The message relay mechanism trusted incoming messages without sufficient caller authority verification. Attackers could craft messages appearing to originate from legitimate relayers. Impact: Double-spend across chains, 00M+ bridge exploitation possible.