Over the past few years, $2.8 billion has been stolen from cross-chain bridges — accounting for 44.8% of all DeFi hacks.
You read that right. Nearly half of all stolen funds in Web3 came from bridges alone.
They have become hackers' favorite ATM: fast transfers, weak risk controls, guaranteed payouts.
That’s why bridges have become one of the most intense battlegrounds for security innovation in crypto.
Some have built 19-node multi-sigs. Some have opened modular security toolkits for developers to DIY their own defenses. Some have even gone full beast mode and turned themselves into entire blockchains.
In this piece, we’ll look at three major players — Wormhole, Hyperlane, and Axelar — and how they’re rewriting the rules of "trust" in cross-chain infrastructure.
Wormhole: Rebuilding After a $300M Hack
Wormhole is a cross-chain messaging protocol connecting over 30 chains.
It relies on a "Guardian Network" of 19 nodes to verify and approve cross-chain messages.
When you lock assets on Chain A, Wormhole’s Guardians listen to the event, verify it, and generate a VAA (Verifiable Action Approval), which Chain B uses to mint or unlock assets.
But Wormhole was once the cautionary tale.
In 2022, due to a signature verification bug, an attacker forged a VAA and stole over $320 million — at the time, the second-largest DeFi hack ever.
Jump Crypto, Wormhole's backer, had to step in and cover the loss out of pocket.
That disaster triggered a massive security overhaul, including:
- Guardian Verification Revamp
Rebuilt the VAA signature process, tightened security checks, and improved rotation and contract deployment practices.
- Governor Module
Each Wormhole contract now caps how much and how fast funds can move out, preventing full-scale drain even under attack.
- Real-time Monitoring + Emergency Kill Switches
Backed by Jump Crypto’s resources, Wormhole set up live monitoring and fast-response mechanisms.
- Massive Bug Bounty Program
Offering millions in rewards to ethical hackers for responsible disclosure.
- Modular Security Direction
Moving parts of the verification process on-chain and planning to eventually decentralize Guardian participation.
Still, the core architecture hasn’t fundamentally changed:
It’s still a 19-signer system — not a fully decentralized consensus network.
Trust remains heavily based on a public list of Guardians, not on game-theoretic or cryptoeconomic guarantees.
The upside? Fast, chain-agnostic compatibility.
The downside? Centralized points of trust. No way around it (yet).
Hyperlane: Build Your Own Security
Hyperlane took a different route.
Instead of forcing you into a fixed security model, it said:
"You choose how you trust."
Hyperlane offers a cross-chain communication stack, made of three parts:
- Mailbox contracts: Deployed on each chain to send/receive messages.
- Relayers: Listen for source chain events and deliver data.
- ISMs (Interchain Security Modules): Decide whether a message is legit.
Here’s the kicker:
With ISMs, you can use multi-sigs, optimistic challenge systems, Wormhole’s Guardian signatures, or even create hybrid setups like "specific signer + multi-sig + time delay."
Security isn’t handed to you — you have to assemble it yourself.
Hyperlane provides a toolbox, not a single verdict.
The more carefully you customize it, the safer you are.
If you get lazy and use defaults, well… that’s on you.
Some key enhancements Hyperlane introduced:
- Staked Verification Network
Using HYPER tokens to offer a default security setup for teams who don't want to DIY.
- Customizable ISMs
Different validation strategies per chain — no more one-size-fits-all.
- Fully Permissionless Deployment
Any chain can integrate Hyperlane without waiting for official onboarding.
- Push for Modular + Local Security
Encourage projects to tailor their validation logic per use case.
But freedom comes with responsibility.
If you screw up your config or half-ass it, Hyperlane won’t catch you.
It’s perfect for teams who take their own security seriously — and not so great for those looking for "plug-and-play" solutions.
Axelar: Turning the Bridge Into a Blockchain
Axelar took the most radical approach:
Build an entire chain just for cross-chain messaging.
Axelar is a full PoS blockchain, built with Cosmos SDK, designed to serve as a neutral, decentralized cross-chain coordinator.
Instead of trusting a multi-sig or off-chain validators, you trust Axelar’s own consensus to verify cross-chain events.
Whenever you bridge assets, Axelar validators reach consensus on the event, and submit the action to the destination chain via Gateway contracts.
Key security features:
- 75+ Validators, Full PoS Consensus
Attacks require controlling a majority of staked tokens, not just a few keys.
- Flow Limits
Each Gateway caps asset flow to prevent mass draining in emergencies.
- Key Rotation
Validator signing keys are regularly rotated for resilience.
- Decentralized Voting Power
Bigger stake ≠ massively bigger vote; weights are smoothed to prevent whale takeovers.
- General Message Passing (GMP)
Beyond just assets — relay smart contract calls, governance votes, and more.
Recently, Axelar launched the Mobius Development Stack (MDS), making cross-chain app building even easier:
- Interchain Amplifier
One-time integration connects you to all chains Axelar supports — no manual setup.
- Interchain Token Service (ITS)
Deploy your token across multiple chains with zero coding, just via UI clicks.
Compared to Wormhole and Hyperlane, Axelar is heavier, slower to add new chains, but much more integrated and inherently secure.
You don't need to pick validators or design your own ISMs — you just trust Axelar’s chain-level security.
If you want a one-stop shop for bridging with strong default guarantees, Axelar is probably your best bet.
Final Thoughts: Security Never Goes Out of Style
Cross-chain bridges are critical infrastructure — but also one of the biggest attack surfaces in Web3.
As a wallet, OneKey cares not just about bridging fast, but bridging safely and transparently.
Wormhole, Hyperlane, and Axelar show three different philosophies of trust and security design.
Each has strengths, trade-offs, and different risk boundaries.
There’s no perfect solution — only constant evolution.
At OneKey, we’ll keep watching the frontier of cross-chain security, helping our users navigate risks and connect to the most trustworthy options out there.