defirisk.co
rubric v1.7.0

Bridge validator-set rotation recency

A cross-chain & bridge factor in the v1.7.0 rubric. Measured per protocol on a e cadence.

Methodology how we score #

**What this measures** This factor records the number of months since the bridge's validator set was last changed — including additions, removals, and key rotations. The value is derived from bridge contract events and protocol governance records. This factor applies only to bridge-touching protocols; non-bridge protocols show this factor as N/A.

**Why it matters** A validator set that has not rotated for an extended period increases the risk that compromised keys are retained without detection. Key rotation is a standard operational security practice for high-value custody systems: it limits the window of exposure if a signing key is exfiltrated and ensures that long-dormant keys do not accumulate undetected privilege. Radiant Capital II ($53M, 2024) involved a suspected nation-state compromise of signing hardware that may have involved extended reconnaissance; a shorter key-rotation cycle would have limited the window. Conversely, overly frequent rotation without ceremony is also a concern — it may indicate operational instability or governance attacks.

**Green / Yellow / Red** Green is scored when the validator set has been rotated or reviewed within the past 12 months with documented ceremony and the rotation policy is publicly stated. Yellow is scored when the last rotation was 12–24 months ago or the rotation policy is undocumented. Red is scored when the validator set has not changed for over 24 months or has never been rotated since bridge deployment.

**Common gray cases** Gray is applied when bridge contract events cannot be fully decoded to identify signer-set changes, or when the bridge uses an off-chain governance process that is not mirrored on-chain.

**Notable historical examples** No cross-hacked incidents are currently linked in the database for this factor.

Measurement what to look for #

Measure the number of months since the last validator-set change for the bridge.

Data & output #

Data source
Bridge contract `ValidatorSetUpdated` event log via RPC
Output format
Green / Yellow / Red
Evidence artifact
Event log + last change timestamp + months-delta
Confidence signal
green = rotation within last 12 months (active maintenance); yellow = 12–24 months; red = >24 months or never rotated; gray = bridge not identified or events not enumerable

Scored protocols 80 carry this factor #

Protocol RD-F-155
Aave v3 ethereum yellow Across Protocol ethereum green Aerodrome Finance base not_applicable Axelar Network ethereum yellow Babylon Protocol bitcoin yellow Balancer (v2 + v3) ethereum not_applicable Beefy Finance ethereum gray BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum yellow Centrifuge ethereum yellow Chainlink CCIP ethereum not_assessed Circle USYC binance not_applicable Compound V3 (Comet) ethereum gray Concrete ethereum gray Convex Finance ethereum not_applicable crvUSD (Curve Stablecoin) ethereum not_applicable Curve Finance ethereum yellow deBridge ethereum gray Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx not_applicable EigenLayer ethereum not_applicable Ethena ethereum green ether.fi ethereum gray Euler V2 ethereum not_applicable Falcon Finance ethereum not_applicable Fluid ethereum gray Frax Finance ethereum gray GMX v2 (GMX Synthetics) arbitrum not_applicable Hyperlane ethereum gray Hyperliquid arbitrum yellow Jito solana gray Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron not_applicable Kamino Lend solana not_applicable Kinetiq hyperliquid not_applicable Lido ethereum yellow Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum not_applicable Lista DAO bsc gray Lombard Finance ethereum yellow M^0 ethereum yellow Maple Finance ethereum yellow Marinade Finance solana not_applicable Meteora solana not_applicable mETH Protocol ethereum gray Midas ethereum not_assessed Morpho V1 (Morpho Blue + MetaMorpho) ethereum not_applicable Multipli ethereum gray Ondo Finance ethereum yellow OpenEden ethereum not_applicable Orca solana not_applicable PancakeSwap bsc not_assessed Pendle Finance ethereum gray Polymarket polygon not_applicable QuickSwap polygon not_applicable Raydium solana not_applicable Rocket Pool ethereum not_applicable Sanctum solana not_applicable Save (formerly Solend) solana not_applicable Sky Lending (formerly MakerDAO) ethereum gray Spark Protocol ethereum gray Spiko stellar gray Stake DAO ethereum not_applicable StakeWise v3 ethereum not_applicable Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_applicable SUNSwap (sun.io) tron not_applicable Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum not_applicable Symbiotic ethereum not_applicable Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum not_applicable USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum gray Veda (BoringVault) ethereum gray Venus Protocol bsc not_applicable Wormhole ethereum gray Yearn Finance ethereum not_applicable
0 red · 13 yellow · 2 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-155 category 10 carried 80 critical no