DeFi Bridge Verification

Are the assets flowing through your cross-chain bridges still resting on a DVN (Decentralized Verifier Network) threshold setup and RPC-node trust? When a fully-signed message arrives, is there an independent origin check before the receiving adapter executes it "as designed"?

Ronin (2022, $625M), Wormhole (2022, $320M), Kelp DAO (2026, $292M) — in each case the messages were cryptographically valid yet semantically forged.

• Protocol ops leads for DApps that depend on cross-chain messaging (LayerZero, Wormhole, IBC, etc.)
• Security and audit leads for liquid staking and restaking protocols
• Protocols at TVL between hundreds of millions and tens of billions where the bridge is a single point of failure
• On-chain security teams reviewing DVN configurations and RPC trust boundaries
• Operators preparing for audit, forensics, and regulatory response — and who need tamper-evident post-incident records

Lemma adds a cryptographic layer that independently verifies the origin of every cross-chain message before the receiving system commits state. We do not replace the DVN layer — we run a second, independent verification in parallel. Defense in depth.

If the DVN is compromised, or if a malicious RPC injects a forged message, the commit fails unless the origin proof verifies. Execution stops at the boundary — no waiting 46 minutes for a manual pauseAll. If post-incident malware wipes the RPC node and its logs, the on-chain anchored attestations survive; forensic evidence is preserved.

Where this fits as a second verification layer that defends TVL — alongside your current DVN configuration and receiving adapter — is what we map out in a first conversation.

Tell us your current bridge topology, DVN threshold, and the attack surface you're modeling. We'll explore together whether Lemma's pre-execution attestation layer could fit. No implementation details or sensitive production information required.

If we see a fit, we move to NDA and then into protocol-specific threat modeling, reference architecture, and PoC design.

Book a Discovery Call → Download whitepaper

In April 2026, Kelp DAO — a liquid restaking protocol on EigenLayer with $1.57B TVL at the time — was hit on the path that processes cross-chain messages via LayerZero OFT. The attacker compromised a 1-of-1 DVN, pushed a spoofed message into lzReceive, and drained 116,500 rsETH ($292M) to a controlled address. DVN approval passed. Signatures were valid. The message was never actually emitted on the source chain.

Cascading losses followed. The drained rsETH was deposited as collateral into Aave V3, borrowing ~106,467 WETH and leaving Aave with ~$177M of bad debt. Ecosystem TVL bled out by more than $13B over the next two days. Kelp's pauseAll came 46 minutes later. After the attack, malware on the compromised RPC node deleted itself and its logs.

With Lemma's pre-execution attestation in place, the message would have been rejected at the boundary regardless of DVN approval: the origin proof simply does not verify. The OFT adapter never commits. The drained rsETH stays in escrow. The Aave collateralization never happens. No 46-minute manual pause needed. Even if RPC malware wipes logs, the on-chain anchored attestations survive — forensic evidence is preserved.

Per-incident forensics, DVN-topology-specific vulnerability analysis, and Lemma's verification logic design are shared in the protocol-specific kit we send after the consultation call.

Lemma does not replace your DVN or your receiving adapter. We add a single verification gate immediately before incoming messages are processed.

The gate demands a ZK proof that the message was emitted under verifiable conditions on the source chain. If the proof does not verify, the receiving adapter refuses to commit state — no matter how many DVNs approved. The verification outcome and the attestation hash are anchored on-chain, so they remain available for audit and forensics.

The integration is messaging-layer-agnostic: the same origin-verification pattern fits LayerZero, Wormhole, IBC, and beyond. Per-stack integration patterns, parallel operation with DVNs, and emergency-pause flow design are detailed in the whitepaper and the post-call technical kit.

• The issuing entity and timestamp of every incoming message, plus the source-chain emission conditions (custody, solvency, etc.)
• Cryptographic binding between the origin proof and the received message, run as a second verification layer independent from the DVN
• Automatic rejection under forgery, spoofing, or RPC compromise
• On-chain anchored attestations that survive log-wiping post-incident malware

Supply Chain Component Provenance — Multi-Tier Tamper Resistance

Recorded ≠ untampered

The same "asset origin is not cryptographically verified" problem applied to physical components in multi-tier supply chains rather than crypto-assets. A structural complement within P1.

View use case →

Financial Data Exfiltration — Shared Non-Repudiable Proof

Access logs exist ≠ untampered

The TradFi structural mirror. DeFi's "messages are valid but origin is unproven" and TradFi's "logs exist but are not tamper-proof" are two implementations of the same principle.

View use case →

Multi-Agent Workflows — Chain of Delegation

Delegated ≠ traceable

Autonomous agent-to-agent transactions require the same "origin proof" as this use case. Bridge transactions in the agent economy become viable only with this combination.

View use case →