Preventing Airdrop Theft on Stride: an IBC integration vulnerability

• May 15, 2023

Research Summary

This article discusses a vulnerability discovered in Stride, a Cosmos chain for liquid staking across the Cosmos ecosystem. The vulnerability could have allowed an attacker to steal all unclaimed airdrops on Stride, putting more than 1.6M STRD (equivalent to roughly $4M) at risk. The issue was reported privately to the Stride contributors and has since been fixed. The article also highlights the importance of understanding the underlying trust model of the Inter-Blockchain-Communication (IBC) protocol when building on top of it.

Actionable Insights

Security Vulnerability in Stride: A vulnerability in Stride could have allowed an attacker to steal all unclaimed airdrops. This issue has been fixed.
IBC Trust Model: Developers building on top of IBC and security engineers reviewing IBC integrations should carefully review the attack surface exposed to malicious IBC clients or channels.
Stride Contributors’ Response: The Stride contributors responded quickly and professionally to the issue, ensuring that no malicious exploitation took place.

Related Research

Preventing Airdrop Theft on Stride: an IBC integration vulnerability

Research Summary

Actionable Insights

Categories

Related Research

Archway – The next L1 Summer from Cosmos

An Analysis of the Avalanche Architecture

Top 5 Airdrops in 2024

Moving Out On The Risk Curve

The Chain Abstraction Thesis | Season 7 Episode 3

What’s Driving Token Prices? February 7, 2024

How Intents Unbundle Assets from Protocols | Season 7 Episode 2

Inside the Evolution of Liquid Staking & Modular Money | Jon Charbonneau

Universal Interoperability with Axelar: Connecting all Blockchains

9 Predictions for Crypto in 2024 – Blockcrunch Roundtable 004