WEB3
by BSCN
October 16, 2024
Despite warnings from Oak Security about the risks of slashing evasion, the module was reportedly promoted as secure and ready for integration into the Cosmos Hub.
Most of the code for the Cosmos Hub's Liquid Staking Module (LSM) was developed by North Korean agents, according to All in Bits (AiB), a prominent contributor in the Cosmos ecosystem.
The LSM's development reportedly began in August 2021, initiated by the Interchain Foundation (ICF) and spearheaded by Iqlusion, a key player in the Cosmos ecosystem and Zaki Manian.
The project later saw collaboration with Stride Labs, Binary Builders, and Informal Systems to integrate the LSM into Gaia. However, the pivotal role played by two North Korean developers, Jun Kai and Sarawut Sanit, who contributed a majority of the code, has come under scrutiny.
June 2021: The ICF announced funding for ongoing work on Gaia and staking derivatives.
August 2021: Development of the LSM commenced, with significant contributions from North Korean developers.
July 2022: An audit by Oak Security flagged critical vulnerabilities in the LSM, particularly regarding slashing evasion.
March 2023: The FBI contacted Zaki Manian, revealing the North Korean links to the developers. However, this information was reportedly not disclosed to the Cosmos community.
April 2023: Zaki promoted the LSM as “finished,” ignoring ongoing security concerns, per reports.
The LSM’s design includes a critical flaw that allows participants to evade slashing penalties, posing a risk to the entire staking ecosystem. The Oak Security audit highlighted these vulnerabilities, yet Zaki and Iqlusion promoted the LSM as complete, creating a false sense of security.
This fundamental issue contradicts the principles of proof-of-stake systems, where slashing is essential for maintaining network integrity. By framing this flaw as an intentional design feature, they allegedly misled the Cosmos community about the real risks associated with the LSM.
Call for Action
In light of these revelations, AiB called for immediate action. A comprehensive audit of the LSM is essential to assess its security and integrity. According to AiB, the Interchain Foundation should:
Create a blacklist of individuals and entities involved in promoting insecure protocols, starting with Zaki Manian and Iqlusion.
Establish stringent audit requirements for any code development supported by the ICF.
Develop oversight protocols to ensure thorough safety assessments before new implementations are proposed.
The future security of the Cosmos ecosystem depends on addressing these issues openly and transparently. The community deserves a secure network, free from hidden risks.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article
Latest News
0h : 21m ago
FTX Sues Binance and CEO Changpeng Zhao for $1.8B Over Alleged Fraud
1h : 36m ago
NEAR Protocol to Build World’s Largest Open-Source AI Model with 1.4T Parameters
4h : 36m ago
Bitcoin Surges Past $81,000 Amid Trump’s Victory and Pro-Crypto Political Shift
November 9, 2024
Weekly Article Recap: 11/04-11/08
November 8, 2024
Ethereum Foundation (EF) Releases 2024 Annual Report: A Look at its Financial Growth
November 8, 2024
Dan Gallagher in the Lead as Trump’s Pick for SEC Chair: Report
November 7, 2024
Political Betting Contracts, Cross-Chain Communication Advances, and Crypto Payments in Detroit
November 7, 2024
What Donald Trump's Victory Means for Crypto Policy, His Legal Battles, and Ross Ulbricht's Future