Modular Security
Hyperlane is secured by Interchain Security Modules (ISMs). ISMs are smart contracts that are responsible for verifying that interchain messages being delivered on the destination chain were actually sent on the origin chain.
Core Concepts
Default vs Custom ISM
Developers can either use the Mailbox's default ISM or specify their own application-specific ISM.
Application-specific ISM can be:
- Configured: Use pre-built ISMs with custom parameters
- Composed: Combine multiple ISMs together like security "legos"
- Customized: Create entirely new ISMs tailored to specific needs
The "default ISM" refers to the pre-configured security module on the Mailbox contract (that is the Multisig ISM) which is used when applications don't specify their own custom ISM.
Configure
Hyperlane defines a set of pre-built ISMs. Developers can deploy any of these contracts "off-the-shelf" and configure them with their own parameters.
For example, application developers that want increased sovereignty over interchain security could deploy a Multisig ISM configured with validators sourced from their own community.
Compose
ISMs act as "security legos". Developers can mix and match different ISMs together to encode a security model that best fits their needs.
For example, application developers that want additional security could deploy an Aggregation ISM that requires verification by both a Multisig ISM configured with validators from the Hyperlane community, and a Wormhole ISM that verifies that a quorum of the Wormhole validator set verified the message.
Customize
ISMs are fully customizable. Developers can write their own ISMs, tailoring them to the needs of their application.
For example, application developers can build ISMs that adjust security models based on message content. High value and infrequent messages (e.g. governance) could be verified by a security model that prioritizes safety over latency and gas costs. Lower value and more frequent messages could be verified by a security model that prioritizes latency and gas costs over safety.
Learn how to Create your own ISM
Available ISMs
Standard ISMs
Standard ISMs are pre-built modules developed by the AW team.
| ISM Type | Description | Type |
|---|---|---|
| Multisig ISM | Verifies messages through validator consensus | Standard |
| Routing ISM | Routes verification to different ISMs based on origin chain or message content | Standard |
| Aggregation ISM | Combines multiple ISMs to require verification from several sources | Standard |
| CCIP-Read ISM | Verifies messages using off-chain data sources | Standard |
Community ISMs
Community ISMs are developed and maintained by the community to extend ISM capabilities.
| ISM Type | Description | Type |
|---|---|---|
| Wormhole ISM | Verifies messages using attestations from Wormhole's guardian network | Community |
| Polygon PoS ISM | Uses Polygon's state sync mechanism for secure message passing between Ethereum ↔ Polygon PoS | Community |
| Optimistic ISM | Implements an optimistic verification model with a fraud window where watchers can flag fraudulent messages | Community |
| OP Stack ISM | Uses OP Stack rollup's settlement layer security for messages between Ethereum ↔ OP Stack rollups | Community |
| Arbitrum L2 to L1 ISM | Uses Arbitrum rollup's security properties for messages sent from Arbitrum L2 ↔ Ethereum | Community |