First effects of the hack on the BNB Smart Chain – Last week, the BNB Smart Chain found itself in the heart of the turmoil. Indeed, the BSC Token Hub was the target of a major attack. In total, the equivalent of 500 million dollars was stolen. Unfortunately, this flaw is not unique to the BNB Smart Chain. Thus, this also seems to affect the IBC of Cosmos.
BNB Smart Chain Hack
On October 7, Binance’s BNB Chain found itself in a more than delicate situation. Thus, around midnight French time, the BNB Smart Chain is paused. This situation follows the identification of irregularities on the blockchain.
Quickly, the thesis of the attack is explored. Thus, an account was quickly identified to have managed to obtain 2 million BNB in what appears to be a hack.
Ultimately, Changpeng CZ Zhao ended speculation two hours after the rumors began.
“An attack on an inter-chain bridge, BSC Token Hub, led to the hijacking of BNB. We have asked all validators to temporarily suspend the BSC. The problem is now under control. Your funds are safe […] The current damage estimate is around US$100 million equivalent, about a quarter of the last BNB burn. »
News that was later confirmed by the findings of several crypto-investigators. Indeed, the latter revealed that there was a BSC Token Hub Proof Verification Flaw.
“In summary, there was a bug in the way the Binance Bridge checked evidence, which could have allowed attackers to tamper with arbitrary messages. Fortunately, the attacker only tampered with two messages, but the damage could have been much worse. »
Eventually, Binance teams managed to recover 400 of the stolen 500 million.
>> Secure your cryptos on a Ledger wallet. Free shipping (commercial link) <<
Cosmos IBC: the real cause of the attack?
Subsequently, many Internet users wondered about the possible link between this flaw and the IBC of Cosmos.
Indeed, the Binance blockchain ecosystem is made up of two blockchains:
- BNB Beacon chain : who ensures the governance of the BNB Smart Chain;
- BNB Smart Chain : blockchain compatible with the Ethereum Virtual Machine.
Except that in practice, the BNB Beacon Chain was launched using the Cosmos SDKs and therefore falls into the category of Cosmos channels.
Unfortunately, netizens who considered a connection between the hack and IBC were absolutely right.
Thus, following the attack, the Cosmos and Osmosis teams extensively audited the code of the IBC (Inter Blockchain Communication) protocol allowing cross-chain communication.
Finally, on October 13, the latter revealed that they had detected a critical vulnerability in the code of the IBC. Consequently, this flaw impacts all Cosmos blockchains that have activated the IBC.
“We have discovered a critical security vulnerability that affects all IBC-compatible Cosmos chains, for all versions of IBC. Steps have already been taken to ensure that all major IBC compatible public channels have been patched. »
Although the main blockchains using the IBC have been patched, the Cosmos teams invite developers of chains that have not been updated to use the CosmosSDK v0.46.3 patch.
For the moment, no precise details on the critical flaw discovered have been revealed. These details should be revealed in the coming weeks, once it does not put entire ecosystems at risk.
On his side, the BNB Smart Chain has deployed the Moran hard fork to mitigate the flaw. This includes a correction of the vulnerability as well as several additions to prevent such an event from happening again.
Full of promise, DeFi is in its infancy and still commits some resounding missteps. There are no 36 ways to protect your cryptocurrencies! Keep them safe on a Ledger wallet. Free shipping (commercial link).
