Fun

Cosmos patches ‘critical’ IBC protocol bug saving $126M

News Feed - 2024-04-24 10:04:26

Brayden Lindrea7 hours agoCosmos patches ‘critical’ IBC protocol bug saving $126MIBC has always had the bug but it only recently became exploitable due to developments in the protocol’s codebase, Asymmetric Research said.2877 Total views1 Total sharesNewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCosmos developers have fixed a “critical” security bug in its Inter-Blockchain Communication (IBC) protocol which put at least $126 million at risk, says a blockchain security firm that privately notified Cosmos of the issue.


“We privately disclosed the vulnerability through the Cosmos HackerOne Bug Bounty program and the issue is now patched,” Asymmetric Research said on April 23.


“No malicious exploitation took place and no funds were lost,” it added.Source:Asymmetric Research


The bug could have allowed a reentrancy attack allowing a hacker to mint infinite tokens on IBC-connected chains like Osmosis and other decentralized finance ecosystems on Cosmos.“We believe at least 126M+ in assets could have been stolen on Osmosis. However, rate limiting on Osmosis slows down the damage that could be caused.”


Rate limits serve to prevent or at least mitigate attacks that attempt to overwhelm a system by controlling the rate at which requests are made.


Asymmetric noted the bug has existed in ibc-go — a high-level programming language implementation of IBC — since it launched in 2021.


The bug only recently became exploitable, however, after Cosmos devs launched a new third-party application called IBC middleware — which allows ICS20 (interchain token standard) tokens to cross chains.


Related:Cosmos Hub greenlights ATOM inflation cut for security boost


“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric emphasized.“This vulnerability highlights the critical need for more research into cross-chain security risks to protect the multichain ecosystem better."


The bug was patched up by Cosmos dev Carlos Rodriguez about three weeks ago, a GitHub commit shows.


Another “critical” security vulnerability was identified in the IBC protocol in October 2022, which impacted all IBC-connected chains but was patched before any potential exploit.


Magazine:Are DAOs overhyped and unworkable? Lessons from the front lines# Blockchain# Altcoin# Research# Business# Security# Hackers# Cybersecurity# HacksAdd reaction

News Feed

Brayden Lindrea3 hours agoBitcoin white paper turns 15 as Satoshi Nakamoto’s legacy lives on“I’ve been working on a new electronic cash system that’s fully peer-to-peer, with no trusted third party,” Satoshi wr
Coinbase Entices Users to Switch From USDT to USDC, Crypto Firm Says Recent Events ‘Put Some Stablecoins to the Test’
Coinbase Entices Users to Switch From USDT to USDC, Crypto Firm Says Recent Events "Put Some Stablecoins to the Test" Coinbase, one of the largest cryptocurrency firms in the indus
Opensea Drops Fees to Zero and Announces New Creator Earnings Model in Response to Shifting NFT Landscape
Opensea Drops Fees to Zero and Announces New Creator Earnings Model in Response to Shifting NFT Landscape The largest marketplace for non-fungible tokens (NFTs), Opensea, has annou
South Korea To Ban Crypto Exchanges From Handling Privacy Coins
South Korea To Ban Crypto Exchanges From Handling Privacy Coins South Korea is to ban crypto exchanges from handling digital assets it considers “dark coin
South Korean Government to Start Taxing Crypto Trading Profits in 2022
South Korean Government to Start Taxing Crypto Trading Profits in 2022 The South Korean government has issued an amendment to introduce tax on cryptocurrency tra
Crypto, Stocks, PMs Sink Lower — All Eyes on the Fed’s Next Rate Hike as Ethereum’s Merge Hype Wavers
Crypto, Stocks, PMs Sink Lower — All Eyes on the Fed’s Next Rate Hike as Ethereum’s Merge Hype Wavers The crypto economy has slipped under the $1 trillion range once again af
Bitcoin Trader Robbed During an In-Person Transaction, Kicked Out of Car in Hong Kong
Bitcoin Trader Robbed During an In-Person Transaction, Kicked Out of Car in Hong Kong An unnamed 37-year-old man was a victim of a theft from a gang of robbers w
Bitcoin Transactions: New High for Argentina as Confidence in the Peso Tanks
Bitcoin Transactions: New High for Argentina as Confidence in the Peso TanksCrisis laden Argentina saw bitcoin transactions worth $1.4 million (101 million pesos) being recorded in
Facebook’s Calibra Sued by Mobile Banking App Over Similar Logos
Facebook’s Calibra is being sued for trademark infringement by mobile banking app Current, adding a potential legal showdown to the beleaguered Libra digital currency project’s growing list of woes.
How to capitalize on the Bitcoin halving
Tanuj Surve6 hours agoHow to capitalize on the Bitcoin halvingDiscover trading strategies to capitalize on Bitcoin halving events and optimize your investment returns in the cryptocurrency market.2144 Total views2 Total
Zimbabwean Blockchain Startups Launch Service to Help Migrants Efficiently Move Funds Across Borders
Zimbabwean Blockchain Startups Launch Service to Help Migrants Efficiently Move Funds Across Borders Two Zimbabwean startups, Flexid and Uhuru Wallet, recently launched a platform
Shiba Inu Braces For Rally – Analyst Sees 35% Price Surge – Details
Este artículo también está disponible en español. This past few days has been quite the week for Shiba Inu, the second-largest meme coin by market valuation. The token sa