★ Default bytes32(0) acceptable as valid root

Lombard Finance's assessment for RD-F-154 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CRITICAL — GREEN] BridgeV2 explicitly rejects bytes32(0): 'if (destinationChain == bytes32(0)) revert BridgeV2_ZeroChainId()' and 'if (destinationToken == bytes32(0)) revert BridgeV2_ZeroToken()'. Mailbox rejects bytes32(0) for recipient, destinationChain, and destinationMailbox with explicit revert statements. Consortium proof must validate against registered signers (empty/zero proof cannot produce valid cumulative weight). CCIP: Chainlink RMN rejects default-value messages at the protocol layer. The 'NOT TESTED AFTER UPGRADE OF CCIP TO 1.6.0' comment in TokenPool.sol relates to upgrade compatibility, not zero-root acceptance — the bytes32(0) rejection logic in BridgeV2 and Mailbox is unaffected by the CCIP version. Nomad-class ($190M) zero-root vulnerability not present.

Sources #

GitHub
Lombard CCIP TokenPool adapter sourceTokenPool.sol — CCIP adapter; NOT TESTED AFTER UPGRADE comment relates to compatibility not zero-root logicretrieved 2026-05-05
GitHub
Lombard BridgeV2.sol sourceBridgeV2.sol — explicit BridgeV2_ZeroChainId() and BridgeV2_ZeroToken() revertsretrieved 2026-05-05
GitHub
Lombard GMP Mailbox.sol sourceMailbox.sol — bytes32(0) recipient/chain/mailbox revertsretrieved 2026-05-05

Methodology #

Determine whether the bridge inbox accepts a default-value (bytes32(0)) Merkle root as a valid proof root (Nomad bug class).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lombard factor RD-F-154 score green collected_at 2026-05-05 12:03:08