Bridge Dependencies

Mints native bridge can mint the native token (unbacked supply dilutes every holder)Bridged token is locked at home; only a bridged copy exists on remote chainsTransport token is not bridged, only the underlying asset is bridged (e.g. USDC)

AggLayer (LxLy)

Unified canonical bridge (Polygon CDK / AggLayer)
2 direct · 1 indirect

The AggLayer LxLy unified bridge (`PolygonZkEVMBridgeV2`, same address on every connected chain) links Ethereum (network 0) to AggLayer chains such as Katana (network 20). Assets are escrowed in the L1 bridge and a wrapped representation is minted on the destination. Katana additionally uses "Vault Bridge" tokens (e.g. vbUSDC), which deposit the escrowed asset into yield vaults — so holders of the bridged token are exposed to both the bridge and the underlying vault.

Protocol / TokenTypeModelIntegrationDetails
Spectra FinancedirectTransportvbUSDC MetaVault on KatanaA live MetaVault on Katana holds Vault Bridge USDC (~$1.26M TVL); the MetaVault share itself is not bridged, but its backing sits behind the AggLayer bridge
Yearn yvUSDdirectTransportAggLayer LxLy + Vault Bridge USDC (vbUSDC)`KatanaStrategy` ("Katana yvUSDC Compounder", ~$1.92M USDC) wraps USDC into vbUSDC `0x53E8…a765e` and bridges to Katana (AggLayer network 20); reports return via the bridge's `onMessageReceived` callback
FlexindirectTransportCollateral is yvUSD (which bridges to Katana)yvUSD's Katana leg sits behind the AggLayer bridge; a fault there feeds into yvUSD's PPS, which is Flex's sole collateral and oracle input

Chainlink CCIP

Cross-chain interoperability protocol
3 direct

Chainlink's cross-chain interoperability protocol. Security has two layers. (1) Message verification is Chainlink-operated and NOT protocol-configurable: a committing DON signs each batch, and an independent Risk Management Network (RMN) can bless or "curse" (halt) a lane on anomaly — comparable to Circle's CCTP attesters in that a protocol cannot change it. (2) Token movement runs through a token pool the protocol itself deploys, owns, and configures — burn/mint or lock/release, registered in CCIP's TokenAdminRegistry — and this is where per-protocol risk lives: the owner sets per-lane rate limits (capacity caps that bound how much can be bridged), the supported lanes, and who can change them. So the model column reflects the pool mechanism (mint vs lock), and the real protocol-specific knobs are rate limits + pool ownership rather than a verifier quorum. Verified onchain: the integrated pools run with rate limiting enabled (Apyx apxUSD ~5M per lane; Maple syrupUSDC ~9.5M in / ~8.6M out per lane).

Protocol / TokenTypeModelIntegrationDetails
Apyx apxUSDdirectBridgedChainlink CCIP (LockReleaseTokenPool)TokenAdminRegistry maps apxUSD to pool `0x0e9c…5BB5` (LockReleaseTokenPool 1.6.1) — canonical apxUSD is escrowed on Ethereum; Base holds a bridged representation
Centrifuge JAAAdirectMints nativeChainlink CCIP (2-of-2 MultiAdapter)Second half of the 2-of-2 quorum with LayerZero V2; a forged message reaching the Spoke could mint JAAA, but BOTH bridges must be compromised
Maple (syrupUSDC)directBridgedChainlink CCIP (LockReleaseTokenPool)LockReleaseTokenPool holds ~13% of supply on mainnet, backing bridged syrupUSDC on Base/Arbitrum/Solana

Circle CCTP

Native USDC burn-and-mint bridge
3 direct · 1 indirect

Circle's Cross-Chain Transfer Protocol moves native USDC by burning on the source chain and minting on the destination, gated by Circle's off-chain attestation service. Using canonical CCTP removes third-party lock-and-mint bridge risk; the trust assumption reduces to Circle's availability and attestation finality.

Protocol / TokenTypeModelIntegrationDetails
Gauntlet gtUSDadirectTransportCircle CCTP V2 (native burn/mint)Bridges USDC across Base/Arbitrum/Optimism to Morpho
Origin OUSDdirectTransportCircle CCTP V2Cross-chain strategies bridge ~42% of TVL to Base and HyperEVM
Yearn yvUSDdirectTransportCircle CCTP V2 (CCTPStrategy)Bridges USDC to Arbitrum (funded, ~3.5%) and Base (added, 0 debt); Katana uses AggLayer separately
FlexindirectTransportCollateral is yvUSD (which bridges via CCTP)

LayerZero

Omnichain messaging (OFT / OApp)
10 direct · 2 indirect

Generic cross-chain messaging. Tokens bridge via the OFT / OFT-Adapter standard; security depends on the configured DVN (Decentralized Verifier Network) set and the token's mint/burn authority on each chain. The Security column shows the DVN quorum — how many independent verifiers must attest a message before it executes — where a 1-of-1 is a single point of failure (the configuration behind the April 2026 rsETH incident). Values are read onchain from each route's ULN config; the badge links to the config source.

