Developers disclose major vulnerability in all IBC-enabled chains on Cosmos

Quick Take

  • Cosmos developers have reported a critical security vulnerability across its IBC-enabled blockchains.
  • Cosmos co-founder Ethan Buchman said that developers will have to deploy a security patch on Friday.

Developers have disclosed a critical software vulnerability within all Cosmos blockchains that run the inter-blockchain communication protocol (IBC), the network's cross-chain messaging and bridge protocol.

The developers discovered the security issue during a software audit of the Cosmos network in light of the $100 million bridge hack on BNB Chain, a blockchain that uses Cosmos software under its hood, Cosmos co-founder Ethan Buchman wrote in a blog update on the project's community forum on Thursday.

"Members of the core Cosmos and Osmosis teams have been extensively auditing IBC in the aftermath of the BSC exploit. We have discovered a critical security vulnerability that impacts all IBC-enabled Cosmos chains, for all versions of IBC," Buchman said.

To fix its vulnerability, all of the IBC-enabled Cosmos blockchains will have to deploy a public security patch planned for release at 10 a.m. EDT on Friday, Buchman said, adding a private patch was sent to chains and deployed already. He further said that validators of various Cosmos chains may halt their networks during the Friday upgrade.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy