HomeNewsCosmos Safeguards $126M in Assets by Patching Critical IBC Protocol Bug

Cosmos Safeguards $126M in Assets by Patching Critical IBC Protocol Bug

- Advertisement -
  • The bug posed a risk of a reentrancy attack, potentially allowing unauthorized token minting across IBC-connected chains.
  • No funds were lost due to the prompt action taken, preventing exploitation of the vulnerability by malicious actors.

Cosmos developers recently addressed a severe security flaw in their Inter-Blockchain Communication (IBC) protocol, successfully averting a potential theft of approximately $126 million. This vulnerability in the IBC protocol, integral to Cosmos’ functionality for enabling transactions across different blockchains, was reported by the blockchain security firm Asymmetric Research.

On April 23, Asymmetric Research announced that they had confidentially reported the flaw through the Cosmos HackerOne Bug Bounty program, leading to a swift resolution. “No malicious exploitation took place and no funds were lost,” the firm assured, indicating effective preventive action.

The nature of the bug could have permitted a reentrancy attack, which involves a hacker making recursive calls to a function in a smart contract, potentially allowing them to mint unlimited tokens on networks linked through the IBC, such as Osmosis and various decentralized finance platforms operating on Cosmos.

Related: Telekom, Bosch, Fetch.ai, and Cosmos: Uniting Forces in Blockchain and AI Innovation

Asymmetric Research explained that the flaw had been present in the ibc-go, the high-level programming language used for implementing IBC since its inception in 2021. The vulnerability became a threat with the introduction of new third-party application software called IBC middleware.

This software expanded the IBC’s capabilities by enabling tokens adhering to the ICS20 interchain token standard to be transferred across different chains, inadvertently increasing the risk of exploits.

“This incident underlines the fragile nature of trust assumptions in blockchain networks and the potential risks introduced by new features,” Asymmetric stated, emphasizing the importance of thorough security measures and the need for ongoing research into cross-chain security to safeguard the interconnected blockchain environment.

Source vía → asymmetric.re

By utilizing IBC hooks, CosmWasm contract calls can be initiated from the Acknowledgement and Timeout handlers. This allows entry into CosmWasm via IBC hooks. Subsequently, CosmWasm can generate submessages to execute arbitrary Cosmos messages, creating a recursive call scenario. This vulnerability could potentially lead to a multi-spend scenario, posing a significant risk to the security of the Cosmos network.

The exploitation process begins with deploying a smart contract that complies with IBC hooks callback for timeouts. Then, IBC tokens are sent back to the native chain with an expired timeout. Malicious relayers intercept the transfer, facilitating the preparation and execution of messages for a single CosmWasm execute() call. 

These messages, such as MsgUpdateClient and MsgTimeout, are stored in the smart contract for future reentrant calls.

Following execution, the process entails the successful completion of MsgUpdateClient and MsgTimeout messages. This is followed by triggering MsgTimeout again via another submessage in the CosmWasm contract. This sequence repeats until all funds for a given token are stolen or the desired amount of IBC tokens are minted.

The bug was rectified by Cosmos developer Carlos Rodríguez approximately three weeks ago, as indicated by a GitHub commit. This proactive approach reflects Cosmos’ commitment to security and the efficacy of their response systems.

This incident was not the first time a critical vulnerability was discovered in the IBC protocol; another serious issue was identified and fixed in October 2022 before it could be exploited.

Together, these incidents highlight the ongoing challenges and essential vigilance required to secure complex blockchain ecosystems like Cosmos.

Disclaimer: ETHNews does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. ETHNews is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Isai Alexei
Isai Alexei
As a content creator, Isai Alexei holds a degree in Marketing, providing a solid foundation for the exploration of technology and finance. Isai's journey into the crypto space began during academic years, where the transformative potential of blockchain technology was initially grasped. Intrigued, Isai delved deeper, ultimately making the inaugural cryptocurrency investment in Bitcoin. Witnessing the evolution of the crypto landscape has been both exciting and educational. Ethereum, with its smart contract capabilities, stands out as Isai's favorite, reflecting a genuine enthusiasm for cutting-edge web3 technologies. Business Email: info@ethnews.com Phone: +49 160 92211628