BlockBeats 消息,10 月 16 日,Cosmos 生态软件开发公司 All in Bits 在 Github 上发文表示,其发现了 Cosmos Hub 的流动性质押模块(LSM)存在严重安全问题的原因,包括大多数 LSM 代码由朝鲜特工编写;LSM 不是一个独立的模块,而是对现有质押、分配、罚没模块的一组修改,可能会影响所有质押的 ATOM;允许罚没规避的漏洞仍然存在;19 个月代码更改未经审计的;Zaki Manian 和 Iqlusion 的重大误述; ICF、Stride Labs、非正式系统缺乏透明度。
All in Bits 建议立即修复 LSM 的主要质押漏洞;即时、全面的 LSM 审计;全面披露朝鲜参与调查时间表;ICF 相关方黑名单;针对 ICF 资助项目的新审计和监督协议。
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.