Disclosure of serious security issues in the Cosmos Hub liquidity staking module, including the involvement of North Korean agents in the majority of the code writing

2024-10-16 11:34:24

Collection

ChainCatcher message, the Cosmos ecosystem software development company All in Bits stated that it has discovered serious security issues with the Liquid Staking Module (LSM) of Cosmos Hub, including that most of the LSM code was written by North Korean agents; LSM is not an independent module, but a set of modifications to the existing staking, allocation, and slashing modules, which may affect all staked ATOM; vulnerabilities that allow slashing to be circumvented still exist; 19 months of code changes have gone unaudited; significant misrepresentation by Zaki Manian and Iqlusion; lack of transparency from ICF, Stride Labs, and informal systems.

All in Bits recommends an immediate fix for the main staking vulnerabilities in LSM; an instant, comprehensive audit of LSM; full disclosure of the investigation timeline regarding North Korean agent involvement; a blacklist of ICF stakeholders; new audit and oversight agreements for ICF-funded projects.

(Source Link)

Related tags

Cosmos Hub security issues LSM

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.