Concrete, Hypernative, and zeroShadow built a pre-execution control layer that validates destination outcomes before funds move.
This case study was written in collaboration with Concrete and zeroShadow.
MPC wallets like Fireblocks and Fordefi have become the default for institutional custody. They’ve solved key problems around key management and transaction authorization.
But as capital moves across chains, a more subtle issue emerges. Most MPC policies can control who initiates a transaction and how much is sent. What they often cannot enforce is where those funds ultimately land. At Concrete, that gap wasn’t acceptable.
To secure cross-chain vault operations, Concrete worked with zeroShadow and Hypernative to introduce real-time, pre-execution enforcement directly into the transaction flow. The result is simple: transactions are no longer approved based on intent, but on outcome.
Concrete operates across multiple chains, routing capital through bridges, strategies, and vault systems. Like most institutional setups, this relies on MPC-based custody.
On the surface, these systems are robust. Policies define who can sign, what assets can move, and which contracts can be interacted with. But there is a structural limitation.
In many bridge transactions, the final destination address is embedded inside contract calldata. From the perspective of the MPC policy, the transaction is simply interacting with an approved bridge contract. The actual recipient on the destination chain is not enforced.
This creates what is called the Destination Gap: a transaction can pass every policy check and still send funds to the wrong place.
In practice, this means risk may shift from approval authority to destination integrity. Without additional destination validation, an authorized user could submit a transaction that routes funds to an unintended address, and operational mistakes or front-end compromise may not be independently caught by standard policy checks.
The system is functioning exactly as designed, but the design still assumes something critical: that the user will get it right.
Concrete is built on the opposite assumption.
To remove this dependency on user behavior, Concrete integrated Hypernative Guardian directly into the approval flow, architected by zeroShadow. Now, every bridge transaction is evaluated before it can ever be signed.
When a transaction is initiated, it is first simulated in real time. Hypernative then decodes the bridge call to determine the actual destination address on the target chain. That destination is checked against a dynamic whitelist managed at the infrastructure level.
If the destination is approved, the transaction proceeds. If not, it never reaches the signing threshold. If the decoded destination does not match an approved destination, the transaction is rejected before signature completion.
This is a fundamental shift. Traditional systems monitor and react. This system prevents.
This approach changes how security functions inside Concrete.
No individual user in the covered workflow can unilaterally route funds to a non-approved destination through that workflow. The system enforces constraints at the outcome level, not the action level.
For allocators and counterparties, this moves security out of the realm of process and into architecture. It’s no longer about trusting operators or reviewing procedures. It’s about embedding destination constraints directly into the approval workflow for the transactions in scope.
That distinction matters.
As DeFi matures, infrastructure needs to meet the same standards as institutional finance: deterministic behavior, enforceable constraints, and transparent guarantees. Concrete’s vault architecture is built around that principle, where risk management is encoded directly into how capital moves.
Operationally, this also unlocks scale. As new chains and strategies are added, security does not become more fragile. Whitelists can be updated dynamically, and capital can move freely within predefined constraints without increasing risk.
The limitation of traditional MPC setups isn’t that they’re insecure. It’s that they stop one step short. They verify who is allowed to act, but not what the final state of that action will be.
Concrete addresses that gap by combining approval controls with destination-level validation for the integrated workflow.
This is part of a broader shift in DeFi infrastructure. The industry is moving away from permission-based systems toward outcome-based guarantees. Instead of asking whether a user is allowed to perform an action, the system defines what results are possible.
Everything else is rejected by default.
The Destination Gap has existed quietly in institutional workflows for years. It wasn’t a bug, it was a blind spot.
By integrating real-time simulation and destination enforcement into the transaction flow, Concrete reduces that blind spot by introducing destination-level validation before execution.
This control is designed to reduce reliance on manual vigilance by embedding destination validation into the transaction flow. It is enforced by design.
This article is for informational purposes only and does not constitute an offer to sell or solicitation of an offer to buy any security, investment product, or service. Digital asset operations involve risk of loss, including through smart contract vulnerabilities, bridge exploits, and operational failures. The security measures described reflect the current implementation and do not guarantee against all forms of loss. The controls described here apply to specific configured workflows and may not apply to all transactions, chains, assets, or operational scenarios.
zeroShadow is the leading Web3 Security Risk Management firm. We act as an extension of our clients' security teams, implementing active defense layers and 24/7 monitoring to protect the world's most sophisticated DeFi protocols. For more information, visit https://zeroshadow.io/
Concrete is an Ethereum-based protocol that provides institutional-grade vault infrastructure for on-chain asset management. With a proven track record of executing billions in structured flow volume, Concrete offers sophisticated vault architecture and strategy layering to enable secure and transparent yield strategies in the DeFi ecosystem. Concrete is part of the Blueprint ecosystem. For more information, visit https://concrete.xyz/
Hypernative is a real-time monitoring, risk detection and automated response solution that identifies threats with high accuracy and gives customers precious minutes to respond before exploits can do damage. The platform tracks both onchain and offchain data sources and uses battle-tested, sophisticated machine learning models, heuristics, simulations, and graph-based detections to identify over 300 risk types, from smart contract hacks and bridge security incidents to frontend compromises, market manipulations and private key theft.
Reach out for a demo of Hypernative’s solutions, tune into Hypernative’s blog and our social channels to keep up with the latest on cybersecurity in Web3.
Secure everything you build, run and own in Web3 with Hypernative.
