Cosmos ‘Critical’ IBC Protocol Bug Saves $126M
Cosmos developers have fixed a “critical” security flaw in the Inter-Blockchain Communication (IBC) protocol that put at least $126 million at risk, according to a blockchain security firm that privately notified Cosmos of the issue.
We reported the vulnerability privately through the Cosmos Hacker on Bug Bounty program and the issue has now been fixed, Asymmetric Research said on April 23.
“No malicious exploitation took place and no money was lost,” he added.
The flaw could allow a re-entry attack that would allow a hacker to create infinite tokens on Cosmos, like Osmosis and other decentralized financial ecosystems connected to IBC.
“We believe at least 126M+ assets could have been stolen on Osmosis. However, limiting the amount on Osmosis minimizes the potential damage.”
Price limits are used to prevent, or at least reduce, attacks that attempt to disrupt the system by controlling the amount demanded.
Since Asymmetric's launch in 2021, the bug has been reported in ibc-go – an implementation of the high-level programming language IBC.
The bug could be exploited soon, however, after Cosmos devs launched a new third-party application called IBC middleware – which allows ICS20 (interchain token standard) tokens to cross chains.
Related: Cosmos Hub greenlights ATOM inflation cut to increase security
“This release shows how easy it is to break assumptions and introduce new vulnerabilities by adding new features and functionality. It's also another example of the importance of defense-in-depth,” Asymmetric emphasized.
“This vulnerability highlights the need for more research into cross-chain security threats to better protect the multichain ecosystem.”
The bug was fixed three weeks ago by Cosmos dev Carlos Rodriguez, a GitHub commit shows.
Another “critical” security vulnerability in the IBC protocol was identified in October 2022, affecting all IBC-connected chains but patched before any exploitation.
Magazine: Are DAOs Overhyped and Dysfunctional? Lessons from the front lines
