Celer Network patches code vulnerability discovered by Jump Crypto

Quick Take

  • Celer, a cross-chain interoperability protocol, reported Wednesday that it patched a vulnerability first disclosed by Jump’s crypto arm.
  • The vulnerability was discovered in Celer’s State Guardian Network, a Proof-of-Stake (PoS) blockchain it operates. 

Celer, a cross-chain interoperability protocol, said Wednesday that it patched a vulnerability first disclosed by Jump's crypto arm. 

In blog posts published by Celer and Jump Crypto, the disclosure detailed a vulnerability in Celer's State Guardian Network (SGN), a proof-of-stake blockchain that Celer utilizes for securely authorizing transactions between different networks. If executed, the vulnerability could have allowed a malicious validator node to submit enough fraudulent "votes" about the state of the network to alter it potentially.

Celer stressed that no funds were lost due to the bug's existence. "The vulnerability was not publicly accessible, and no funds were at immediate risk at the time of discovery," the team wrote.

Celer said that it would propose funding a bug bounty grant to Jump Crypto as a result of the discovery.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

"Though the discovery is not covered by the existing bug bounty programs, we plan to raise a community proposal to grant the Jump Crypto team a retrospective bounty reward once we include the SGN codebase in the bug bounty programs in the coming months. Onward and forward," the team wrote in its blog post. 

Vulnerabilities are common in the DeFi world, as perhaps befits an ecosystem of experimental projects and protocols. So, too, are the inherent dangers; last weekend, a malicious attack resulted in the takeover of Tornado Cash's governance DAO. 

According to The Block Research, some $2.73 billion has been stolen from DeFi projects by malicious hackers.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Editor

To contact the editor of this story:
Vishal Chawla at
[email protected]