Following the BNB Chain incident last week, Cosmos developers looked over their IBC code and discovered a significant security flaw that put all IBC-enabled blockchains at threat.
Ethan Buchman, a co-founder of Cosmos, said in a formal statement on the Cosmos Hub governance forum that the team has already taken measures to guarantee that all significant public IBC-enabled chains have been fixed.
Cosmos Devs Will Make The Version Available Publicly Today
“Given the severity, we have been working tirelessly with core development teams and validators across the ecosystem to make the patch available privately and ensure chains are patched before communicating publicly,” the statement says.
The developers of Cosmos and Osmosis during the audit that was conducted after the BSC exploit detected the attack. However, it should be noted that its correlation to BSC has not yet been established.
According to Ethan Bucham, a chain is protected from serious vulnerability as soon as one-third of its voting power has implemented the patch. Also, chains should still seek to patch to ⅔ as quickly as possible once the official patch is released.
As noted by him, a public version of the patch will be published in the CosmosSDK v0.45.9 and v0.46.3 latest by 14:00 UTC today Friday, October 14, 2022, to enable development teams of smaller projects to update their systems as well.
But even if they had already patched privately, he suggested that all chains and validators promptly upgrade to the newly unveiled patch.
The update should be applied as soon as practicable and can be delivered independently by validators without a chain-halt upgrade. Despite this, it is still possible for validators to crash or for chains to stop working during the update.
The statement reiterates that developers should approach the IBC team if they have any problems and encourages white hat hackers to submit a bug bounty if any new vulnerabilities are found.
This is a significant step taken by the members of the core Cosmos and Osmosis teams in a way to further safeguard against exploits that are continually hitting the crypto space, as a result of attackers that leverage on minor security breaches in blockchain protocols.
