Published on

Concero & Chainlink: Delivering Institutional-Grade Security for Cross-Chain Messaging

Authors
Article banner

Introduction

In the pursuit of a truly interconnected blockchain ecosystem, the industry has long chased the “holy grail” of seamless interoperability. Yet the challenge has never been merely about moving data; it's about doing so with a composable, user-defined balance of security, speed, and flexibility. Historically, cross-chain solutions have constrained both protocols and users within a rigid interoperability trilemma, forcing them to compromise among these key attributes.

This “one-size-fits-all” model is fundamentally incompatible with the rise of the app-specific chains. In this new paradigm, value generators like dApps, protocols, and asset issuers rightfully demand sovereignty over their interoperability stack. The security requirements of a high-value DeFi protocol differ greatly from those of a high-throughput cross-chain social platform. Each must be free to optimise for the attributes most critical to its operation.

Appchain era

Concero meets this demand not by building another monolithic bridge, but by architecting an open, permissionless marketplace for trust. It unbundles the interoperability stack into role-specific modules, allowing applications to compose their own stack for each message and directly specify the actors they trust.

As cross-chain applications increasingly require messaging that scales across heterogeneous networks without imposing a single, rigid trade-off between security, latency, and cost, Concero introduces a programmable messaging pipeline powered by the Chainlink Runtime Environment (CRE). Within this framework, CRE acts as a pluggable verifier - executing defined workflows, producing attested results, and enabling applications to match verification strength to the needs of each message while maintaining clear operational visibility and avoiding vendor lock-in.

This article mainly focuses on how CRE is implemented in Concero to elevate system modularity to the next level.

The Evolution: From a Coupled System to a Composable Marketplace

Concero V2 was designed for reliability, proving that secure, verifiable cross-chain messaging was possible. However, it operated as a tightly coupled, end-to-end system, in which message transport and verification were bound together, but not modular enough to meet current market demand. While robust, this structure limited innovation. Integrating a new validation method or supporting a niche chain often required protocol-wide upgrades, forcing all users to adopt the same changes.

As the market shifted toward specialisation and app-specific chains, this monolithic model could no longer meet the ecosystem's diverse needs.

Building on the foundation of cryptographic assurances and economic alignment, Concero redefines interoperability as a configurable service layer rather than a fixed infrastructure. By breaking the monolith, we rearchitected the protocol around a modular, interface-driven design that prioritises composability and autonomy.

concero modular

At its immutable core, Concero features a stateless Router contract for sending and receiving cross-chain messages, paired with on-chain Registries that help applications discover and verify trusted actors. This separation of roles creates a flexible foundation where each module evolves independently, empowering developers to compose interoperability to fit their unique trust and performance needs.

Everything else — the actual work — is now externalised. This is achieved by unbundling the core interoperability stack into three distinct, role-specific modules:

  • RPCs: Configurable data access, leveraging existing third-party infrastructure.
  • Relayers: Independent, permissionless operators who register and compete on the speed and cost of message transport.
  • Verifiers: A permissionless registry where any entity can offer validation services, from light clients and ZK proofs to TEE attestations or simple quorums.

This shifts Concero from being the "service provider" to being the "marketplace architect". We no longer dictate the security model, we provide the universal socket and the directory. This new architecture allows a dApp to, for a single transaction, compose its own stack, effectively "hiring" its preferred validator and relayer from an open, competitive market. This is the true meaning of modularity: we've given the keys to the value generators.

A detailed whitepaper on Concero's new architecture will be released soon, providing an in-depth look at how the system works.

About the Chainlink Runtime Environment (CRE)

Concero's marketplace architecture is an open platform where any verifier can register, perform custom off-chain logic, and submit a tamper-proof report. To build the foundation for this marketplace, we utilised the innovative capabilities of CRE.

cre platform

CRE is not an incremental update; it's a comprehensive rearchitecture of Chainlink's industry-standard platform, designed to scale across thousands of blockchains and existing systems. It functions as an orchestration layer for complex workflows, which are powered by secure off-chain computation run by Chainlink's battle-tested, decentralised oracle networks (DONs).

CRE's power lies in its new microservice-inspired architecture. Previously, Chainlink offered pre-packaged, monolithic services, such as Chainlink Automation or VRF. CRE breaks these down into "reusable modular capabilities," such as reading a chain, performing consensus, calling an API, or writing a chain. This model empowers developers to compose these capabilities into custom workflows.

This capability is foundational to our cross-chain messaging strategy. It provides a ready-made, highly reliable "truth network," saving us from having to build and maintain this complex global infrastructure. The reduction in complexity is massive. It is noted that integrating a Chainlink Proof of Reserve feed, which previously required complex customisation and maintenance, can now be expressed as a workflow by a single developer in a matter of hours.

For Concero, this is a direct parallel. We can now offer incredibly complex, custom validation via CRE as just one of the important actors in our marketplace, listed right alongside ZK proofs or TEE attestations provided by other validators, all consumable through a single, standard interface.

CRE as A Level 5-Security Verifier in Concero

A developer can define complex logic in Go or TypeScript, which CRE compiles and executes in a decentralised manner. This allows Concero to securely outsource computationally intensive tasks, such as our core use case of fetching an event log, waiting for hundreds of block confirmations, performing a hash, and then achieving consensus on that result.

The power of Concero's modular architecture is best understood by walking through our integration of the Chainlink Runtime Environment (CRE). This integration establishes CRE as a foundational verifier in our marketplace, offering dApps a "plug-and-play" option for institutional-grade security.

The General Message Lifecycle

message cycle

First, the end-to-end sequence for any message sent through Concero follows a standard set of steps.

