.
3 code-enforced2 policy-enforced
PT6 · CROSS-CHAIN BRIDGE SETTLEMENT · ETHEREUM · BASE
00
Mandate
01
Intent
02
Identity
03
Discovery
04
Negotiation
05
Transport
06
Authorization
07
Facilitation
08
Finality
09
Disposition
L5 APPLICATIONL4 ACCOUNTL3 EXECUTIONL2 CONSENSUSL1 NETWORKETHEREUM
L5 APPLICATIONHANDOFF

Step 1 · Settlement Instruction (Post-Trade Handoff)Policy-Enforced

"A post-trade settlement instruction that requires value to move between two different blockchains — the problem that shouldn't exist but does."

**Cross-rail reference: Stages 1-4 fired on the originating rail (Securities, Wholesale, or Retail).** A settlement requires value (stablecoins, security tokens, or both) to move from one chain to another. No native mechanism exists for cross-chain settlement — a bridge must be used. L5 lit only.

Counterparty
Originating rail settlement engine
Latency
Instant
Finality
N/A — bridge selection begins
Vendors
EOA (secp256k1 externally-owned accounts) + ERC-4337 account abstraction (EntryPoint singleton + UserOperation mempool — paymaster and aggregator extensions) · MetaMask · MetaMask Institutional (ConsenSys-operated; institutional custody/MPC integrations) · Fireblocks · Safe (Gnosis Safe — multisig + module framework) · Securitize Markets ATS (SEC-registered ATS) · INX Securities ATS · BlackRock BUIDL · Franklin BENJI · Hashnote USYC · Ondo OUSG · Apollo ACRED (Ethereum mainnet deployments; issuer profiles carry SEC-registered / NYDFS limited-purpose trust / Reg D 506(c) postures detailed in the respective compliance frameworks)
Chain
Ethereum (Ethereum Foundation (protocol research + core-dev grants; protocol itself is permissionless and operated by the validator set))
L5 APPLICATIONL4 ACCOUNTL3 EXECUTIONL2 CONSENSUSL1 NETWORKETHEREUM
L3 EXECUTIONBRIDGE LOCK
L2 CONSENSUSBRIDGE LOCK
L1 NETWORKBRIDGE LOCK
◆ Enforcement Line — code-enforced at this layer

Step 2 · Bridge Selection & LockCode-Enforced

"Selecting a correspondent bank for a cross-border wire — but bridges have no banking license, no capital requirements, and (usually) no regulatory oversight."

Value is locked in the bridge's smart contract on the source chain. The bridge (Chainlink CCIP, LayerZero, or Wormhole) holds the locked value in escrow while the cross-chain message propagates. L1+L2+L3 lit — the lock executes below the enforcement line. **Honesty marker:** bridge smart contracts are the highest-value targets in DeFi. $2.8B+ lost to bridge exploits since 2021 (Ronin $625M, Wormhole $320M, Nomad $190M). D10 (operational resilience) is the critical domain — and it's the weakest.

Counterparty
Bridge smart contract (source chain)
Latency
~12s · Ethereum block
Finality
Locked · awaiting cross-chain attestation
Vendors
Circle CCTP v2 (canonical USDC burn-and-mint cross-chain transport) · Wormhole · LayerZero · Across (intent-based settlement) · Ethereum devp2p / libp2p transport · EIP-4844 blob-data DA layer (canonical DA for OP Stack and other rollup-based L2s — Base, Arc, Tempo, Arbitrum, Optimism, etc.) · Ethereum Proof-of-Stake (Beacon Chain — Casper FFG finality + LMD-GHOST fork choice) — permissionless 32-ETH stake threshold; effective validator economics concentrated via Lido / Coinbase / Binance / Kraken / Figment staking pools · MEV-Boost relays (Proposer-Builder Separation — out-of-protocol; OFAC-compliant relays Flashbots / BloXroute Regulated have periodically dominated relay share) · Uniswap v4 (extensible AMM — concentrated liquidity + custom-logic extension framework) · Curve · Balancer · Chainalysis OFAC Oracle (on-chain SDN-list enforcement primitive · code-enforced at the contract layer for opt-in callers) · Securitize DS Protocol (on-chain transfer-restriction smart-contract framework enforcing eligible-investor whitelisting) · ERC-3643 / T-REX (industry-standard permissioned-token framework — Tokeny-developed, used by issuers outside the Securitize stack)
Chain
Ethereum (Ethereum Foundation (protocol research + core-dev grants; protocol itself is permissionless and operated by the validator set))
L5 APPLICATIONL4 ACCOUNTL3 EXECUTIONL2 CONSENSUSL1 NETWORKBASE
L3 EXECUTIONBRIDGE ORACLE
◆ Enforcement Line — code-enforced at this layer

