Jump Crypto Discovers Potential Vulnerability in Cosmos-Based Ethermint
On April 14th, developers of Jump Crypto discovered a potential vulnerability in Cosmos based Ethermint, which could result in eight digit asset losses. Ethermint supports the use
On April 14th, developers of Jump Crypto discovered a potential vulnerability in Cosmos based Ethermint, which could result in eight digit asset losses. Ethermint supports the use of Ethereum smart contracts in the Cosmo ecosystem, which could allow attackers to bypass specific contracts called handlers, leading to theft of transaction fees and denial of service to users. After receiving the report, the Evmos core development team and Cronos team immediately collaborated with Jump Crypto to resolve the issue.
Developers discover potential vulnerabilities in Cosmos based Ethermint
Introduction
On April 14th, Jump Crypto, a blockchain security and engineering firm, made a disturbing discovery – a potential vulnerability in Cosmos-based Ethermint. This vulnerability could result in eight-digit asset losses, a significant danger to investors and stakeholders.
Understanding Ethermint and Ethereum Smart Contracts
Ethermint is a Proof-of-Stake blockchain built on Cosmos-SDK, a popular framework for building highly customizable blockchains. What makes Ethermint unique is its ability to support Ethereum Virtual Machine (EVM) smart contracts within the Cosmos ecosystem. This integration allows for a seamless interoperability between Cosmos and Ethereum networks, as well as access to Ethereum’s rich ecosystem of decentralized applications (dApps) and smart contracts.
Smart contracts, in layman’s terms, are self-executing contracts with terms and conditions written in computer code. These contracts automatically execute when predetermined conditions are met, eliminating the need for intermediaries.
The Vulnerability in Handlers
Jump Crypto’s report reveals the vulnerability specifically lies in handlers, a specific type of contract in Ethermint. Handlers are responsible for executing transactions in Ethermint. They can be seen as a gateway through which transactions flow from one part of the blockchain to another. Handlers are meant to act as safety mechanisms, ensuring that only legitimate transactions are executed, and all transaction fees are paid accordingly.
However, with the reported vulnerability, attackers can bypass these handlers, leading to unauthorized and potentially costly transactions. They can also execute denial-of-service (DoS) attacks, causing a disruption of service to legitimate users. The report states that attackers can exploit this vulnerability to “execute complex attacks on blockchains with Ethereum interop, steal assets and create legal liabilities on exchanges operating on these blockchains.”
Immediate Collaboration to Resolve the Issue
Upon receiving the report from Jump Crypto, the Evmos core development team and Cronos team immediately collaborated to address the issue. They promptly released patches that could fix the vulnerability and prevent any potential losses.
This fast response by the development team shows the importance of working closely with security professionals to address any potential vulnerabilities in the blockchain. It also serves as a reminder of the ever-present threat of cyberattacks and the need for constant vigilance.
Conclusion
The recent discovery of a potential vulnerability in Cosmos-based Ethermint highlights the importance of blockchain security and the need for constant attention to potential cybersecurity threats. Developers must remain alert and work closely with blockchain security professionals to mitigate any potential risks and keep the blockchain ecosystem safe for all stakeholders involved.
FAQs
1. What is Ethermint?
Ethermint is a Proof-of-Stake blockchain built on Cosmos-SDK, capable of supporting the Ethereum Virtual Machine (EVM).
2. What are Ethereum smart contracts?
Ethereum smart contracts are self-executing contracts programmed with terms and conditions and execute automatically when predetermined conditions are met.
3. What are handlers in Ethermint?
Handlers are contracts responsible for executing transactions in Ethermint, acting as safety mechanisms to ensure only legitimate transactions are executed.
This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/20774/
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.
