Due to the discovery of a serious vulnerability in the Cosmos documentation, a Web3 security researcher received a reward of $150,000

2024-10-29 20:52:48
Collection

ChainCatcher news, according to Cointelegraph, a Web3 security researcher earned a $150,000 bounty by reading the Cosmos network documentation and discovering a serious vulnerability that could cause the Evmos blockchain and all decentralized applications (DApps) built on it to stop functioning.

In a blog post published on October 28, the security researcher "jayjonah.eth" explained the concept of "module accounts" encountered in the Cosmos documentation, stating: "If these addresses (module accounts) receive funds outside the expected rules of the state machine, invariants may be violated, potentially leading to a network halt." Based on the Cosmos documentation, the Evmos blockchain was subjected to crash testing, where the security researcher attempted to send funds to the module accounts in a testing environment to test this theory, reporting: "At this point, no blocks are being generated anymore, and the blockchain has completely stopped. This would compromise the Evmos blockchain and all DApps built on it." He revealed that the Evmos team had already fixed the vulnerability before the information was made public.

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
banner
ChainCatcher Building the Web3 world with innovators