Cosmos developers are taking action to remove the Liquid Staking Module (LSM) from the Cosmos Hub after revelations linked its creation to North Korean agents.

Earlier today, blockchain development company All in Bits (AiB) issued an emergency alert, highlighting significant security vulnerabilities within the LSM.

Notably, news of the North Korean developers’ link to the project has negatively impacted the network’s token price, which fell by more than 2.5% in the last 24 hours to $4.44 as of press time.

North Korea links

According to AiB, a substantial portion of the LSM was developed by North Korean actors, raising critical concerns for the security of the Cosmos ecosystem.

The company clarified that the LSM is not a standalone feature but an extension built on existing Cosmos staking modules. This design means that any vulnerability in the LSM could impact the entire staking system, potentially putting all staked ATOM tokens at risk.

AiB further accused the leading developers of the LSM, Iqlusion and Zaki Manian, of lacking transparency. According to the company, the developers knew of the involvement of North Korean actors but chose not to disclose this information.

AiB claimed that Zaki Manian became aware of these connections in March 2023. The company also alleged that Manian knew the developers were under investigation by the FBI but failed to inform the Cosmos community. The company wrote:

“Despite possessing this crucial information, Zaki failed to conduct any further audits or a thorough review of the North Korean developers’ contributions before promoting the LSM for integration with the Cosmos Hub.”

In addition to the North Korean link, AiB raised concerns over a critical LSM design flaw. This flaw reportedly allows users to avoid future slashing penalties, transferring the risk to other stakers. Despite being discovered during an audit, the developers did not address the issue, instead calling it an “intentional design goal.”

Cosmos developers react

In an Oct. 16 post on X (formerly Twitter), Cosmos developer Jacob Gadikian announced that the network’s developers have started tracking the steps required to remove the LSM from the Cosmos Hub.

Gadikian also confirmed that specific branches of the Cosmos SDK repository, identified by “-lsm” suffixes, contain contributions from North Korean individuals linked to money laundering and developed under false identities.

He stated:

“The code in question should be entirely removed from the repository, or an extremely large, bold face warning should be put on the cosmos-sdk repository”

Cosmos developers are now calling for a thorough audit of the LSM to disclose the full involvement of North Korean actors. The audit may also lead to the blacklisting of specific individuals and entities, including Zaki Manian, Iqlusion, and other key promoters of the module.

Read the full article here

Share.

Leave A Reply

Your road to financial

freedom starts here

With our platform as your starting point, you can confidently navigate the path to financial independence and embrace a brighter future.

Registered address:

First Floor, SVG Teachers Credit Union Uptown Building, Kingstown, St. Vincent and the Grenadines

CFDs are complex instruments and have a high risk of loss due to leverage and are not recommended for the general public. Before trading, consider your level of experience, relevant knowledge, and investment objectives and seek financial advice. Vittaverse does not accept clients from OFAC sanctioned jurisdictions. Also, read our legal documents and make sure you fully understand the risks involved before making any trading decision