Step 3 · Oracle Attestation & Compliance GapCode-EnforcedINGESTDETECTALERT

"A correspondent bank confirming receipt of a wire — except the 'correspondent' is an oracle network, not a regulated institution."

The bridge's oracle network attests to the lock event on the source chain. For CCIP: Chainlink's DON (Decentralized Oracle Network) with multiple independent attestors. For LayerZero: configurable oracle + relayer. For Wormhole: 19-of-19 guardian set. **Honesty marker:** this is the compliance gap. No bridge oracle is a regulated entity. No AML screening happens at the bridge layer (unless the token itself has a blocklist). No Travel Rule data crosses with the value. The oracle is the trust assumption — and oracle manipulation is the attack vector.

Counterparty
Bridge oracle network (unregulated)
Latency
Variable · CCIP ~15min / LayerZero ~3min / Wormhole ~15min
Finality
Pre-condition — oracle must attest before release
Vendors
Chainalysis OFAC Oracle (on-chain SDN-list enforcement primitive · code-enforced at the contract layer for opt-in callers) · Uniswap v4 · Aerodrome (Base-native AMM derived from Velodrome) · BaseSwap · Circle CCTP v2 (canonical USDC burn-and-mint cross-chain transport between Base and Ethereum / other CCTP-supported chains) · Base Bridge (OP Stack canonical L1 ↔ L2 bridge with 7-day challenge window · L1-escape-hatch via force-inclusion) · Securitize DS Protocol (on-chain transfer-restriction smart-contract framework enforcing eligible-investor whitelisting — ACRED is Ethereum-only; BUIDL multi-chain expansion to Base reported in public reporting but primary-source confirmation pending)
Chain
Base (Coinbase (sole sequencer operator at launch; decentralization on roadmap))
L5 APPLICATIONL4 ACCOUNTL3 EXECUTIONL2 CONSENSUSL1 NETWORKBASE
L3 EXECUTIONBRIDGE RELEASE
L2 CONSENSUSBRIDGE RELEASE
L1 NETWORKBRIDGE RELEASE
◆ Enforcement Line — code-enforced at this layer

Step 4 · Destination Chain ReleaseCode-Enforced

"The correspondent bank releasing funds to the beneficiary — except if the oracle was compromised, the 'funds' are counterfeit."

Value is released (minted or unlocked) on the destination chain based on the oracle attestation. L1+L2+L3 lit. For native bridges (CCTP): Circle mints fresh USDC — no wrapped tokens, minimal bridge risk. For non-native bridges: wrapped tokens are minted, backed by the locked value on the source chain. **Honesty marker:** wrapped tokens introduce counterparty risk — the wrapped USDC is only as good as the bridge's smart contract security. D7 (Travel Rule) is listed because it should apply — but no mechanism transmits originator/beneficiary data across bridges.

