The cross-chain interoperability protocol Axelar Network disabled its connection to Secret Network on Friday, June 19, 2026, following a security exploit that resulted in the loss of approximately $4.67 million. Investigators traced the vulnerability to a specific smart contract on the Secret side of the connection. The incident did not compromise Axelar’s core protocol, which remains operational across other network integrations.
The Axelar emergency committee took immediate action to sever ties with the network after identifying the breach. Specifically, the protocol disabled both the Secret and Secret-SNIP connections. This move followed the discovery that assets bridged over the Inter-Blockchain Communication (IBC) protocol from the Axelar chain to Secret Network were being targeted. According to Axelar’s initial assessment, “approximately $4.67M worth of tokens” were stolen during the event.
Security teams have identified the Secret-side ICS-20 smart contract as the primary source of the failure. This contract is used within the Cosmos IBC connection to handle assets moving between the two networks. The protocol noted that other IBC connections and native tokens on the Secret Network appear to be unaffected by this specific vulnerability.
Technical isolation of the bridge exploit
While the loss is absolute, officials from Axelar emphasized that the issue was isolated to a single integration point. This highlights a persistent challenge for cross-chain infrastructure where individual smart contracts can become points of failure even when the underlying bridge architecture is secure. Axelar uses IBC for cross-chain security but isolates certain module functionalities to prevent a single flaw from cascading through the entire network.
This incident follows a pattern of bridge security events in recent years. In July 2024, the Terra blockchain suffered a $4 million loss via IBC hooks that specifically affected Axelar USDC. More recently, in February 2026, the CrossCurve cross-chain bridge was exploited for an estimated $3 million due to separate access control flaws in receiver contracts.
Axelar leadership has previously advocated for multi-layered security models, pointing to massive industry losses like the $290 million attack on LayerZero in April 2026. This recent event reinforces the protocol’s strategy of maintaining emergency committees that can quickly disable individual routes.
Recovery steps and law enforcement communication
The protocol has already initiated a standard response procedure to mitigate further theft. These steps currently include:
* Disabling all Secret and Secret-SNIP bridge routes immediately.
* Contacting relevant cryptocurrency exchanges to monitor movement of the stolen funds.
* Opening investigations in conjunction with law enforcement agencies.
* Preparing a detailed technical post-mortem to be released to the community.
The core Axelar validator network was not impacted by the exploit, and no other blockchain integrations linked via Axelar were reported to have similar vulnerabilities. The protocol’s ability to sever the connection without affecting its primary operations suggests its risk-isolation protocols functioned as designed.
Long-term integration for private messaging
The partnership between Axelar and Secret Network is intended to support private cross-chain messaging and NFT transfers. These features allow users on one chain to utilize the privacy-preserving technology of the Secret Network without abandoning their native assets. While this exploit disrupts that functionality, the long-term goal of private interoperability remains a focus for both ecosystems.
Recent trends show that Ethereum network activity and other major chain movements often fluctuate, but the technical demand for security within bridge contracts is constant. Axelar’s focus is now on the investigation into the ICS-20 contract to provide insight into how the assets were accessed.
Neither Axelar nor Secret Network has released the full technical details of the exploit’s execution at this time. Traders and bridge users are advised to monitor official channels for the pending post-mortem report, which will outline the path toward a potential resolution and reconnection of the networks.