Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed
Report: Chinese Customs Authority Confiscates 49 Old ASIC Antminers
Report: Chinese Customs Authority Confiscates 49 Old ASIC Antminers Chinese authorities continue to crackdown against bitcoin miners after they seized 49 second-hand Bitmain ASIC A
2022-02-22 17:30 PM
XRP Price To Hit $45? Here’s What Happens If It Mimics 2017 And 2021 Rallies
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-04-13 03:00 AM
Boda boda blockchain boost: How tech is tracking Africa’s motorbike taxis
Gareth Jenkinson14 hours agoBoda boda blockchain boost: How tech is tracking Africa’s motorbike taxisNodle’s underlying blockchain infrastructure will enable real-time location data of motorcycle taxis in East Africa
2024-05-01 19:00 PM
SEC has given ‘preliminary approval’ to at least 3 ETH ETF issuers: Report
Brayden Lindrea7 hours agoSEC has given ‘preliminary approval’ to at least 3 ETH ETF issuers: ReportBlackRock, Franklin Templeton, and VanEck have reportedly received preliminary approval from the US securities regul
2024-07-16 10:25 AM
Crypto Economy Gains 83% in Value Over Last 3 Months, Myriad of Lesser-Known Coins Spike
Crypto Economy Gains 83% in Value Over Last 3 Months, Myriad of Lesser-Known Coins Spike The overall market capitalization of all 10,000+ digital assets has reached a September hig
2021-09-03 00:00 AM
Bitcoin MVRV Pricing Bands Hint At $130K, But Only If This Support Holds
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-07-28 05:00 AM
Data Shows Ruble-Denominated Crypto Trading Has Spiked, RUB Represents Over 2% of USDT Trades
Data Shows Ruble-Denominated Crypto Trading Has Spiked, RUB Represents Over 2% of USDT Trades According to reports and data stemming from ruble-denominated crypto trading pairs, Ru
2022-03-02 08:00 AM
Bitcoin of America Is Working to Solve the Gender Problem in the Cryptocurrency Industry
Bitcoin of America Is Working to Solve the Gender Problem in the Cryptocurrency Industry sponsored The cryptocurrency industry has a big gender problem when it comes to female invol
2022-06-17 02:00 AM
Here’s Why The Bitcoin Price Continues To Hold Steady Between $96,000 And $98,000
Este artículo también está disponible en español. The Bitcoin price has dropped below the $100,000 psychological level and is now holding between the $96,000 and $98,000
2024-12-21 00:30 AM
Banks Are Cutting 75,700 Jobs Worldwide
Banks Are Cutting 75,700 Jobs Worldwide Banks worldwide have announced major job cuts this year. Globally, 75,700 jobs are reportedly being eliminated, with the most recent annou
2019-12-04 21:30 PM
Rapper Nas & the No-Good-Very-Bad Payday Loan Investment
Nas wasn"t wrong to back a fintech product designed to disrupt the payday loan industry. He just threw his weight behind the wrong one. | Source: ShutterstockFamed rapper Nasir Jone
2019-09-15 07:30 AM
The Fed’s Christopher Waller Wants 50 bps Rate Hikes Until Inflation Subsides, US Savings Data Plummets
The Fed"s Christopher Waller Wants 50 bps Rate Hikes Until Inflation Subsides, US Savings Data Plummets Federal Reserve governor Christopher Waller has detailed he is ready to get
2022-05-31 07:00 AM