Cosmos developers uncovered a “critical security vulnerability” that impacts all IBC-enabled Cosmos chains.
In a post on the Cosmos forum on Thursday, Ethan Buchman, the CTO and co-founder of the Cosmos Network, said that core developers had found a security vulnerability after extensively auditing the Inter-Blockchain Communication (IBC) following the BSC exploit.
Buchman said that core development teams had been working together with validators across the ecosystem to implement a patch that would fix the issue before communicating publicly.
“A chain is safe from the critical vulnerability as soon as ⅓ of its voting power has applied the patch. Chains should still seek to patch to ⅔ as quickly as possible once the official patch is released,” said Buchman.
Buchman urged all chains and validators to upgrade to the public patch release CosmosSDK v0.45.9 and v0.46.3 within 24-hours of its release, even if they have already patched privately. The release is scheduled to go live on at 14:00 UTC on Oct. 14.
IBC enables blockchain users within the Cosmos ecosystem to easily switch from one to another. At the time of writing, there are 42 IBC-enabled chains with a combined market cap of over $8 billion.
One of these IBC-enabled chains is the BNB Chain, which recently fell victim to a $100 million exploit. The attack on the BNB Chain prompted Cosmos developers to dig deeper into potential vulnerability issues on other IBC-enabled chains.