Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed
Binance to Increase Presence in Poland in Compliance With Local Regulations
Binance to Increase Presence in Poland in Compliance With Local Regulations Binance has unveiled intentions to broaden its activities in Poland, another EU member state where the g
2023-01-20 16:30 PM
EU publishes draft rules for stablecoin issuer complaint procedures
Amaka Nwaokocha1 minute agoEU publishes draft rules for stablecoin issuer complaint proceduresThis regulatory framework for stablecoins results from a joint collaboration between the European Banking Authority and the Eu
2024-03-14 17:59 PM
Former Fed Chair Ben Bernanke Wins Nobel Prize in Economics ‘for Research on Banks and Financial Crises’
Former Fed Chair Ben Bernanke Wins Nobel Prize in Economics "for Research on Banks and Financial Crises" Former Federal Reserve Chairman Ben Bernanke has been awarded a Nobel Prize
2022-10-11 10:30 AM
Yuga Labs’ Twelvefold Collection of Ordinal Inscriptions Generates 735 Bitcoin, Worth More Than $16 Million
Yuga Labs" Twelvefold Collection of Ordinal Inscriptions Generates 735 Bitcoin, Worth More Than $16 Million Yuga Labs, the creators of the blue-chip non-fungible token (NFT) collec
2023-03-08 03:30 AM
Ripple Proposes ‘Real Approach to Cryptocurrency Regulation’
Ripple Proposes "Real Approach to Cryptocurrency Regulation" Ripple has published a proposal for a regulatory framework for cryptocurrencies called “A Real Approach to Crypt
2021-11-17 11:30 AM
Kazakhstan President Demands ‘Urgent’ Regulation of Crypto Mining Amid Power Shortages
Kazakhstan President Demands ‘Urgent’ Regulation of Crypto Mining Amid Power Shortages Facing an electricity deficit largely blamed on cryptocurrency miners, Kazakhstan is tryi
2021-11-04 21:30 PM
Dogecoin $10 Price Target Back In Play? Here’s What The Charts Say
Este artículo también está disponible en español. Dogecoin is still reeling in losses after a crazy 40% declineat the start of the week. Although it has since recovered a
2025-02-06 09:30 AM
Price analysis 3/25: SPX, DXY, BTC, ETH, BNB, SOL, XRP, DOGE, ADA, AVAX
Rakesh Upadhyay5 hours agoPrice analysis 3/25: SPX, DXY, BTC, ETH, BNB, SOL, XRP, DOGE, ADA, AVAXBitcoin has risen above $70,000, indicating that the bulls are back in the driver’s seat.1875 Total views9 Total sharesL
2024-03-26 03:40 AM
Data Privacy Startup StrongSalt Raises $3 Million for Encrypted API Service
A new encryption-as-a-service company raised $3 million to bring standardized encryption techniques to the blockchain. Data privacy startup StrongSalt announced Thursday the clos
2019-09-26 23:00 PM
Elon Musk Relaunches Tesla Solar: 'Like a Money Printer on Your Roof'
TwitterFacebookLinkedInSource: Mark RALSTON / AFP (i), Shutterstock (ii). Image Edited by CCN.By CCN Markets: Elon Musk relaunched Tesla"s residential solar-power service and claime
2019-08-19 04:45 AM
US Spot Bitcoin ETFs Flip Nakamoto To Become Largest BTC Holder, Here’s How Much They’ve Bought
Este artículo también está disponible en español. US Spot Bitcoin ETFs have significantly transformed both Bitcoin and the broader crypto industry. These ETFs have seen t
2024-12-08 05:00 AM
Crypto-Related Lawsuits Rising in Russia, Criminal Cases Increase by 40%
Crypto-Related Lawsuits Rising in Russia, Criminal Cases Increase by 40% Courts in Russia are hearing a growing number of cases around crypto assets, a new study has shown. About t
2022-06-12 15:30 PM