Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed
Gareth Jenkinson11 hours agoDid Binance’s CZ predict his own downfall?An exclusive interview with Cointelegraph in 2018 highlighted growing scrutiny of Binance’s meteoric growth.1906 Total views5 Total sharesListen t
2023-11-22 21:32 PM
Bitcoin’s 3% Price Rise Neutralizes Bearish Setup
View Bitcoin has again bounced up from $7,800 support, neutralizing the immediate bearish setup. A break above $8,820 is needed to invalidate the lower-highs setup and confirm a bull reversal. A bullish close, if confirm
2019-10-21 20:00 PM
Global Manhunt for Terra Luna Founder Do Kwon After Interpol Issues Red Notice
Global Manhunt for Terra Luna Founder Do Kwon After Interpol Issues Red Notice The global law enforcement agency the International Criminal Police Organization (Interpol), issued a
2022-09-27 10:30 AM
Tom Mitchelhill3 hours agoSui Network launches Google, Twitch and Facebook logins for DAppsSui joins the growing ranks of Web3 firms looking to onboard users who are all too often “irretrievably lost” at the doorstep
2023-09-14 14:59 PM
WATCH: Ecash Creator David Chaum On His New ‘Quantum-Resistant’ Cryptocurrency, Praxxis 
  Digital money pioneer David Chaum is creating his second digital currency and we caught up with him at Devcon in Osaka, Japan.
2019-10-22 06:30 AM
Martin Young4 hours agoDecentralized stablecoins could dominate crypto: MakerDAO founderMakerDAO’s Rune Christensen says appropriate regulation will see stablecoins become mainstream, but the real opportunity is in dec
2023-09-15 13:20 PM
Doctors turn to Apple Vision Pro headset to practice surgery amid cadaver shortage
Tristan Greene6 hours agoDoctors turn to Apple Vision Pro headset to practice surgery amid cadaver shortageVeyond Metaverse aims to mimic the traditional cadaver experience in visceral detail with Apple’s mixed reality
2024-04-18 02:40 AM
Spot Bitcoin ETF net inflows drop by 80% as BTC price dips below $69K
Prashant Jha13 hours agoSpot Bitcoin ETF net inflows drop by 80% as BTC price dips below $69KBlackRock’s ETF recorded the highest inflows of $350 million, while Grayscale saw $250 million in outflows.5970 Total views27
2024-03-15 20:00 PM
Mining Hardware Thief Gets 3-Year Sentence in Russia
Mining Hardware Thief Gets 3-Year Sentence in Russia Russian authorities have investigated a number of cases involving the theft of crypto mining equipment in the past months. A re
2021-08-30 14:30 PM
Fiat Devaluation Drives Retail Bitcoin Transfers in Africa 56% in a Year: Report
Fiat Devaluation Drives Retail Bitcoin Transfers in Africa 56% in a Year: ReportMonthly cryptocurrency transfers to and from Africa under $10,000 soared more than 56% from a year ag
2020-09-10 17:00 PM
Biggest Movers: FTM Down 12% to Start the Weekend, as ATOM Hits 8 Month Low
Biggest Movers: FTM Down 12% to Start the Weekend, as ATOM Hits 8 Month Low FTM was down by as much as 12% to start the weekend, as crypto markets were once again under a red wave.
2022-04-30 22:30 PM
Bitcoin miner revenue records second-best day in history
Zoltan Vardai13 hours agoBitcoin miner revenue records second-best day in historyBitcoin prices retraced over 22% in April 2021 when daily miner revenue reached its all-time high of $77.3 million.3862 Total views9 Total
2024-03-07 19:13 PM