IBC had a close call with a critical vulnerability

The vulnerability enabled exploiters to replay a bug that would enable an infinite number of IBC tokens to be redeemed

by Bessie Liu /
article-image

Artwork by Crystal Le

share

A recent blog post by Asymmetric Research revealed there was a critical vulnerability that affected the inter-blockchain communication (IBC) protocol — a standard that enables interaction among individual cosmos chains.

This vulnerability was found specifically in ibc-go, the Golang high-level programming language implementation of the IBC protocol, and affected CosmWasm-based IBC middleware. 

IBC middleware was created to enable the integration of ICS20 with other IBC protocols. Similar to many bridging protocols, the middleware enables packets to be sent from one blockchain to another. These packets are stored as commitments before being properly received and deleted. If they are not received, tokens will be refunded through a timeout functionality. 

Read more: Picasso connects Ethereum to Cosmos IBC

Asymmetric Research found that the flow between the module deleting the commitment control could be replayed, which meant it was possible to replay the bug and exploit an infinite number of IBC tokens. 

Multiple chains were vulnerable to the issue, with Osmosis, one of the largest cross-chain DEXs in the Cosmos ecosystem, being the largest chain that could have been affected. However, due to rate limiting on the chain, the damage the bug could have potentially caused was limited. 

According to Asymmetric Research, the vulnerability has been privately disclosed to the Cosmos HackerOne bug bounty program, and the issue itself has been resolved without any malicious exploitation. 

Read more: Helpful hackers net more than $640k in 1 year with crypto bug bounties

“This issue demonstrates how easy it is to break trust assumptions and introduce new vulnerabilities by adding new features and functionality. It is also another example of the importance of defense-in-depth,” Asymmetric Research wrote in a blog post.

The research noted specifically that Cosmos teams had strong security measures in place that could have saved them from existential risks. 

“A binary patch was released to fix the underlying IBC timeout reentrancy without breaking consensus. Contributors spent much time and effort assessing the security implications of the mentioned issues,” Asymmetric Research wrote.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Permissionless is a conference for founders, application developers, and users. Come meet the next generation of people building and using crypto.

learn more

Digital Asset Summit 2025

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

4.png

Research

Polygon Protocol Governance Call (PPGC) #25

This months PPGC covered four main areas. Firstly, debriefing the progress and status of the mainnet implementation of the Ahmedabad hard fork. Secondly, a retrospective on the testnet phase of the Ahemdabad Hard Fork. Thirdly, an update on PIP-36 which involves replaying failed state syncs. Lastly, PIP-47 which pushes upgrades to the Polygon Protocol Council.

by Nikhil Chat

/

news

article-image

Empire Newsletter

Kicking the tires on this bitcoin bull market

Why bitcoin’s major run may be later than usual

by Katherine Ross&David Canellis /
article-image

Business

Funding Roundup: Crypto companies raised $823M in September

Thirty-three DeFi companies announced raises last month, data from the TIE terminal shows

by Katherine Ross /
article-image

Business

Crypto Hiring: Coinbase, Bybit see changes; leaders step away

A former Binance executive is set to help Bybit with compliance, while a Coinbase leader expands his role

by Ben Strack /
article-image

Web3

Web3 Watch: Lamborghinis are coming to the metaverse

Plus, Ubisoft is launching NFTs for its Captain Laserhawk shooter game

by Donovan Choy /
article-image

Markets

As BTC rallies after jobs report, what are the ‘Uptober’ odds?

Various factors are likely to temper strong jobs data-spurred optimism in the short term, industry watchers say

by Ben Strack /
article-image

Forward Guidance Newsletter

Exploring the ‘Uptober’ drivers and current outlook

Plus, tokenization is still the talk of the town

by Ben Strack&Casey Wagner /