  1. Initiation: The process begins when a Client (dApp) chooses its desired verifiers and relayers for a message. It then calls conceroSend on the Source Router with all the message parameters.
  2. Event Emission: The Source Router validates the request, accepts the fees, and emits a ConceroMessageSent event log. This event is broadcast to the network.
  3. Relayer Pickup: A permissionless Relayer monitoring the chain detects this event and takes responsibility for processing it.
  4. Off-Chain Validation: The Relayer is now responsible for getting the message validated. It sends a standard HTTP request validation to the endpoint of the Verifier specified in the message. The Relayer then waits for that verifier to execute its own internal logic and return a cryptographically signed Validation report. This step is a standardised interface, the relayer does not need to know how the validation is performed.
  5. Delivery & Attestation: Once the Relayer has the tamper-proof report, it submits the original message and the report to the Destination Router. The router then performs the final on-chain attestation by calling the attest function on the corresponding Verifier Contract. This contract's sole job is to verify the report's signature. Once it is valid, the message is confirmed and delivered to the Client Contract.

The CRE Verifier Implementation

When a Relayer picks up a message event that specifies CRE as the verifier, it simply makes its standard HTTP validation request. This request is directed to a specific component we built: the CRE Adapter. It acts as a "translator" or wrapper that abstracts the complexity of CRE from the entire Concero Messaging Protocol. Any Concero Relayer does not need to be a Chainlink node or understand how to interact with the CRE; it simply needs to make a standard, simple HTTP call.

cre implementation.png

The CRE Adapter receives the request and triggers the custom workflow we deployed on the CRE. This workflow executes the heavy lifting via our decentralised DONs, utilising the validation logic our team has built.

  1. Authorisation: As a critical security measure, the workflow first receives the request via an HTTP trigger and immediately performs an Elliptic Curve Digital Signature Algorithm (ECDSA) verification to ensure it came from an authorised relayer address.
  2. Data Ingestion: Once authorised, it accepts the core parameters from the adapter: the Message ID, Source Chain Selector, and Source Chain Data, which includes the source block number.
  3. Core Logic: Using this data, the workflow's main task is to fetch the original ConceroMessageSent log from the source chain. It waits for the necessary block confirmations to ensure the transaction is final and safe from re-orgs.
  4. Proof Generation: A block is considered finalised after the configured number of confirmation blocks, as specified by the project or protocol, the workflow produces a Standard Message Representation. This hash becomes the unique, verifiable proof of the event.
  5. Consensus & Response: The DONs then achieve consensus on this hash and collectively sign it, producing a tamper-proof CRE report. This report, containing the log hash, is then returned via HTTP to our adapter, which passes it back to the waiting Concero Relayer as the "Validation report".

The Relayer, now holding the Report and Message, proceeds to the delivery and attestation process. The Report and Message are submitted on the ConceroRouter at the Destination Chain, which checks its validation from the Validator Library (the on-chain CRE Verifier contract). This on-chain contract's job is to perform a single, gas-efficient cryptographic check to confirm the report was genuinely signed by the trusted CRE network.

This design makes CRE's powerful, complex computation a simple, plug-and-play module. Once the Concero Messaging protocol is integrated, it gives dApps the choice of industry-leading security without complicating our permissionless relayer network.

The Strategic Advantage: How CRE Accelerates Concero's Adoption

Integrating the CRE as a foundational verifier is a primary catalyst for the Concero Messaging Protocol's adoption. It's not merely an added feature; it's a powerful programmable trust engine that directly accelerates our go-to-market strategy.

By leveraging CRE as a day-one verifier, we fundamentally de-risk the adoption process for high-value dApps. Instead of asking protocols to rely on a new validator set, we immediately offer them the "gold standard" of security. Their critical cross-chain messages can be secured by Chainlink's battle-tested DONs, which execute the entire verification process as a single, decentralised job. This provides immediate, best-in-class security and satisfies stringent reliability requirements, lowering the barrier to entry for institutions that cannot compromise on trust.

Furthermore, CRE's power as a programmable workflow engine, not just a simple computation engine, dramatically expands the types of dApps we can serve. We are no longer limited to simple on-chain checks. We can now offer programmable orchestration workflows (such as waiting for thousands of block confirmations, performing custom data hashing, and achieving consensus) all as a single, atomic, verifiable job. This unique capability attracts sophisticated users who need high-assurance, customised validation for their applications.

Finally, this strategic integration allows the Concero team to focus on our core competency: building the world's most efficient and modular cross-chain messaging marketplace. We accelerate our entire roadmap by integrating Chainlink's ready-made, decentralised computation platform rather than spending years attempting to build and secure our own.

Conclusion: The Future is Composable Trust

The evolution from a monolithic system to a composable marketplace represents a fundamental shift in cross-chain communication. By architecting an open, permissionless protocol and strategically integrating the Chainlink Runtime Environment as a foundational, high-security verifier, Concero delivers on the promise of true developer sovereignty. We are moving beyond the rigid trade-offs of the past, empowering dApps to compose their own security stack on a per-message basis.

This new paradigm is open for building. We invite dApps and developers looking to break free from monolithic constraints to integrate with Concero and connect across the limitless ecosystem of chains we support.

If you are a project or developer exploring a new use case or requiring a custom cross-chain solution, we are here to support and collaborate. Please contact us to begin building the future of interoperability together.

Contact us for inquiries at phuc@concero.io or X: phuchoangle

🤝 Follow us for upcoming updates on Concero Socials :

Concero.io | Concero Blog | Twitter | Discord | Telegram

Discuss on TwitterView on GitHub