Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed
What the Bitcoin halving means for BTC mining centralization
Robert D. Knight9 hours agoWhat the Bitcoin halving means for BTC mining centralizationThere are concerns that the halving may be bad news for mining decentralization.3371 Total views4 Total sharesListen to article 0:00A
2024-03-01 23:13 PM
Solana Price Enters Consolidation Trend Above $130 That Could End In A Breakout
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-04-19 04:00 AM
Texas Securities Regulators and Attorney General Object to FTX Purchasing Voyager Digital
Texas Securities Regulators and Attorney General Object to FTX Purchasing Voyager Digital Regulators from the state of Texas and the state’s attorney general are objecting to FTX
2022-10-18 04:30 AM
Copy Trading Platform ZuluTrade Powers SetBroker.com
Copy Trading Platform ZuluTrade Powers SetBroker.com SetBroker, an innovative Bitcoin-based copy-trading platform, announced today their successful launch. Their platform is powe
2020-02-28 19:30 PM
Warren Buffett compares AI to nukes after seeing deepfake doppelganger
Tristan Greene8 hours agoWarren Buffett compares AI to nukes after seeing deepfake doppelgangerThe financial mogul’s commentary came during Berkshire Hathaway’s annual meeting.8815 Total views38 Total sharesListen to
2024-05-06 00:35 AM
Jeff Bezos Directs Amazon to Accept Bitcoin and Other Popular Cryptocurrencies: Report
Jeff Bezos Directs Amazon to Accept Bitcoin and Other Popular Cryptocurrencies: Report Amazon is reportedly planning to accept bitcoin for payments, after which
2021-07-27 03:30 AM
Bitcoin, Ethereum Technical Analysis: BTC, ETH Consolidate Below Key Resistance Levels
Bitcoin, Ethereum Technical Analysis: BTC, ETH Consolidate Below Key Resistance Levels Following strong gains during Wednesday’s session, bitcoin and ethereum both saw price
2022-03-30 22:45 PM
Fidelity Optimistic About Bitcoin Regulation Under Biden Administration — Sees Strong Institutional Demand
Fidelity Optimistic About Bitcoin Regulation Under Biden Administration — Sees Strong Institutional Demand Fidelity Digital Assets President Tom Jessop has sha
2021-01-31 08:15 AM
US Lawmaker Introducing Legislation to Remove SEC Chairman Due to ‘Long Series of Abuses’
US Lawmaker Introducing Legislation to Remove SEC Chairman Due to "Long Series of Abuses" A U.S. lawmaker has announced that he is introducing legislation to remove the Securities
2023-04-19 17:30 PM
Federal Investigators Probe Silicon Valley Bank Collapse; SVB and Top Execs Sued by Shareholders
Federal Investigators Probe Silicon Valley Bank Collapse; SVB and Top Execs Sued by Shareholders The parent company of Silicon Valley Bank, SVB Financial Group, and two senior exec
2023-03-15 04:30 AM
Leading Supermarket Chain in Croatia Introduces Crypto Payments
Leading Supermarket Chain in Croatia Introduces Crypto Payments Customers of the largest supermarket chain in Croatia will be able to pay with cryptocurrency for their orders in th
2021-12-03 00:00 AM
Local Experts Say Zimbabwe Not Softening Its Stance on Cryptocurrency Just Yet
Local Experts Say Zimbabwe Not Softening Its Stance on Cryptocurrency Just Yet Zimbabwean crypto and economic experts have suggested Finance Minister Mthuli Ncube’s positive
2021-10-07 19:30 PM