Axelar Cuts Secret Network Links After $4.67M IBC Asset Drain

Axelar has disabled its Secret Network connections after an incident affecting assets bridged over IBC from the Axelar chain to Secret Network.

The Axelar update placed the affected amount at roughly $4.67 million and said the issue appears isolated to the Secret-side ICS-20 smart contract used in the Cosmos IBC connection between Secret and Axelar. The emergency committee disabled the Secret and Secret-SNIP connections as a precaution.

Axelar’s core protocol was not affected. No other IBC connections, Secret tokens or Axelar integrations appeared impacted in the team’s initial assessment, keeping the incident focused on assets that had moved from Axelar to Secret through the affected route.

Secret-Side Contract Becomes The Failure Point

The incident sits inside the bridge layer between Axelar and Secret Network rather than Axelar’s validator network or wider interoperability stack. ICS-20 is the token-transfer standard used by IBC, and the affected path handled assets bridged from Axelar into Secret.

That distinction matters for users trying to understand the blast radius. A core Axelar compromise would imply broader cross-chain risk across integrations. The early incident scope points instead to one Secret-side contract path and the assets already sitting inside that route.

The disabled Secret and Secret-SNIP links now act as containment. Users cannot treat the connection as normal while the affected path remains under review, and bridged assets tied to that route are the center of the loss estimate.

Bridge Incidents Keep Hitting Narrow Integration Paths

The Axelar-Secret incident adds another example of cross-chain risk emerging at the integration layer rather than the headline protocol itself. Bridges and IBC routes connect different execution environments, token standards and security assumptions, which means a failure in one contract path can expose assets even when the broader network remains operational.

That pattern has appeared across recent bridge and vault incidents. The Aztec legacy bridge drain centered on old infrastructure that still held funds, while the KelpDAO cross-chain bridge exploit showed how bridge-linked exposure can turn into a much larger market event when high-value assets sit behind complex transfer paths.

Axelar’s incident is smaller than those losses, but the security lesson is the same inside the reporting record: the exposed route can be narrower than the brand name on the bridge, while the funds at risk remain real.

Investigation Remains In Progress

Axelar said exchanges and law enforcement have been contacted, and a detailed postmortem is being prepared. No recovery amount, attacker movement breakdown or final root-cause report had been published at the time of writing.