Home / Critical Brief / Category archive
Lemma Critical Brief · Category archive

Bridge Config Trust

Single-key concentration in bridge trust configs; cross-chain message origin forgery.

4 Briefs
No. 023 · 2026-06-05

The Alephium TokenBridge Exploit ($815K)

Guardian Keys Intact, But No Verification of the Provenance of the Events They Signed

Pillar 01 Verifiable Origin Bridge Config Trust Identity & Auth Brief →
No. 016 · 2026-05-31

The Verus-Ethereum Bridge Hack ($11.58M)

A Valid Merkle Proof, But No Verification That the Source Amount Matched the Payout

Pillar 01 Verifiable Origin Bridge Config Trust Identity & Auth Brief →
No. 001 · 2026-05-29

KelpDAO / rsETH Unauthorized Unlock

RPC Manipulation Attack on the DVN Observation Layer

Pillar 01 Verifiable Origin Bridge Config Trust Identity & Auth Brief →
No. 002 · 2026-05-29

Stake DAO vsdCRV Unauthorized Mint

LayerZero v2 Trust Source Rewriting via Deployer Key

Pillar 01 Verifiable Origin Bridge Config Trust Identity & Auth Brief →