Is CrossCurve Safe?

|Bridge
D+

Risk Grade: D+ (62/100)

CrossCurve is rated as high risk — extreme novelty, critical interactions, unproven at scale.

High risk — already exploited for $3M through a basic validation bypass, and the multi-layer security model proved weaker than advertised

A cross-chain bridge built specifically for Curve Finance pools, letting you swap stablecoins across blockchains. It raised $7M and processed $1.85B in its first year. Its D+ grade reflects a $3M hack in February 2026 caused by a missing security check that let anyone forge fake cross-chain messages.

TVL

Mechanisms

7

Interactions

5

Value Grade

D-

Key Risks for CrossCurve Users

1.

In February 2026, a hacker sent fake messages that the bridge accepted as real, draining $3M. The same attack pattern could be repeated at larger scale on any chain where CrossCurve operates

2.

The bridge claims to use three independent validation layers (Axelar, LayerZero, EYWA), but bypassing just one was enough to steal everything. The multi-layer security was false confidence

3.

The team offered the hacker a 10% bounty to return the funds. If the hacker launders the money through mixers instead, there is no recovery plan

Top Risk Factors

  • Exploited for $3M in February 2026 via spoofed cross-chain messages bypassing gateway validation in the ReceiverAxelar contract
  • Multi-validator consensus bridge (Axelar + LayerZero + EYWA Oracle) had a missing validation check that allowed unauthorized token unlocks from PortalV2
  • Cross-chain message validation is inherently complex; the protocol routes through three independent validation layers but a single bypass in one layer was sufficient to drain funds

Risk Score Breakdown

CrossCurve's highest risk area is Interaction Severity (20/20). Here's how each dimension contributes to the overall 62/100 score:

Mechanism Novelty6/15
Interaction Severity20/20
Oracle Surface5/10
Documentation Gaps7/10
Track Record15/15
Scale Exposure0/10
Regulatory Risk4/10
Vitality Risk5/10

Read the Full CrossCurve Risk Report

This protocol has 2 collapse scenarios. 1 critical and 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.

View Full Report →

Considering an investment?

Read our Investment Analysis →Compare Bridge Alternatives →

Related Bridge Safety Analyses

Is deBridge Safe?CIs Hyperlane Safe?CIs Brotocol Safe?CIs Synapse Safe?CIs LayerZero Safe?C+

Related Bridge Investment Analyses

Is deBridge a Good Investment?CIs Hyperlane a Good Investment?CIs Brotocol a Good Investment?D+Is Synapse a Good Investment?CIs LayerZero a Good Investment?C+

Ratings use Hindenrank's eight-dimension risk rubric. Lower score = lower risk. Grades range from A (safest) to F (riskiest). This is not financial advice.