web3.0
Web3 Researcher Receives $150,000 Bug Bounty from Cosmos Network for Identifying Critical Evmos Blockchain Vulnerability
Web3 Researcher Receives $150,000 Bug Bounty from Cosmos Network for Identifying Critical Evmos Blockchain Vulnerability
A Web3 security researcher received $150,000 from the Cosmos Network for identifying a critical bug that could halt the Evmos blockchain and all its decentralized applications.
A Web3 security researcher was able to earn $150,000 from the Cosmos Network after discovering a critical bug that could halt the Evmos blockchain and all its decentralized applications (DApps).
According to the researcher, who goes by the pseudonym jayjonah.eth on Twitter, the bug was discovered as part of a crypto bug bounty. These bounties offer incentives to developers and researchers to help identify bugs and vulnerabilities within a system.
“I decided to participate in the Evmos bug bounty program and started reading the Evmos light client spec,” explained jayjonah.eth.
He found a section within the document which read as follows:
“Typically, these addresses are module accounts. If these addresses receive funds outside the expected rules of the state machine, invariants are likely to be broken and could result in a halted network,” wrote Evmos.
According to jayjonah.eth, this clause indicated that if users sent funds to module accounts, it could cause the blockchain to break. He then tested this by sending funds to the module accounts.
“At this point, no more blocks are being produced and the chain has completely halted. This breaks the Evmos blockchain and all the DApps built on it,” he wrote.
He then reported his findings to the Evmos team, who awarded him $150,000 for discovering the critical bug. This marks the highest prize awarded for a bug of this level.
“They confirmed the bug and awarded me $150,000 for finding the critical bug. This is the highest prize awarded for a critical bug in the Evmos bug bounty,” wrote jayjonah.eth.
However, despite the large sum, the researcher downplayed the difficulty of finding the bug, describing it as “low-hanging fruit.”
“This bug was actually very simple to find and is a great example of the low-hanging fruit that can be found in Web3,” he noted.
“It’s also a good reminder that even large projects can have simple bugs that are easy to overlook.”
He added that the bug highlights the importance of thoroughly reading documentation and thanked the Evmos team for their cooperation.
“This bug taught me a few important things as a security researcher. The first, and most obvious, is to always thoroughly read the documentation of the project you’re investigating,”
-jayjonah.eth
The above is the detailed content of Web3 Researcher Receives $150,000 Bug Bounty from Cosmos Network for Identifying Critical Evmos Blockchain Vulnerability. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1379
52
What does WEB3 mean?
Mar 12, 2024 pm 02:18 PM
Web3.0 refers to the third generation of the Internet, the protocol Internet. The core is: user creation, user ownership, user control, and agreement distribution of benefits. It uses the technology of blockchain protocol creation and automatic execution, that is, rights and value through smart contracts. The distribution agreement can be executed efficiently, accurately, and reliably without using a third party, and the entire process can be audited.
Binance releases Web3 wallet, an article details its highlights
Jan 18, 2024 pm 04:45 PM
Quick introduction: According to news on November 8, Richard Teng, general manager of Binance’s regional market, announced the launch of the self-hosted Binance Web3 wallet at Binance’s flagship event Istanbul Binance Blockchain Week, aiming to provide users with simple, secure, and integrated wallets. A one-stop Web3 experience. The wallet is embedded in the Binance App, providing users with a way to explore the Web3 world without complicated registration or worries about losing their mnemonic phrases. Users can easily exchange multiple tokens, access various DApps, quickly transfer funds, and earn income using cryptocurrencies. Binance, the world’s leading blockchain ecosystem and virtual asset exchange, recently launched a product called Binance Web3 Wallet. The wallet is designed to satisfy users’ needs for simple, convenient and secure We
The number of Web3 users surged 40% in the second quarter, setting a new historical record
Jul 11, 2024 am 10:54 AM
In the second quarter of 2024, user participation in the Web3 field reached a new peak, and the number of daily unique active wallets (dUAW) reached an average of 10 million. Compared with the previous quarter, this number achieved 40% significant growth. According to a report released by blockchain analysis platform DappRadar on July 4, the decentralized application (DApp) industry has experienced unprecedented expansion in many aspects and has shown a positive growth trend overall. Social dApp and NFT market grew significantly In the second quarter of 2024, the social decentralized application (dApp) and NFT market performed well and became a significant growth point in the quarter. The growth in user activity of social dApps is particularly significant, and dUAW also
What public chains are there in web3?
Oct 08, 2024 pm 08:45 PM
Web3, as a new stage of the Internet, is built on the decentralization of blockchain. As the underlying architecture of Web3, the public chain provides a secure and transparent data recording and management method. Among them, Ethereum has attracted much attention for its smart contract platform, while Binance Smart Chain is known for its high performance and low-cost transactions. Polkadot is a multi-chain network that facilitates connections and communications between blockchains. Solana is known for its fast scalable transactions, while Cardano is recognized for its academically-backed security and scalability.
Web3 Security Warning丨Be careful with 'hot spots': Detailed explanation of OrdiZK exit scam
Mar 14, 2024 pm 07:37 PM
On March 5, the CertiK security team discovered that OrdiZK orchestrated an exit scam. In this incident, the scammers used methods such as hoarding transaction fees, malicious selling, and abusing management rights to steal approximately US$1.4 million in user funds. This incident is the 6th exit scam that occurred in 2024. To date, total losses from 2024 exit scams have exceeded $64 million. Event Overview OrdiZK claims to be a privacy cross-chain bridge between the Ethereum network and the Bitcoin network. They also claimed to enable cross-chain operations between other networks such as Solana and Avalanche, according to their since-deleted announcement. Deployers of the project have established two OZK token contracts and multiple staking contracts. early
LFG Announces Brand Upgrade and Complete UI/UX Overhaul, Transforming Into a Cutting-Edge Web3 Super App
Aug 18, 2024 am 06:00 AM
This evolution marks a new chapter as we become the ultimate platform for education, entertainment, gaming, and trading in the Web3 space.
What are the dominant coins in Web3? Which ones have the greatest development prospects?
Jan 26, 2024 pm 09:00 PM
Web3 is a decentralized system with blockchain as the underlying technology. Web3, also known as Web3.0, is the third generation of the Internet. It is also a decentralized system based on blockchain technology. Its core is the use of blockchain technology, Cryptocurrencies, non-fungible tokens (NFTs), return power to users. As Web3 has become a hot topic, Web3 concept currencies have also received a lot of attention. The most concerning one is what are the leading Web3 concept currencies? According to data analysis, the leading coins are mainly DOT, FIL and GPRT. Apart from the leading coins, which Web3 concepts have the most potential for investors? I am also very concerned about it, so I will tell you in detail next. What are the leading concepts of Web3? Web3 concept leading coin has DOT
What is web3? Vernacular analysis of web3 forms
Aug 03, 2022 am 10:03 AM
Regarding what web3 is, each article may introduce it differently. It seems that everyone has not yet reached a consensus on what web3 is. In this article, I will introduce the web3 form that I recognize in plain English, which greatly solves our pain points. I would like to call it the future!