IBC

Cosmos Interchain Foundation budgets $26M for ecosystem development in 2024

The amount allocated is down from a budget of $40 million in 2023.

Switzerland-based Interchain Foundation (ICF), the core developer behind the cross-chain communications protocol Cosmos, will allocate $26.4 million for maintaining the said ecosystem next year.

According to a Dec. 13 announcement seen by Cointelegraph, the ICF 2024 roadmap “prioritizes funding for the Interchain Stack’s optimal functionality.” Out of the amount, $3 million will be allocated to CometBFT, Cosmos’ Byzantine fault-tolerant engine for state machine replication. Meanwhile, $4.5 million will go toward the Cosmos software development kit, and $7.5 million will be allocated to Cosmos’ native inter-blockchain communications protocol (IBC).

The remaining $4.155 million will go toward smart contract framework CosmWasm, digital library CosmJS, and ecosystem security audits. “This year’s funding program is designed to fortify the free-to-use, open-source Interchain Stack, serving as a catalyst for enhanced blockchain interconnectedness,” said ICF board director Maria Gomez, adding, “The role we play in the ecosystem is that of a steward that aids the interchain to achieve its goal of interoperable sovereignty.”

Read more

Cosmos co-founder says a major security vulnerability has been uncovered on IBC

A public patch fixing the exploit is scheduled to be released tomorrow.

On Oct. 13, Ethan Buchman, co-founder of interblockchain communication (IBC) ecosystem Cosmos, said that a “critical security vulnerability” had been discovered that “impacts all IBC-enabled Cosmos chains, for all versions of IBC.” Buchman assured that steps have already been taken to ensure that all major public IBC-enabled chains have been patched, stating: 

“A chain is safe from the critical vulnerability as soon as ⅓ of its voting power has applied the patch. Chains should still seek to patch to ⅔ as quickly as possible once the official patch is released.”

A public version of the patch will be released in the Cosmos SDK (software development kit) v0.45.9 and v0.46.3 tomorrow at 14:00 UTC. Buchman recommends that all chains and validators apply it immediately upon release and that chain-halting is not required for it to take effect.

The issue appears to have come to light after core developers of Cosmos and Osmosis (the leading decentralized exchange on Cosmos) ramped up security audits in light of a $100 million cross-chain bridge exploit on BNB Chain on Oct. 6. 

Cross-chain bridges solve a variety of problems in decentralized finance by allowing users to port digital assets across multiple protocols. However, they tend to be more complex than regular decentralized applications, and if the source code is copy-and-pasted across protocols, the vulnerability can be amplified dramatically.

Nevertheless, the vast majority of cross-chain bridge hacks this year, such as the Ronin and Nomad bridge exploits, have occurred on Ethereum Virtual Machine blockchains. On the contrary, security breaches on chains in Cosmos’ IBC ecosystem have been few and far between. There are currently about 45 blockchains built using the Cosmos SDK.