Cosmos developers have discovered a critical vulnerability in the cosmos ecosystem. According to Ethan Buchman, co-founder of Cosmos, the critical security vulnerability puts all IBC-enabled blockchains at risk.
The attack vector was discovered after last week’s exploit of the BNB smart chain.
A Critical Vulnerability
Cosmos developers have disclosed a critical security vulnerability affecting all Cosmos blockchains which are running on the inter-blockchain communication protocol (IBC). The IBC is the Cosmos ecosystem’s cross-chain messaging and bridge protocol. Developers discovered the vulnerability during a security audit that was conducted after the exploit of the BNB Smart Chain, which saw $100 million siphoned off.
The BNB Chain uses Cosmos as its underlying architecture. Ethan Buchman, the co-founder of Cosmos, wrote in a blog post on the community forum, disclosing the vulnerability to the community,
“Members of the core Cosmos and Osmosis teams have been extensively auditing IBC in the aftermath of the BSC exploit. We have discovered a critical security vulnerability that impacts all IBC-enabled Cosmos chains for all versions of IBC.”
Security Patch In The Works
Cosmos has issued a public security patch scheduled for 10 AM EDT on Friday. According to Buchman, all IBC-enabled Cosmos blockchains will be required to deploy the patch. He also stated that validators of Cosmos chains would halt their respective networks over the course of the upgrade on Friday.
Buchman added,
“Given the severity, we have been working tirelessly with core development teams and validators across the ecosystem to make the patch available privately and ensure chains are patched before communicating publicly.”
In cybersecurity terms, a critical vulnerability is a software bug that allows hackers to altogether disable network systems and steal data or funds.
The Cosmos Ecosystem
The Cosmos ecosystem consists of a network of interconnected, interoperable, and application-specific blockchain protocols. Cosmos’s blockchains interact with one another using the IBC protocol. Presently, there are 51 blockchains in the Cosmos ecosystem that support the IBC protocol. These include Cosmos Hub, Osmosis, Axelar, Evmos, Injective, Juno, Cronos, Sifchain, and more.
According to the Cosmos website, the collective market capitalization of all IBC-related chains is over $8 billion. Other major blockchains such as OKX Chain, Thorchain, and Luna Classic have also integrated with the IBC in the past. However, for one reason or another, they have deactivated IBC functionality or never fully implemented it in the first place. The subject of last week’s attack, Binance, can be included in this list of projects.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.