Co-founder of the inter-blockchain communication (IBC) ecosystem Cosmos, Ethan Buchman, announced the existence of a “critical security vulnerability” on 13 October that affects all Cosmos chains which support IBC and all IBC versions.
Buchman made this announcement on the Cosmos Hub Forum where he assured that steps have already been taken to ensure that all significant public IBC-enabled chains have been fixed.
This update is coming in a week that saw many hacks that cost more than $100 million.
Triggered by the BNB exploit
The Cosmos team had reportedly been in touch with the developers of major IBC projects to ensure a patch is applied to the network before the vulnerability can be exploited.
The patch would be made available via the Cosmos SDK so that developers of smaller projects can also upgrade their networks by 14:00 UTC on 14 September.
It was also stated that the patch may be applied without requiring a network halt, and once the upgrade has been approved by a third of voters on the chain.
On the heels of the $100 million cross-chain bridge exploit on BNB Chain on 6 October, the core developers of Cosmos and Osmosis reportedly stepped up security audits. The audits led to the discovery of a vulnerability that had not yet been exploited.
Over $1B and 40 chains at stake
The Cosmos team’s handling of the vulnerability is still up for debate. If the serious vulnerability is not addressed, the DeFi ecosystem’s Total Value Locked (TVL) might lose more than $1 billion.
This is because the Cosmos ecosystem is currently home to over 40 chains, with Cronos, Cava, Thorchain, and Terra Classic being some of the noteworthy protocols with millions of TVL locked in.
Over the past few months, the TVL in DeFi protocols as a whole had dropped significantly. As of this writing, it had fallen from about $140 billion in May to under $54 billion.
The price of ATOM was on an uptrend using trendlines on a daily timeframe. The chart indicated that ATOM had risen by over 200% since the beginning of its rally.
At the time of writing, ATOM was trading between $11 and $12, a rise of almost 6% from the start of the trading period.
Although given the position of the Relative Strength Index line, the rally had not taken ATOM out of the bear trend it was experiencing.
However, there have been relatively few cases of security breaches on chains within the Cosmos IBC ecosystem.
Ethereum Virtual Machine (EVM) blockchains have been the target of the great majority of cross-chain bridge hacks this year. The Ronin and Nomad bridge exploits are some of the cases of EVM exploits.