Wormhole guardians and VAA verification
Wormhole is a message passing network secured by a permissioned guardian set. Guardians observe emitted messages on source chains and co-sign a Verified Action Approval.
A VAA is just a signed payload: destination chains verify the threshold signature and execute the message. This is simpler than IBC's light client model and much cheaper, but it pushes the security assumption onto the guardian committee.
The 2022 exploit - where a missing signature-verify step let an attacker forge a VAA - forced a hard reckoning with the guardian model. The team rebuilt, invested heavily in audits and formal work, and is now layering Native Token Transfers and cross-chain governance on top of the same VAA primitive.
The history makes Wormhole one of the most instructive case studies in bridge security.
- guardian set
- VAA (verified action approval)
- multisig threshold
- cross-chain governance
- Native Token Transfer
- EP 009CH-022026-03-30
Wormhole guardians and the VAA rebuild
The 2022 exploit, the guardian set model, and the long engineering road back. We look at what the VAA verification pipeline looks like post-rebuild.
WATCH ->
