Jump Crypto Found and Helped Fix Vulnerability in Ethermint
CRYPTO TREYSI
The developers of the Ethermint protocol from the Cosmos ecosystem have fixed a critical vulnerability. The problem, discovered by crypto trading firm Jump Crypto, potentially threatened the loss of an "eight-figure sum" in dollars. The bug allowed to bypass some contract processing functions, which would allow the attacker not to pay transaction fees and would lead to a denial of service to users.
According to Evmos, the vulnerability arose due to incorrect processing of transactional messages by Ethermint. In particular, this concerns the interaction between MsgEthereumTx and MsgExec. Developers from Evmos Core and Cronos, together with specialists from Jump Crypto, have implemented a code fix that eliminates the attack vector.
The Cronos team paid Jump Crypto $25,000 as a reward for discovering the vulnerability. The potential damage from a mistake could cost hundreds of millions of dollars. If a hacker exploited the vulnerability, it would result in huge financial and reputational losses for blockchains.
Image: GitHub