Cosmos Hub’s Liquid Staking Module Under Scrutiny Due to North Korea Ties

Cosmos North Korea
Concerns over Cosmos Hub's Liquid Staking Module have intensified following revelations of alleged North Korean developer involvement.
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.

Concerns over the security of the Cosmos Hub’s Liquid Staking Module (LSM) have intensified following revelations that North Korean developers were allegedly involved in its creation.

A detailed report by blockchain development firm All in Bits (AiB) unveiled a series of critical missteps, potential security risks, and severe lapses in transparency by those leading the LSM’s development.

The allegations center on Zaki Manian, a prominent figure in the Cosmos community and head of Iqlusion, who reportedly became aware of North Korean involvement in the LSM’s development as early as March 2023.

Cosmos Hub’s Liquid Staking in the Hands of North Korea?

The LSM’s development began in August 2021. It was led by Iqlusion and supported by other players in the Cosmos ecosystem, such as Stride Labs and Informal Systems.

The LSM was designed to enhance liquidity for staked ATOM tokens, allowing users to convert them into liquid staked assets.

However, AiB’s investigation has revealed that North Korean developers wrote a substantial portion of the LSM’s code.

In July 2022, Oak Security audited the LSM and uncovered severe vulnerabilities, including mechanisms that would allow stakers to evade slashing penalties—a fundamental aspect of ensuring the security of proof-of-stake blockchains.

Source: Oak Security Github

Rather than addressing these concerns with independent experts, Zaki Manian and Iqlusion reportedly tasked the same North Korean developers with fixing the code’s vulnerabilities.

This compromised the remediation process and exposed the system to further risks, as the developers who potentially introduced the vulnerabilities were now responsible for fixing them.

In March 2023, the FBI informed Zaki Manian of the North Korean developers’ involvement. Despite this critical information, Manian did not alert the Cosmos community.

Instead, in April 2023, he pushed for a Signaling Proposal to integrate the LSM into the Cosmos Hub, claiming the module was “ready for deployment.”

This occurred while significant security vulnerabilities remained unresolved. By September 2023, the LSM was integrated into the Hub, with 19 months of unaudited code changes, potentially putting all staked ATOM tokens at risk.

Cosmos Co-founder Jae Kwon Calls for Accountability

The revelations have triggered widespread concern within the Cosmos community, with many questioning the decision-making process and the lack of transparency surrounding the LSM’s development.

AiB’s report has recommended several measures, including an immediate audit of the LSM, stricter security protocols for future code contributions, and greater transparency from the Interchain Foundation (ICF), which funded the LSM’s development.

Similarly, Cosmos co-founder Jae Kwon has also weighed in on the controversy. He expressed grave concerns over the security of the LSM and the role played by Iqlusion and Zaki Manian.

In a statement, Kwon highlighted the serious risks posed by the involvement of North Korean developers and criticized Manian for his lack of transparency.

Kwon said:

“For sixteen months, the LSM was developed by individuals linked to North Korea, and their contributions were integrated into the Cosmos Hub without proper security vetting.”

He accused Manian of “gross negligence” and called for immediate action to address the vulnerabilities and hold those responsible accountable.

Kwon further emphasized the need for a comprehensive audit of the LSM, arguing that the module’s design flaws could compromise the security of all staked ATOM tokens.

As the LSM is not a standalone module but a series of modifications to the existing staking infrastructure, any vulnerability within it could have far-reaching consequences for the entire Cosmos network.

Kwon also urged the Cosmos governance community to implement stricter auditing requirements and oversight protocols for future developments.

More Articles

DeFi News
Major Cosmos DEX Osmosis Unveils Polaris: The Token Portal
Sead Fadilpašić
Sead Fadilpašić
2024-09-11 14:50:10
Blockchain News
deBridge Launches Hooks For Instant DeFi Cross-Chain Data Transfers
Hongji Feng
Hongji Feng
2024-10-08 14:50:17
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors