Disclosure of serious security issues in the Cosmos Hub liquid staking module, including the involvement of North Korean agents in the majority of the code writing

2024-10-16 11:34:24

Collection

ChainCatcher message, Cosmos ecosystem software development company All in Bits stated that it has discovered serious security issues with the Liquidity Staking Module (LSM) of Cosmos Hub, including that most of the LSM code was written by North Korean agents; LSM is not an independent module but a set of modifications to the existing staking, allocation, and slashing modules, which may affect all staked ATOM; vulnerabilities that allow slashing evasion still exist; 19 months of code changes have not been audited; significant misrepresentation by Zaki Manian and Iqlusion; lack of transparency from ICF, Stride Labs, and informal systems.

All in Bits recommends immediate fixes for the major staking vulnerabilities in LSM; an immediate and comprehensive audit of LSM; full disclosure of the investigation timeline involving North Korean agents; blacklisting of ICF stakeholders; new audit and oversight agreements for ICF-funded projects.

(Source Link)

Related tags

Cosmos Hub security issues LSM

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.