Man
Professional
- Messages
- 3,152
- Reaction score
- 697
- Points
- 113
The blockchain needs to choose – to lose all the money of investors or to continue to keep silent about the threat to capital?
Cosmos Hub, one of the largest decentralized projects, was at the center of a scandal: specialists from North Korea could develop its Liquid Staking Module (LSM). Previously, the module was considered the most important achievement of the project, allowing participants not only to store funds but also to participate in financial transactions without giving up staking. However, now there is a controversy surrounding LSM related to the possible introduction of vulnerabilities that allow attackers to circumvent the punishment system.
According to reports, the development of LSM started in August 2021 under the leadership of Iqlusion, led by Zaki Manian. During the creation of the module, specialists such as Jun Kai and Sarawut Sanit worked on the project, whose activities are now raising questions in the community. In July 2022, an audit from Oak Security revealed critical vulnerabilities in the module, but the same developers were engaged in fixing them. Despite this, the module continued to develop, and in September 2023 it was integrated into the Cosmos Hub.
According to insiders, in March 2023, Manian received a warning from the FBI about the possible involvement of North Korean specialists, but did not inform the community about it. As a result, the vulnerable code ended up in a key part of the project, which compromised the security of the entire ecosystem. In October 2024, Cosmos co-founder Jay Kwon published information revealing the uncertainty and risks associated with LSM. In his opinion, the vulnerabilities could compromise all funds hosted in ATOM, and he called for immediate checks and a ban on the use of "untrusted protocols".
The community of the decentralized project was divided. On the one hand, there are requirements to conduct a full audit and bring up all LSM-related issues for discussion. On the other hand, many believe that such interference can slow down the development of the project. Meanwhile, some developers are already thinking about leaving, fearing for their reputation and the danger of using insecure software.
Source
Cosmos Hub, one of the largest decentralized projects, was at the center of a scandal: specialists from North Korea could develop its Liquid Staking Module (LSM). Previously, the module was considered the most important achievement of the project, allowing participants not only to store funds but also to participate in financial transactions without giving up staking. However, now there is a controversy surrounding LSM related to the possible introduction of vulnerabilities that allow attackers to circumvent the punishment system.
According to reports, the development of LSM started in August 2021 under the leadership of Iqlusion, led by Zaki Manian. During the creation of the module, specialists such as Jun Kai and Sarawut Sanit worked on the project, whose activities are now raising questions in the community. In July 2022, an audit from Oak Security revealed critical vulnerabilities in the module, but the same developers were engaged in fixing them. Despite this, the module continued to develop, and in September 2023 it was integrated into the Cosmos Hub.
According to insiders, in March 2023, Manian received a warning from the FBI about the possible involvement of North Korean specialists, but did not inform the community about it. As a result, the vulnerable code ended up in a key part of the project, which compromised the security of the entire ecosystem. In October 2024, Cosmos co-founder Jay Kwon published information revealing the uncertainty and risks associated with LSM. In his opinion, the vulnerabilities could compromise all funds hosted in ATOM, and he called for immediate checks and a ban on the use of "untrusted protocols".
The community of the decentralized project was divided. On the one hand, there are requirements to conduct a full audit and bring up all LSM-related issues for discussion. On the other hand, many believe that such interference can slow down the development of the project. Meanwhile, some developers are already thinking about leaving, fearing for their reputation and the danger of using insecure software.
Source