Recommended articles
-
Ripple Middle East Managing Director Shares Insights on CBDC Objectives and Regulator Interaction
On March 1, Brooks Entwistle, Managing Director of Ripple Middle East, spoke about the company\’s efforts and objectives in the field of central bank digital cu…
-
Tari Labs’ Restraining Order Against Lightning Labs for Taro Protocol
According to reports, blockchain startup Tari Labs has won a temporary restraining order against Bitcoin developer Lightning Labs over its Taro protocol and platform. This ruling means that Lightning Labs will not be able to update the Taro agreement or announce further development of the agreement. Tari Labs won a restraining order against Lightning Labs over the Taro agreement Analysis based on this information:Tari Labs, a blockchain startup, has recently won a temporary restraining order against Bitcoin developer Lightning Labs over its Taro protocol and platform. The ruling stipulates that Lightning Labs is currently not authorized to update the Taro agreement or launch further developments of the agreement. The Taro protocol is a new online payment system where users can transact with one another by registering their transactions on a public electronic ledger. This brings us to the question of why Tari Labs needed to file a restraining order against Lightning Labs. It is important to note that the cryptocurrency…
-
Google for Startups Cloud Program Open to Web3 Industry Builders
According to reports, the Google Cloud Google for Startups Cloud Program is now open to Web3 industry builders. Qualified projects from Pre Seed to Round A will be able to apply fo
-
First Nuclear Power Blockchain Data Center in the US Exclusively Deploys Bitland’s ANTMINER products
According to reports, according to official information from Bitland, recently, the first nuclear power blockchain data center in the United States, namely Tera Wulf\’s Nautilus dat
-
Coin Security to Delist AION, MIR, and ANC
It is reported that according to the announcement of Coin Security, according to the recent review, it was decided to get off the shelf and stop all transactio…
-
What currency is btv (btcv currency price)
btv what currency According to Bitcoin. com, what currency is Bitstock (BTV)? What currency does BTV have According to BitTorrent website data, the current transaction price of BTV is approximately $1. According to the BitTorrent website, currently, the Bitcoin network can process 36000 requests per second. If Bitcoin blockchain is used for transmission, it requires a power consumption of over 1000 watt hours. It is reported that in the past year, Bitcoin has completed nearly $1 billion in market value and value transfer btcv coin pricesAccording to Bitcoin. com exchange data, btcv coin prices have increased by 32.5% in the past 24 hours. According to Bitcoin exchange guide, the current price of BTCV coin is 0.002 US dollars (currently reported at 0.026 US dollars), with a market value of approximately 400 million RMB, an increase of 138%. As of the time of publication, the quotation is 0.017 US dollars Previously, it was reported that Btcv will open on August 25th…
-
Lido Developer MixBytes Announces Termination of DeFi Pledge Services on Polkadot and Kusama
According to a blog post by Lido developer MixBytes, the DeFi pledge service Lido will stop its pledge plans on Polkadot and Kusama on August 1st. Polkadot and Kusama no longer acc
-
BitGo Launches Bitcoin Ordinals Inscription Tracking Function
It is reported that BitGo, a cryptographic hosting service provider, has released an Ordinals inscription tracking function aimed at increasing the security of inscription storage.
-
What does the blockchain master node mean (what does the node in the blockchain mean)?
The blockchain master node is what does it mean? Bitcoin core developer and Ethe
-
Alchemy Pay Enables Card Users to Buy Cryptocurrency with Discover and Diners Club
It is reported that Alchemy Pay, an encrypted payment service provider, announced that its Ramp function has supported Discover Card and Diners Club Card, allo…
-
The Federal Reserve announced a 25 basis point interest rate hike
According to reports, the Federal Reserve announced a 25 basis point hike in interest rates, raising the target range of the federal funds rate to 4.75% to 5%, the highest level si
-
SmartMoney: The Case of $251 ETH Investment for 5.9T PEPEs
According to reports, according to Lookonchain monitoring, a \”SmartMoney\” spent 0.125 ETHs ($251) four days ago to purchase 5.9T PEPEs (currently $1.14 million). If the address is
-
Understanding Open Positions in Bitcoin Futures Contracts
According to reports, CoinGlass data shows that the nominal value of open positions in Bitcoin (BTC) futures contracts has reached an annual high of $12 billion, up 7% in the curre
-
What currency is lbtc (is lbt currency legitimate)
What currency is lbtc? What currency is LBtc. It is a Cryptocurrency platform website and a decentralized exchange, which aims to solve the most urgent payment problem – cross-border remittance by applying blockchain technology to the financial industry According to the official website, LBTCoin is the first community owned and operated digital asset trading network in the world, and the only token without ICO (Initial coin offering) or other forms of circulation. Users can send, receive, and hold various types of tokens between different wallets on their platform, and use these tokens to redeem or make purchases with these funds Is lbt coin formalRecently, LBT coin founded by well-known blockchain investor Li Xiaolai has caused a lot of media reports and hot discussions in a short time According to the information disclosed in relevant news, multiple media outlets have questioned the hype of this project, calling it “false information”, and its promotional content does not match the actual situation; Even…
-
DeFi Protocol Suffers a $21 Million Loss in February Due to Hacker Attacks
It is reported that according to DefiLlama data, the DeFi protocol lost more than $21 million due to hacker attacks in February, and the largest attack in that…
-
The Normalization of Blockchain Outages: Do We Only Care About Token Price?
On March 23rd, Fan Long, the co founder of Conflux, posted a message stating that Avalanche C chain seems to have stopped exporting for an hour. Puzzled by the community\’s acceptan