$2.8B Lost to Bridge Hacks: The Hidden Security Crisis in DeFi
Key Takeaways
• Cross-chain bridges account for nearly 45% of all DeFi hack losses, making them the top priority for security innovation.
• Wormhole rebuilt after a $320M hack with stricter guardian verification, flow governors, and modular upgrades—still fast, but trust-centralized.
• Hyperlane enables fully customizable security through Interchain Security Modules (ISMs), offering flexibility but placing risk on the developer.
• Axelar runs its own blockchain for secure messaging, with 75+ validators, on-chain consensus, and developer-friendly tools—secure but heavy.
• Each model—centralized guardians, modular DIY, and chain-level trust—reflects a different trade-off between speed, flexibility, and decentralization.
• There’s no one-size-fits-all solution. Staying safe means knowing how your bridge works—and what kind of trust model you’re opting into.
Over the past few years, $2.8 billion was stolen from cross-chain bridges — accounting for 44.8% of all DeFi hacks.
You read that right. Nearly half of all stolen funds in Web3 came from bridges alone.
They became hackers' favorite ATM: fast transfers, weak risk controls, guaranteed payouts.
That’s why bridges have become one of the most brutal battlegrounds for security innovation in crypto.
Some built 19-node multi-sigs.
Some opened up modular security toolkits for developers to DIY their own defenses.
Some even went full beast mode and turned themselves into entire blockchains.
In this piece, we’ll look at three major players — Wormhole, Hyperlane, and Axelar — and how they’re rewriting the rules of "trust" in cross-chain infrastructure.
Wormhole: Rebuilding After a $300M Hack
Wormhole is a cross-chain messaging protocol connecting over 30 chains.
It relies on a "Guardian Network" of 19 nodes to verify and approve cross-chain messages.
When you lock assets on Chain A, Wormhole’s Guardians listen to the event, verify it, and generate a VAA (Verifiable Action Approval), which Chain B uses to mint or unlock assets.
The 2022 Hack
In 2022, due to a signature verification bug, an attacker forged a VAA and stole over $320 million — the second-largest DeFi hack at the time.
Jump Crypto, Wormhole's backer, stepped in and covered the loss.
Post-Hack Security Overhaul
- Guardian Verification Revamp
Rebuilt the VAA signature process, tightened security checks, and improved rotation and contract deployment. - Governor Module
Caps how much and how fast funds can move out to prevent full-scale draining. - Real-time Monitoring and Emergency Kill Switches
Enables fast response to anomalies, backed by Jump Crypto’s infrastructure. - Massive Bug Bounty Program
Millions in rewards for responsible disclosures. - Modular Security Direction
Parts of the verification process moving on-chain; Guardian participation planned to be decentralized.
Pros & Cons
- Upside: Fast, chain-agnostic compatibility.
- Downside: Centralized trust via a public Guardian list — not game-theoretic or economically secure.
Hyperlane: Build Your Own Security
Hyperlane took a different route:
“You choose how you trust.”
It offers a modular cross-chain communication stack, made of:
- Mailbox contracts: Deployed per chain to send/receive messages.
- Relayers: Watch source chains and deliver data.
- ISMs (Interchain Security Modules): Define the message validation logic.
The Power of ISMs
ISMs let you use:
- Multi-sigs
- Optimistic challenge systems
- Wormhole’s Guardian signatures
- Or hybrids like: "specific signer + multi-sig + time delay"
Security isn’t handed to you — you have to assemble it.
Key Features
- Staked Verification Network
Uses HYPER tokens to offer default security setups. - Customizable ISMs
Choose different validation methods per chain. - Fully Permissionless Deployment
Any chain can integrate without official permission. - Push for Modular and Local Security
Encourages per-use-case validation logic.
Pros & Cons
- Upside: Maximum flexibility for projects who care about their security.
- Downside: Misconfigurations or lazy defaults are dangerous. Hyperlane won’t save you from yourself.
Axelar: Turning the Bridge Into a Blockchain
Axelar took the most radical path:
Build an entire chain just for cross-chain messaging.
Axelar is a full PoS blockchain built with Cosmos SDK, serving as a decentralized cross-chain coordinator.
Instead of off-chain multi-sigs, it uses on-chain consensus to verify events and trigger actions.
Core Security Features
- 75+ Validators
Attacks require control of majority staked tokens. - Flow Limits
Gateway contracts cap asset flows to reduce risk. - Key Rotation
Regularly rotated validator keys for better resilience. - Decentralized Voting Power
Anti-whale mechanisms to prevent vote centralization. - GMP (General Message Passing)
Supports cross-chain governance, smart contract calls, and more.
Developer Stack: MDS
Axelar recently launched the Mobius Development Stack, enabling easier cross-chain development:
- Interchain Amplifier
One-time integration connects you to all supported chains. - Interchain Token Service (ITS)
Deploy tokens across chains via UI, no coding needed.
Pros & Cons
- Upside: Inherently secure, integrated, with strong default guarantees.
- Downside: Heavier and slower to adopt new chains than modular tools.
Final Thoughts: Security Never Goes Out of Style
Cross-chain bridges are critical infrastructure — but also one of the biggest attack surfaces in Web3.
As a wallet, OneKey cares not just about bridging fast, but bridging safely and transparently.
Wormhole, Hyperlane, and Axelar represent three distinct trust models:
- Guardian-based trust (Wormhole)
- DIY modular trust (Hyperlane)
- Chain-level consensus trust (Axelar)
Each has strengths. Each has trade-offs.
There’s no perfect solution — only constant evolution.
At OneKey, we’ll keep watching the frontier of cross-chain security,
helping our users navigate risks and connect to the most trustworthy options out there.
