Message Verification Flow
When a message is sent between chains, it goes through a verification process to ensure its authenticity. This page explains how that process works.
Overview
The verification process involves three key components:
- The Mailbox contract - The main entry point for message processing
- The ISM (Interchain Security Module) - The security verification contract
- The Recipient contract - The application that receives the message
Sequence Diagram
info
- If the recipient does not implement
ISpecifiesInterchainSecurityModuleorrecipient.interchainSecurityModule()returnsaddress(0), the default ISM configured on the Mailbox will be used to verify the message. - This is omitted from the sequence diagram for clarity.
How It Works
-
Type Identification
- The Relayer calls
moduleType()on the ISM to determine its category - Based on this type (e.g.,
MULTISIG,ROUTING,AGGREGATION), the Relayer knows what verification proof to collect - For Multisig ISMs, this means gathering cryptographic signatures from validators
- The Relayer calls
-
Message Submission
- The Relayer calls
Mailbox.process()providing both:- The original message
- The collected verification metadata
- The Relayer calls
-
Verification Process
- Mailbox queries the recipient contract via
interchainSecurityModule() - If no ISM is specified, Mailbox uses the default ISM
- Mailbox then forwards the message and metadata to the ISM's
verify()function - The ISM executes its security logic (e.g., signature verification, threshold checking)
- Mailbox queries the recipient contract via
-
Message Delivery
- Upon successful verification (when
verify()returnstrue), Mailbox callsrecipient.handle() - If verification fails, the transaction reverts and the message is rejected
- Upon successful verification (when