On October 13, Ethan Buchman, co-founder of IBC system Cosmos, shared that a critical issue had been discovered. According to Buchman, this affects all IBCenabled Cosmos chains.
It crypto news about the BNB Chain hack from last week, prompted Cosmos developers to inspect their IBC code. They discovered a security problem during the software check of the Cosmos network.
Cosmos cross-chain bridges are vulnerable
Cosmos is a decentralized network of blockchains connected via the Inter-Blockchain Communication protocol (IBC). This allows users to seamlessly hop from one Cosmos blockchain to another.
“Members of the core teams of Cosmos and Osmosis have extensively audited IBC in the wake of the BSC exploit. We have discovered a critical vulnerability that affects all IBC-enabled Cosmos chains, across all versions of IBC.”
BNB uses Cosmos software under its hoodwrote Ethan Buchman on Thursday in a blog update on the project’s community forum.
cross chain bridges solve a number of problems in the decentralized financial sector. They allow users to transport digital assets across multiple protocols.
However, they are often more complex than ordinary decentralized applications. Copying and pasting the source code between protocols can greatly increase the vulnerability.
In cybersecurity A critical vulnerability refers to a software bug that allows hackers to hack into network systems to steal data or money.
Important blockchains are being improved
Buchman assured that steps had already been taken to protect key IBC blockchains patchwhich is to update the software to an improved version.
“A chain is safe from the critical vulnerability once ⅓ of its voting power has applied the patch. Chains should still try to apply a patch as soon as possible until ⅔ once the official patch is released.”
The patch was first made available privately to give developers and validators time to update their chains before the vulnerability was disclosed.
“Given the severity, we have worked tirelessly with core development teams and validators across the ecosystem to make the patch available privately and ensure chains are patched before being publicly communicated,” Buchman wrote.