The Avalanche Bridge is secured by Intel SGX technology, which restricts how transfers are performed, including that no funds can be released unless there's a corresponding transfer of coins, and no one, not even system administrators, has access to the keys that control funds.
All transfers across the Bridge must be approved by Bridge Nodes that secure and back-up an encrypted piece of the Bridge’s keys to allow for reconstituting the Bridge in the event of a hardware failure.
The Bridge and Bridge Nodes are security tested quarterly to make sure they are adhering to the strictest security standards. This includes requiring multiple approvals to deploy all updates, locking down access to all Bridge infrastructure, regular penetration testing, and continuous monitoring for potential security vulnerabilities or unexpected activity.
Both transfers across the Bridge and reconstituting the Bridge in the event of a hardware failure require 6 of 8 Bridge Nodes to cooperate. Learn more about the role of the Bridge Nodes.
The Bridge code is independently audited by Halborn. You can view the audit report here.
For a more in-depth read on how the Avalanche Bridge works, please read the following articles.