Osmosis v9 Post-Upgrade Downtime Incident - Preliminary Report
IPFS
Osmosis recently (today/yesterday) upgraded to v9 (version is v9.0.0
The details are as follows, but not the focus of this article
https://www.mintscan.io/osmosis/proposals/252
Vulnerabilities were discovered and reported after the upgrade, so verify people proactively shut down
Quoting Junønaut tweet:
https://twitter.com/TheJunonaut/status/1534402698556190726
A critical bug has been found on $OSMO / @OsmosisZone
which could have potentially drained all liquidity pools.
It has been discovered after a post on the subreddits /r/CosmosNetwork and /r/OsmosisLab.
The chain was halted under immediate emergency to avoid further damage.
Critical software vulnerability has been discovered
This hole can be used to drain all flow cells
The vulnerability was discovered by someone posting on the subreddit
The chain operation was intentionally suspended to prevent any further losses
More information
- Someone has successfully used this vulnerability (see the follow-up of the above tweet
- Vulnerability fixed but still to be tested - source tweet
- Post-mortem analysis, compensation, etc. need to wait until the network restarts
There is enough new news to integrate new articles~
Like my work? Don't forget to support and clap, let me know that you are with me on the road of creation. Keep this enthusiasm together!
- Author
- More