Counterparty
Bridge smart contract (destination chain)
Latency
~2s · Base block
Finality
Released on destination chain
Vendors
Circle CCTP v2 (canonical USDC burn-and-mint cross-chain transport between Base and Ethereum / other CCTP-supported chains) · Base Bridge (OP Stack canonical L1 ↔ L2 bridge with 7-day challenge window · L1-escape-hatch via force-inclusion) · EOA + ERC-4337 Smart Account (Coinbase Smart Wallet is the canonical Coinbase-operated AA surface) · Ethereum (via OP Stack) — Base posts batch data to Ethereum via EIP-4844 blob DA for ordering anchor; state-transition security inherits from Ethereum L1 subject to OP Stack fault-proof activation status · Coinbase Sequencer (Coinbase-operated at launch · decentralization stated as roadmap commitment · OP Stack-derived sequencing semantics) · Uniswap v4 · Aerodrome (Base-native AMM derived from Velodrome) · BaseSwap · Chainalysis OFAC Oracle (on-chain SDN-list enforcement primitive · code-enforced at the contract layer for opt-in callers) · Securitize DS Protocol (on-chain transfer-restriction smart-contract framework enforcing eligible-investor whitelisting — ACRED is Ethereum-only; BUIDL multi-chain expansion to Base reported in public reporting but primary-source confirmation pending)
Chain
Base (Coinbase (sole sequencer operator at launch; decentralization on roadmap))
L5 APPLICATIONL4 ACCOUNTL3 EXECUTIONL2 CONSENSUSL1 NETWORKBASE
L5 APPLICATIONREPORTING

Step 5 · Settlement Confirmation & Risk AssessmentPolicy-EnforcedINGESTDETECTALERT

"Confirming a cross-border settlement completed — but adding a risk note that the bridge is an unregulated intermediary."

Cross-chain settlement is confirmed. Both chains show the completed transfer. L5 Application lit only. **Honesty marker:** the settlement is 'final' on both chains, but the bridge layer introduced risks that don't exist in same-chain settlement: oracle manipulation, smart contract exploits, wrapped token depegs, and the complete absence of regulatory oversight at the bridge layer. The post-trade compliance framework has a hole shaped like a bridge. Future regulatory frameworks (MiCA's bridge provisions, potential GENIUS Act treatment) may address this — but as of now, bridges are the wild west of settlement infrastructure.

Counterparty
Settlement participants (both chains)
Latency
Instant on destination release
Finality
Final on both chains · bridge risk unmitigated
Vendors
EOA + ERC-4337 Smart Account (Coinbase Smart Wallet is the canonical Coinbase-operated AA surface) · Coinbase Wallet · Coinbase Smart Wallet (ERC-4337 account abstraction — passkey-based onboarding) · Coinbase Paymaster (gas-sponsorship primitive for Coinbase Smart Wallet flows · ERC-4337 paymaster contract) · Coinbase Verifications (Ethereum Attestation Service-backed attestation product binding Coinbase-verified identity attributes — country of residence, accredited-investor status, etc. — to addresses) · Securitize Markets ATS (SEC-registered ATS) · BlackRock BUIDL · other Securitize-issued RWAs (Base deployments via multichain expansion — ACRED was Ethereum-mainnet and Base availability is NOT independently confirmed)
Chain
Base (Coinbase (sole sequencer operator at launch; decentralization on roadmap))

Resolved 5 steps across 2 chain(s). 0 threshold(s) triggered. Frameworks: Common Reporting Standard / FATCA.

Coverage notes: 5 disclosed gap(s).

Other Clearing & Settlement Paths

PT1 DTCC/NSCC T+1 Clearing DTCC · NSCC
PT2 DTCC Tokenization on Canton DTCC · Digital Asset
PT3 Chainlink CRE Cross-Chain DvP Chainlink · Kinexys
PT4 On-Chain Repo Digital Asset · Canton
PT5 LCH DigitalAssetClear LCH SA · GFO-X
SETTLEMENT CHAINS
EthereumBase
← All Clearing & Settlement Paths
Resolve Your Own Path →