Cosmos Staking- Impact of North Korean Involvement on Cosmos Ecosystem Security
Cosmos Staking– A recent onchain investigation has raised serious concerns about potential North Korean involvement in the development of the Cosmos ecosystem, specifically its Liquid Staking Module (LSM). The findings have garnered attention from the FBI and sparked fears among investors regarding the security of the platform.
North Korean Developers and Investor Concerns
According to Jacob Gadikian, a developer within the Cosmos ecosystem, part of the LSM may have been built by North Korean agents. In an October 16 post on X, Gadikian stated, “It isn’t about their geography or ethnicity. The people who built the LSM are the world’s most skilled and prolific crypto thieves.” This revelation has led to investor anxiety, especially considering the notorious Lazarus Group—a cybercrime organization linked to the North Korean government—is believed to be behind some of the largest crypto hacks, including the $600 million exploit of the Ronin bridge.
Ethan Buchman, co-founder of Cosmos, acknowledged in an October 18 post that the team was previously unaware of any North Korean contributions to the LSM, stating, “None of us were aware of the North Korean work on LSM, but we are working together to deal with it.”
Potential Security Risks and Urgent Audits
The implications of potential North Korean involvement raise significant security concerns. Melody Chan, research lead at Redecentralise, emphasized that malicious actors could introduce hidden vulnerabilities, such as backdoors, into the Cosmos ecosystem. In a statement to Cointelegraph, she noted, The big fear is that these developers might add vulnerabilities, like backdoors or ways to hack the system. With the current issues in the LSM and the FBI’s warnings, it’s clear that thorough code audits are urgently needed.
The Lazarus Group has gained notoriety for stealing over $3 billion in crypto assets since its emergence in 2009. Although the connections to this group are still allegations, Anndy Lian, a blockchain expert, cautioned that if developers linked to North Korea are involved, there could be risks of hidden vulnerabilities in the code.
Actions Being Taken: Audits and Framework Changes
In response to these alarming developments, two parallel security audits are set to begin: one by OtterSec and Binary Builders next week, and another by Zellic in mid-November. Core contributors to Cosmos have suggested a phased removal of the LSM, proposing a new governance framework that would enhance the overall functionality and security of the ecosystem.
In an October 22 post on X, Informal Systems, a key contributor to Cosmos, outlined plans for this new framework. They indicated that after a community vote to remove the LSM, there would be a 1-2 month grace period for LSM shareholders to convert their shares to native delegations. The upgraded Cosmos Hub would then invalidate the remaining tokenized shares, facilitating a more secure and efficient governance structure.
As the situation develops, Cointelegraph has reached out to Cosmos for further comment but has not received an immediate response. The community awaits the results of the audits and the potential overhaul of the LSM, which could significantly impact the future of the Cosmos ecosystem.
FAQ
What are the concerns regarding North Korean involvement in the Cosmos ecosystem?
Concerns arise from allegations that part of the Cosmos Liquid Staking Module (LSM) may have been developed by North Korean agents, potentially linked to the Lazarus Group, a notorious cybercrime organization. This involvement raises fears about hidden vulnerabilities, such as backdoors in the code, which could be exploited for malicious purposes. Experts emphasize the urgent need for thorough code audits to address these potential security risks.
Leave a comment