WEB3
by BSCN
October 16, 2024
Despite warnings from Oak Security about the risks of slashing evasion, the module was reportedly promoted as secure and ready for integration into the Cosmos Hub.
Most of the code for the Cosmos Hub's Liquid Staking Module (LSM) was developed by North Korean agents, according to All in Bits (AiB), a prominent contributor in the Cosmos ecosystem.
The LSM's development reportedly began in August 2021, initiated by the Interchain Foundation (ICF) and spearheaded by Iqlusion, a key player in the Cosmos ecosystem and Zaki Manian.
The project later saw collaboration with Stride Labs, Binary Builders, and Informal Systems to integrate the LSM into Gaia. However, the pivotal role played by two North Korean developers, Jun Kai and Sarawut Sanit, who contributed a majority of the code, has come under scrutiny.
June 2021: The ICF announced funding for ongoing work on Gaia and staking derivatives.
August 2021: Development of the LSM commenced, with significant contributions from North Korean developers.
July 2022: An audit by Oak Security flagged critical vulnerabilities in the LSM, particularly regarding slashing evasion.
March 2023: The FBI contacted Zaki Manian, revealing the North Korean links to the developers. However, this information was reportedly not disclosed to the Cosmos community.
April 2023: Zaki promoted the LSM as “finished,” ignoring ongoing security concerns, per reports.
The LSM’s design includes a critical flaw that allows participants to evade slashing penalties, posing a risk to the entire staking ecosystem. The Oak Security audit highlighted these vulnerabilities, yet Zaki and Iqlusion promoted the LSM as complete, creating a false sense of security.
This fundamental issue contradicts the principles of proof-of-stake systems, where slashing is essential for maintaining network integrity. By framing this flaw as an intentional design feature, they allegedly misled the Cosmos community about the real risks associated with the LSM.
Call for Action
In light of these revelations, AiB called for immediate action. A comprehensive audit of the LSM is essential to assess its security and integrity. According to AiB, the Interchain Foundation should:
Create a blacklist of individuals and entities involved in promoting insecure protocols, starting with Zaki Manian and Iqlusion.
Establish stringent audit requirements for any code development supported by the ICF.
Develop oversight protocols to ensure thorough safety assessments before new implementations are proposed.
The future security of the Cosmos ecosystem depends on addressing these issues openly and transparently. The community deserves a secure network, free from hidden risks.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCN. The information provided in this article is for educational and entertainment purposes only and should not be construed as investment advice, or advice of any kind. BSCN assumes no responsibility for any investment decisions made based on the information provided in this article. If you believe that the article should be amended, please reach out to the BSCN team by emailing [email protected].
Latest News
February 8, 2025
Weekly Article Recap: 2/03-2/07
February 7, 2025
POPCAT Memecoin Review: Analysis and Prospects
February 7, 2025
Ondo Finance’s New Blockchain: What is Ondo Chain
February 7, 2025
Everything You Need to Know About Analog's Official Launch
February 7, 2025
Telegram Meets AI Agents: TheOpenLayer Partners with NPC Team
February 7, 2025
Donald Trump-Backed World Liberty Financial Plans to Create "Strategic Reserve"
February 7, 2025
When Will Pi Launch Open Network Mainnet?
February 7, 2025
Cboe BZX Files for Multiple Spot XRP ETFs with SEC: What You Need to Know