Cosmos’ $8B Ecosystem Endangered by Critical Vulnerability


All IBC-enabled blockchains are at risk of being exploited by a “critical security vulnerability,” Cosmos co-founder Ethan Buchman announced today.

Key Takeaways

  • A critical security vulnerability threatened all IBC-enabled blockchains, Cosmos developers recently discovered.
  • The attack vector was discovered following last week’s BNB Chain’s exploit.
  • A patch has already been communicated privately to Cosmos developers and validators.

Last week’s BNB Chain attack led Cosmos developers to inspect their IBC code. They found a critical security vulnerability that endangered every IBC-enabled blockchain.

Cosmos Compromised

It appears the entire Cosmos ecosystem was endangered by a single vulnerability.

According to an announcement posted today in the Cosmos Hub governance forum by co-founder Ethan Buchman, lead developers recently discovered a “critical security vulnerability that impacts all IBC-enabled Cosmos chains, for all versions of IBC.”

Cosmos is a decentralized network of blockchains connected through the Inter-Blockchain Communication protocol (IBC), which enables users to hop from one Cosmos blockchain to another seamlessly. At the time of writing, there are 42 IBC-enabled blockchains, including Cosmos Hub, Osmosis, Cronos, and Evmos. According to the project’s website, the market capitalization of all IBC-enabled chains together reaches $8.18 billion.

Other major blockchains such as OKX Chain, Luna Classic, and Thorchain have also integrated IBC in the past. For various reasons, however, they have either deactivated the function or never fully enabled it in the first place. BNB Chain is one of these projects. The recent attack against it (during which a hacker drained $566 million from the blockchain’s bridge) incentivized Cosmos developers to research whether other IBC blockchains may be vulnerable to the same exploit. 

Buchman stated that measures had already been taken to patch major IBC blockchains. The patch was first made available privately to give developers and validators the time to update their chains before the vulnerability was publicized. According to him, more than a third of a blockchain’s voting power must apply a patch for the project to be safe. The Cosmos SDK will release a public version of the patch on October 14 at 14:00 UTC. Buchman advised all Cosmos chains and validators to upgrade to the public patch as soon as possible, even if they’d already integrated the private patch. 

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, ATOM, OSMO, and several other cryptocurrencies.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

BNB Chain’s $566M Hack: Binance Network’s Major Bridge Attack Unpa…

The BNB Chain team temporarily halted the network in response to the attack, which speaks volumes about the network’s centralization issues.   BNB Chain Targeted Last night’s nine-figure hack on BNB…

BNB Chain’s $566M Hack: Binance Network’s Major Bridge Attack Unpa...

Cosmos Hub Drops ATOM 2.0 Whitepaper to Bullish Fanfare

Leading Cosmos figures want to introduce new tokenomics, an on-chain MEV marketplace, a system to streamline economic coordination across Cosmos blockchains, and a new governance structure to the Cosmos Hub….

Cosmos Hub Drops ATOM 2.0 Whitepaper to Bullish Fanfare

Mango $100M Attack: How a Whale Swindled a Solana DeFi Favorite

In something of an audacious move, the attacker used their MNGO tokens to vote on their own Mango DAO governance proposal. Whale Targets Mango  Days after BNB Chain’s bridge was…

Mango $100M Attack: How a Whale Swindled a Solana DeFi Favorite

Shopping Cart