Cointelegraph
DOGE$0.07235 0.16%
TRX$0.3258 1.19%
LINK$8.34 1.21%
ZEC$560.21 3.67%
ADA$0.1660 0.31%
XRP$1.09 0.80%
ETH$1,868.31 1.24%
BTC$64,715.06 1.20%
XMR$337.31 2.46%
BNB$568.88 0.27%
XLM$0.1865 1.11%
SOL$75.96 1.42%
HYPE$60.77 3.21%
Written by Zhiyuan Sunformer writerReviewed by Felix Ngstaff editor

Cosmos co-founder says a major security vulnerability has been uncovered on IBC

Latest NewsPublishedOct 13, 2022

A public patch fixing the exploit is scheduled to be released tomorrow.

cosmos-co-founder-says-a-major-security-vulnerability-has-been-uncovered-on-ibc

On Oct. 13, Ethan Buchman, co-founder of interblockchain communication (IBC) ecosystem Cosmos, said that a “critical security vulnerability” had been discovered that “impacts all IBC-enabled Cosmos chains, for all versions of IBC." Buchman assured that steps have already been taken to ensure that all major public IBC-enabled chains have been patched, stating:

“A chain is safe from the critical vulnerability as soon as ⅓ of its voting power has applied the patch. Chains should still seek to patch to ⅔ as quickly as possible once the official patch is released.”

A public version of the patch will be released in the Cosmos SDK (software development kit) v0.45.9 and v0.46.3 tomorrow at 14:00 UTC. Buchman recommends that all chains and validators apply it immediately upon release and that chain-halting is not required for it to take effect.

The issue appears to have come to light after core developers of Cosmos and Osmosis (the leading decentralized exchange on Cosmos) ramped up security audits in light of a $100 million cross-chain bridge exploit on BNB Chain on Oct. 6.

Cross-chain bridges solve a variety of problems in decentralized finance by allowing users to port digital assets across multiple protocols. However, they tend to be more complex than regular decentralized applications, and if the source code is copy-and-pasted across protocols, the vulnerability can be amplified dramatically.

Nevertheless, the vast majority of cross-chain bridge hacks this year, such as the Ronin and Nomad bridge exploits, have occurred on Ethereum Virtual Machine blockchains. On the contrary, security breaches on chains in Cosmos' IBC ecosystem have been few and far between. There are currently about 45 blockchains built using the Cosmos SDK.

1 minute letter

Subscribe to daily byte-sized crypto news from Cointelegraph

Subscribe
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

More on the subject