When I last reviewed the Rosen Bridge proposal, I said:
Now that I have studied their integration kit and talked more deeply with the team, I can confirm my previous viewpoint.
For example, Force Bridge failed because of a Validator Takeover. That said, I suspect most of these losses could have been avoided if only they kept about 90% of funds in cold storage, with a mechanism blocking suspicious withdrawals. So, in a way, Force Bridge was a Soft Target.
By contrast, the Rosen team started by cataloging known attacks and designed the bridge precisely around these risks.
Here are a few slides from @Armeanio on the topic:
