Across V3

mirror.xyz · Zach Obront · 4 hours ago · vulnerability
0 net
AI Summary

A High Severity vulnerability was discovered in Across V3, a cross-chain optimistic bridge, that could allow malicious relayers to steal the full value of certain transactions from users by exploiting the relayer fulfillment mechanism prior to UMA Optimistic Oracle validation.

Tags
cross-chain-bridge optimistic-bridge relayer-vulnerability fund-theft vulnerability-disclosure high-severity uma-oracle security-research
Entities
Across V3 zachobront deadrose UMA Optimistic Oracle
About Activity Share Home Explore New post Dashboard Newsletter Search... Ctrl + K zachobront Sign in 👁🔎🐞 More from zachobront zachobront Feb 26 Across V3: Cross Chain Action Vulnerability Disclosure Across V3 is a cross chain optimistic bridge. Users deposit assets on an origin chain, and relayers compete to immediately fulfill the request on the destination chain. At a slower pace, the protocol uses UMA’s Optimistic Oracle to validate relays, and LP funds are used to refund the relayers. On January 28th, 2025, deadrose and I discovered a High Severity vulnerability in the protocol that would allow the full value of certain transactions to be stolen from users by malicious relayers. To u... View more Subscribe Subscribe to zachobront Subscribe <100 subscribers
← Back to stories