Research Summary
The article discusses a vulnerability discovered in Celer’s State Guardian Network (SGN), a Cosmos-based blockchain designed to support cross-chain communication. This issue could have allowed a malicious validator to compromise the SGN and applications dependent on it, such as Celer’s cBridge. The vulnerability was privately reported to the Celer team and has since been fixed. The SGN is responsible for monitoring Celer’s on-chain contracts for incoming messages or transfers and forwarding them to the corresponding contracts on the destination chain.
Actionable Insights
- Security Measures: It’s crucial to ensure that both on-chain and off-chain components of a blockchain network are secure. While on-chain smart contracts are often open-source and scrutinized, off-chain components may not receive the same level of attention.
- Importance of Open Source: The open-sourcing of SGNv2’s code allowed for the discovery and subsequent fixing of the vulnerability, highlighting the importance of open-source software in enhancing security.
- Need for Regular Checks: Regular checks and audits of blockchain networks, including their off-chain components, are necessary to identify and fix potential vulnerabilities.