Protocol / TokenTypeModelSecurityIntegrationDetails
Across ProtocoldirectTransportTODOLayerZero OFT (asset routes)The assessed asset is the V2 LP token, which is not bridged; Across integrates LZ OFT to move bridged assets through its own routes
Cap stcUSDdirectBridged3-of-3LayerZero OFT Adapter ("LayerZero vault")Adapter `0x983a…4137` escrows 25,311,191 stcUSD — ~52% of the 48.68M supply, the largest locked share on this page; Katana runs a native OFT at the same vanity address `0x8888…8888`
Centrifuge JAAAdirectMints nativeTODOLayerZero V2 (2-of-2 MultiAdapter)Spoke `0xEC35…25aB` holds `wards` mint authority on JAAA and mints on cross-chain message; 5 DVNs on the LZ side and a 2-of-2 quorum with CCIP mean BOTH bridges must be compromised
InfiniFidirectBridged4-of-4LayerZero OFT Adapters (siUSD + iUSD)siUSD adapter `0x5f21…c3c0` escrows 29,340 siUSD and iUSD adapter `0xdd1c…3005` escrows 4.33 iUSD; both mint native OFTs on Katana. Neither adapter holds RECEIPT_TOKEN_MINTER, so they cannot mint native supply
Midas mHYPERdirectMints native4-of-4LayerZero OFT Adapter (MidasLzMintBurnOFTAdapter)Adapter holds M_HYPER_MINT_OPERATOR_ROLE (mint has no onchain backing check) and the burn role
Paxos USDGdirectMints native3-of-3LayerZero V2 OFT (OFTWrapper)OFTWrapper is Supply Controller SC3 with 45M USDG mint capacity (~521 USDG/sec refill) — the bridge can mint native USDG
Re (reUSD)directMints native2-of-2LayerZero OFT (ReMintBurnAdapter)ReMintBurnAdapter holds a live cross-chain mint path on reUSD; active on Avalanche, Arbitrum, Base, BNB; 2.5M/24h rate limit
Resolv RLPdirectBridged2-of-3LayerZero OFT AdapterOFT Adapter `0x234c…d06c` escrows canonical RLP on Ethereum (133,516 RLP locked of 14.64M supply); remotes are bridged OFTs
Resolv wstUSRdirectBridged2-of-3LayerZero OFT AdapterOFT Adapter `0xab17…1978` escrows canonical wstUSR (406,723 locked, ~22% of supply); live on Arbitrum, Base, BSC, Bera, Soneium, HyperEVM, TAC
Sky USDSdirectBridged2-of-2LayerZero V2 OFT Adapter (Solana + Avalanche only)Minor route: LayerZero handles only Solana + Avalanche (~48.7M locked, <0.7% of cross-chain supply) and does NOT hold `wards` on USDS. The bulk of USDS/sUSDS bridges via native rollup bridges — see the Native Rollup Bridges row
FluidindirectBridged4-of-4rsETH market exposureInherits rsETH's LayerZero OFT Adapter model (canonical rsETH escrowed on Ethereum)
KernelDAO hgETHindirectBridged4-of-4Wraps rsETH (Kelp DAO)rsETH bridges via OFT Adapter `0x85d4…8Ef3`, which escrows 46,254 rsETH (~9.6% of supply) — it cannot mint native rsETH

Native Rollup Bridges

Canonical L2 bridges (OP Stack / Arbitrum Nitro)
1 direct

Each rollup's own canonical token bridge (OP Stack StandardBridge, Arbitrum Nitro gateway, etc.). L1 tokens are escrowed and minted 1:1 on the L2 by the rollup's bridge; security inherits the L2's proof system and challenge window rather than an external validator set — generally the lowest-trust bridge class, but still a dependency for any asset held on an L2. No DVN concept applies.

Protocol / TokenTypeModelIntegrationDetails
Sky USDSdirectBridgedOP Stack + Arbitrum Nitro canonical bridges (SkyLink)Primary USDS/sUSDS cross-chain route: ~$0.45B USDS + ~812M sUSDS escrowed on L1 and minted 1:1 on Base, Optimism, Unichain (OP Stack) and Arbitrum (Nitro). No bridge holds `wards` on USDS; LayerZero carries only Solana + Avalanche (<0.7%)

23 dependencies across 5 bridges. Each row links to its risk report. This table is maintained from the reports — see the report and reassessment workflows for how new bridge dependencies are added.