defirisk.co
rubric v1.7.0

Bridge rate-limiter / chain-pause as positive mitigant

A post-deploy hygiene & change mgmt factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures**

This factor is a *positive-mitigant* assessment — it contributes to a green grade when present rather than to a red grade when absent. It evaluates two structural controls on a bridge or cross-chain protocol: (1) whether a per-window outflow rate-limiter is implemented in the bridge contract (and at what cap relative to bridge TVL), and (2) whether the protocol team can trigger a chain-level or validator-set emergency pause to freeze further outflow during an active incident.

**Why it matters**

Bridge exploits have an inherent maximum-loss profile bounded by available liquidity at the moment of attack. Without a rate-limiter, a successful exploit can drain the entire bridge TVL in a single block; with a meaningful rate-limiter, the attacker is forced to surface the exploit incrementally over multiple windows, giving the team and broader ecosystem time to detect, intervene, and pause. Chain-pause capability extends this further — even after an attacker has begun draining, a coordinated validator-set or sequencer halt can freeze remaining funds in place. F185 captures the difference between a structural control that meaningfully bounds blast radius and a hot-bridge architecture where one signature failure is total loss.

**Green / Yellow / Red**

Green: rate-limiter present with cap ≤10% of bridge TVL per window AND chain-pause capability available to the protocol team. Yellow: one of the two controls present (rate-limiter without chain-pause, or chain-pause without rate-limiter). Red: neither rate-limiter nor chain-pause control available — exploit blast radius equals full bridge TVL. Gray: protocol does not have a bridge component (factor is N/A).

**Common gray cases**

The rate-limiter exists but its cap is dynamically configurable by an admin role without timelock — the assessment depends on current cap, not nominal presence of the mechanism.

**Notable historical examples**

No cross-hacked incidents currently linked in database for this factor. The reference *positive* case is **Dango** (Apr 2026), where a per-window rate-limiter capped post-exploit outflow at $410K out of a $1.9M attempted drain, and a validator-executed chain pause then froze the remaining $1.49M in place — yielding near-100% recovery and demonstrating both controls operating in sequence.

Measurement what to look for #

Determine whether the bridge implements a per-window outflow rate-limiter (and at what cap), and whether the protocol team can trigger a chain-level or validator-set emergency pause.

Data & output #

Data source
Source inspection for rate-limiter contract or logic + chain governance docs for validator pause capability + protocol docs on emergency procedures
Output format
Green / Yellow / Red
Evidence artifact
Rate-limiter contract address + window-cap USD + chain-pause mechanism (yes/no) + evidence URL
Confidence signal
green = rate-limiter present with cap ≤10% of bridge TVL per window AND chain-pause capability; yellow = one of the two controls present; red = neither rate-limiter nor chain-pause available; gray = protocol has no bridge component (N/A)

Scored protocols 80 carry this factor #

Protocol RD-F-185
Aave v3 ethereum yellow Across Protocol ethereum gray Aerodrome Finance base not_applicable Axelar Network ethereum green Babylon Protocol bitcoin yellow Balancer (v2 + v3) ethereum gray Beefy Finance ethereum yellow BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum gray Cap (cUSD / stcUSD) ethereum red Centrifuge ethereum yellow Chainlink CCIP ethereum green Circle USYC binance yellow Compound V3 (Comet) ethereum green Concrete ethereum not_applicable Convex Finance ethereum yellow crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum yellow deBridge ethereum yellow Dolomite ethereum not_applicable dYdX v4 (dYdX Chain) dydx yellow EigenLayer ethereum yellow Ethena ethereum green ether.fi ethereum green Euler V2 ethereum gray Falcon Finance ethereum not_applicable Fluid ethereum not_applicable Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum yellow Hyperlane ethereum red Hyperliquid arbitrum green Jito solana green Jupiter solana not_applicable Jupiter Perpetual Exchange solana yellow JustLend DAO tron yellow Kamino Lend solana not_applicable Kinetiq hyperliquid yellow Lido ethereum yellow Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum not_applicable Lista DAO bsc red Lombard Finance ethereum green M^0 ethereum yellow Maple Finance ethereum yellow Marinade Finance solana yellow Meteora solana yellow mETH Protocol ethereum yellow Midas ethereum red Morpho V1 (Morpho Blue + MetaMorpho) ethereum gray Multipli ethereum red Ondo Finance ethereum green OpenEden ethereum gray Orca solana not_applicable PancakeSwap bsc yellow Pendle Finance ethereum yellow Polymarket polygon red QuickSwap polygon not_applicable Raydium solana yellow Rocket Pool ethereum gray Sanctum solana not_applicable Save (formerly Solend) solana yellow Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum yellow Spiko stellar yellow Stake DAO ethereum not_applicable StakeWise v3 ethereum not_applicable Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid yellow SUNSwap (sun.io) tron yellow Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum gray Symbiotic ethereum not_applicable Synapse Protocol ethereum red Uniswap (v2 + v3) ethereum not_applicable USDD (Decentralized USD) tron yellow Usual (USD0 / bUSD0 / USUAL) ethereum red Veda (BoringVault) ethereum green Venus Protocol bsc yellow Wormhole ethereum gray Yearn Finance ethereum not_applicable
8 red · 32 yellow · 12 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-185 category 9 carried 80 critical no