Elevated risk — never been directly hacked, but relies on a custom oracle system with a proven attack vector demonstrated in the Polymarket incident
Top Risks
1
UMA optimistic oracle demonstrated vulnerability in the March 2025 Polymarket attack ($7M loss) where a single entity accumulated 25% of voting power to manipulate market resolution. The same vector could theoretically be applied to Across bridge verification.
2
Intent-based architecture depends on active relayer network; relayer concentration creates censorship risk and single points of failure for bridge execution.
3
Custom oracle system (UMA optimistic oracle) with a 1-hour challenge window trades security for speed. If disputers are offline or economically disincentivized, fraudulent fills could be finalized.
Risk Breakdown
Frequently Asked Questions
Is Across Protocol safe to use?
Across Protocol receives a C+ risk grade (36/100) from Hindenrank, where lower scores indicate lower risk. Elevated risk — never been directly hacked, but relies on a custom oracle system with a proven attack vector demonstrated in the Polymarket incident A bridge that moves crypto between blockchains by having professional relayers front the money for instant transfers. It holds $41M in liquidity pools and has never been directly exploited in 2+ years of operation. Its C+ grade reflects the use of a custom oracle system (UMA) that has a proven attack vector demonstrated in the $7M Polymarket incident.
What are the main risks of using Across Protocol?
The key risks identified for Across Protocol are: (1) The system that verifies bridge transfers uses UMA token voting, and a $7M attack on Polymarket proved that a single wealthy actor can buy enough votes to approve fake transactions. This same mechanism secures Across. (2) Your transfer depends on professional relayers completing it. If they go offline during a market crash, your money could be delayed. (3) There is only a 1-hour window to catch fraudulent transfers. If nobody is watching during that hour, a fake claim gets approved and paid out from the liquidity pool.
What is Across Protocol's risk score breakdown?
Across Protocol scores 36/100 across eight risk dimensions: Mechanism Novelty: 6/15, Interaction Severity: 8/20, Oracle Surface: 7/10, Documentation Gaps: 2/10, Track Record: 3/15, Scale Exposure: 3/10, Regulatory Risk: 3/10, Vitality Risk: 4/10. The highest risk area is Oracle Surface at 7/10.
How does Across Protocol compare to other Bridge protocols?
Among 19 rated Bridge protocols on Hindenrank, Across Protocol ranks #8 by safety (lowest risk score = safest). Its 36/100 risk score and C+ grade place it in the middle tier of Bridge protocols.
Has Across Protocol ever been hacked or exploited?
Across Protocol scores 3/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.