The developers behind the Cosmos network released today a full disclosure of last month's "Critical security vulnerability" which reportedly enabled hackers to bypass certain penalties for misbehavior on the network.
Normally, Cosmos validators - which are the equivalent to miners on a proof-of-work blockchain network - that do misbehave either by voting haphazardly or signing off on false transactions are penalized by having their staked ATOM tokens slashed.
As stated in today's post by the Tendermint team, the code vulnerability discovered last month could enable a validator to bypass the full un-staking or "Un-bonding" period "And have their funds immediately become liquid essentially insta-unbonding."
Having gone live this past March, Cosmos is a relatively new blockchain network that is designed to improve the interoperability between differing blockchain platforms.
The security vulnerability disclosed today was actually found in "The staking module" of the Cosmos Software Development Kit which debuted back in 2018 as a "State-of-the-art" blockchain toolkit.
Jessy Irwin, Tendermint's head of security, said in interview with CoinDesk that while the vulnerability disclosed today is the first of its kind to impact the Cosmos main network, "It's not the first bug that has been reported to us."
The vulnerability, now fully patched on the Cosmos network, did require Cosmos validators to execute an emergency hard fork or system-wide upgrade.
Irwin highlighted that in order for this hard fork to execute successfully without resulting in a network split, urgent notice need to be pushed to all Cosmos validators and other service providers who were running Cosmos software on their computers.
Moving forward, Irwin told CoinDesk that one of the biggest lessons learnt from the security disclosure and upgrade process was a greater need for secure communication channels with Cosmos validators and other service providers.
"We're really going to be advocating for our hub of validators and exchanges to open up their own channels for security communications We are working really hard with our validator set to open that up so that next time we're not running around and scrambling for information to get in touch with them."
Tendermint Says Last Month's Cosmos Vulnerability Exposed Security Loophole
gepubliceerd op Jun 17, 2019
by Coindesk | gepubliceerd op Coinage
Coinage
Vermeld in dit artikel
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.