The Cosmos Inter-Blockchain Communication Protocol (IBC) may be a reason for the loss of $570 million worth of BNB stolen from the Binance Bridge on Thursday, October 6, 2022. According to an analyst, Larry, the Cosmos’ IBC code used in the IBC contained some vulnerabilities that the hacker leveraged to siphon funds and wreak havoc on the Binance Smart Chain (BSC) and the broader Binance ecosystem.
The IBC is an open-source protocol that relays information between independently distributed ledgers. It is designed to connect independent blockchains and allow them to communicate with each other and exchange values, especially tokens, making these chains interoperable.
Binance Bridge is a blockchain bridge created to allow the transfer of assets and information between blockchains. It uses ICS-20 for token or asset transfers between chains. However, on the Binance Smart Chain (BSC) side, it uses an IBC-Go composed of a custom pre-compile contract containing a bug for packet (transaction) verification. The hackers exploited the bug to steal over $570 million worth of BNB.
According to Larry, the Cosmos IBC core repository has some vulnerabilities (bugs), which were exploited by the hackers as Binance imported the Cosmos repository and inherited the bugs. He further explained that IBC-Go uses a different library for proof verification from Binance Bridge. As a result, it dodged the forged transactions submitted by the hackers.
the lesson here imo is we should stop the brainless shilling of IBC
if Binance's light client implementation can be hacked, so can ibc-go
— Larry Engineer (@larry0x) October 8, 2022
Hyperlane Raises $18.5 million To Reduce Cross-Chain Bridge Hacking
Meanwhile, Hyperlane has been working to build a platform that provides developers with a more secure infrastructure for building secure inter-chain applications and was able to raise $18.5 million in seed funding for the project in September, according to Fortune.
The initiative grew out of efforts to solve blockchain interoperability issues since over $2 billion worth of cryptocurrencies were lost to hackers in cross-chain bridge hacks this year, according to Chainalysis, a blockchain data firm.
Hyperlane co-founder Jon Kol stated that they would use the funds raised to build a sovereign consensus model that would allow developers to customize their safety precautions for their inter-chain applications when making them. He further added that they have plans to build more integral features like APIs for developers to send messages between multiple chains and another to query information between chains.
