defirisk.co
rubric v1.7.0

Bridge binds message to srcChainId

Usual (USD0 / bUSD0 / USUAL)'s assessment for RD-F-152 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

LayerZero V2 messages include source EID (endpoint identifier, chain-specific). OFT adapter validates source chain + peer address via isPeer() binding. Cross-chain replay to different source chain is prevented by EID binding at the protocol level. CCIP uses lane-based architecture (source+destination chain pair) for equivalent binding.

Sources #

  • Etherscan
    USD0 L1OFTAdapter — EtherscanL1OFTAdapter code: allowInitializePath and isPeer checks bind messages to specific chain EID and peer addressretrieved 2026-05-17
  • URL
    Blockaid — KelpDAO DVN AnalysisBlockaid KelpDAO analysis: attacker fabricated srcChainId to Unichain — LayerZero EID binding did not prevent attack because DVN was compromised (not a chain-ID validation failure)retrieved 2026-05-17

Methodology #

Determine whether the bridge message struct includes `srcChainId` and the verifier enforces per-chain separation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol usual factor RD-F-152 score green collected_at 2026-05-16 20:39:44