How Does Axelar Work?

Bridge|Risk C-|6 mechanisms|5 interactions

Updated April 19, 2026

Axelar is a cross-chain messaging network connecting 55+ blockchains via General Message Passing (GMP). Its security comes from a Cosmos-SDK Proof-of-Stake validator set (~75 validators) that signs threshold-BLS attestations for cross-chain messages. This is the classic 'external validator set' bridge security model — well-understood but with well-known failure modes. After the April 2026 KelpDAO LayerZero exploit ($292M) shifted cross-chain security into the spotlight, every bridge's validator-to-value ratio is under scrutiny. Axelar's Interchain Token Service (ITS) ships canonical cross-chain tokens with similar mint-authority architecture to LayerZero OFT — which means it inherits the same class of risk that just burned Kelp.

TVL

$137M

Sector

Bridge

Risk Grade

C-

Value Grade

Core Mechanisms

8.1.3 Message-passing bridges

Axelar General Message Passing (GMP) via external validator set

Core protocol is a Cosmos-based validator network that observes source-chain events and signs threshold-BLS attestations to be relayed to destination chains. Classic external validator bridge model.

8.1.3 Message-passing bridges

Novel

Interchain Token Service (ITS) for canonical cross-chain tokens

ITS provides canonical cross-chain token deployment primitives. Each ITS-issued token trusts the Axelar validator set for supply integrity across chains — similar to LayerZero OFT pattern exploited in Kelp.

3.1.1 Linear / pro-rata staking

AXL proof-of-stake (75+ validators, top 75 by stake)

Standard Cosmos-SDK PoS consensus. AXL delegators stake to validators who sign cross-chain messages.

3.2.1 Algorithmic slashing

Double-sign slashing + downtime slashing

Standard Cosmos slashing primitives. Does not yet slash for incorrect cross-chain message signing (key weakness).

8.4.1 Relayer fee models

Novel

Gas service paid in source-chain gas token, converted to destination fee

Axelar's Gas Service lets users pay cross-chain message fees on the source chain; service handles destination-chain gas provisioning. Nontrivial and relatively novel.

5.1.1 Token-weighted voting

AXL governance

Standard Cosmos governance via AXL holders.

How the Pieces Interact

External validator-set security↔Value bridged relative to stakeCritical

If AXL market cap and staked AXL fall below 3x value bridged, it becomes economically rational for a supermajority to collude and forge messages. Post-KelpDAO, this classic bridge-economics attack is newly relevant.

GMP attestation signing↔Downstream application trust assumptionsHigh

Applications using GMP (e.g., Squid router, Microsoft xRPC, ITS tokens) inherit Axelar security. A single Axelar validator-set compromise cascades to every downstream app.

ITS cross-chain tokens↔Per-chain mint authorityHigh

Any ITS token relies on Axelar's signature validity to mint on destination chains. A forged attestation (via validator collusion OR bug) mints unbacked tokens — same architectural shape as the Kelp rsETH exploit.

No slashing for incorrect cross-chain signing↔Validator incentive alignmentHigh

Validators who sign an invalid cross-chain message face no on-chain slashing beyond standard double-sign slashing. Enforcement relies on governance + social pressure, not code.

Gas service liquidity↔Cross-chain message latencyMedium

If the Gas Service runs low on destination-chain gas, messages can stall. Operational hazard rather than a loss-of-funds vector, but can halt arbitrary applications.

What Could Go Wrong

Validator-set security model — attackers need to compromise a supermajority of Axelar validators to forge messages; economic cost = 2/3 of AXL staked, which is modest vs the value bridged
KelpDAO April 2026 $292M LayerZero exploit demonstrates that bridge-config flaws are now the dominant DeFi exploit vector; Axelar connects 55+ chains so the per-chain configuration surface is vast
General Message Passing (GMP) is a generic cross-chain RPC — any application using GMP inherits the security assumptions of the Axelar validator set

Validator Supermajority Collusion or Compromise

Tail

Trigger: An attacker achieves collusion, coercion, or key compromise over 2/3+ of Axelar validators' signing power, enabling forgery of cross-chain messages

1.Attacker compromises validator keys (supply-chain attack, insider, etc.) or organizes collusion — Attacker can sign arbitrary cross-chain messages
2.Attacker forges ITS mint messages or asset-transfer messages on target chains — Unbacked tokens minted on destination chain(s)
3.Attacker drains liquidity from paired pools (DEXs, lending) using counterfeit tokens — Real value extracted
4.Downstream applications (Squid, etc.) accrue losses and/or halt — Ecosystem-wide damage across all Axelar-dependent protocols
5.Axelar governance attempts rollback or hard fork; validators and chains coordinate recovery — Extended halt of cross-chain messaging; trust damage persists

See all 3 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty8/15

Interaction Severity14/20

Oracle Surface6/10

Documentation Gaps6/10

Track Record10/15

Scale Exposure5/10

Regulatory Risk4/10

Vitality Risk4/10

C-

Overall: C- (57/100)

Lower score = safer

More on Axelar

Is Axelar Safe?

Safety analysis

Is Axelar a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related Bridge Explainers

How Does CrossCurve Work?D+How Does LI.FI Work?D+How Does Jumper Exchange Work?D+How Does deBridge Work?C-How Does Hyperlane Work?C-