Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed
Central Bank of Honduras Discredits Bitcoin Legal Tender Speculation
Central Bank of Honduras Discredits Bitcoin Legal Tender Speculation On March 23, Honduras’ central bank issued a clarification on crypto assets such as bitcoin, and noted t
2022-03-25 16:30 PM
Minerset․com Announces New 200-Megawatt Crypto-Mining Facility
Minerset․com Announces New 200-Megawatt Crypto-Mining Facility press release PRESS RELEASE.Known as a leader in cryptocurrency-mining hardware sales and logistics, Minerset has ge
2022-04-06 02:00 AM
Ethereum’s Dominance on the Rise: Market Share Increases by 3% Among Global Crypto Assets
Ethereum"s Dominance on the Rise: Market Share Increases by 3% Among Global Crypto Assets Since Dec. 31, 2022, ethereum’s market dominance has increased by more than 3% amon
2023-01-12 04:00 AM
Bitcoin dips as ETFs break 19-day green streak, rumble over US inflation
Jesse Coghlan2 hours agoBitcoin dips as ETFs break 19-day green streak, rumble over US inflationTraders are seemingly going risk-off ahead of a U.S. CPI print and a Fed monetary policy meeting, with Bitcoin falling to a
2024-06-11 15:05 PM
Amaka Nwaokocha2 hours agoRipple Labs to revolutionize real estate industry through tokenizationAn innovative pilot program aims to enable users to tokenize real estate assets and utilize them as collateral for loans, le
2023-07-08 15:28 PM
65% of Traders on Paypal Ready to Use Bitcoin to Pay for Goods and Services: Survey
65% of Traders on Paypal Ready to Use Bitcoin to Pay for Goods and Services: Survey At least 65% of people who use the Paypal app to trade bitcoin are prepared t
2020-12-03 17:30 PM
Venezuelan Authorities Seize More Than 100 Miners From Clandestine Bitcoin Mining Operation
Venezuelan Authorities Seize More Than 100 Miners From Clandestine Bitcoin Mining Operation Venezuelan authorities seized over a hundred mining machines in a residential area of a
2021-11-01 16:30 PM
Travelbybit to Drop Bitcoin Payments After Viral Double Spend Video
Travelbybit to Drop Bitcoin Payments After Viral Double Spend Video On December 18, Bitcoinbch.com published a video explaining how easy it is to double spend BTC transactions in
2019-12-20 10:00 AM
Is The Worst Yet To Come For XRP? Analyst Issues Dire Warning
Este artículo también está disponible en español. While the XRP price is already down -42% since its peak at $3.40 on January 16, renowned technical trader Josh Olszewicz
2025-03-01 09:30 AM
Decommissioned Power Plant in Armenia to Host Crypto Mining Farms
Decommissioned Power Plant in Armenia to Host Crypto Mining Farms Armenia is going to invite cryptocurrency miners to install their coin minting hardware in an old thermal power pl
2022-01-23 19:30 PM
Ezra Reguerra14 hours ago‘XRP is not a security. Period’ — Crypto lawyers on Ripple’s case amid SEC appealLawyer Oscar Franklin Tan believes that if the appeal is allowed, whoever wins will build momentum in the
2023-08-11 18:16 PM
Billionaire Jeff Gundlach Expects Recession This Year, Advises Against Buying Bitcoin
Billionaire Jeff Gundlach Expects Recession This Year, Advises Against Buying Bitcoin Doubleline Capital CEO Jeffrey Gundlach, also known as the “Bond King,” has warn
2022-01-12 09:30 AM