Cosmos Founder Warns About North Korean Connections in Liquid Staking System

All in Bits (AiB), the organization behind the Cosmos, has raised an urgent warning concerning the Liquid Staking Module (LSM) within the Cosmos Hub, citing serious security threats stemming from its development by individuals associated with North Korea.

According to AiB, the integration of these developers’ work into the Cosmos Hub lacked adequate security scrutiny, leading to concerns about potential weaknesses in the system.

Developers Linked to North Korea

The LSM was originally conceived in 2021, spearheaded by the Cosmos validator hosting company Iqlusion and its leader Zaki Manian, with input from Stride Labs, Binary Builders, and Informal Systems. Its purpose was to adjust essential components of Cosmos, such as staking, distribution, and slashing. However, the module’s incorporation into the Cosmos Hub via Gaia raises the risk that these vulnerabilities could affect all staked ATOMs.

In a recent update, Cosmos co-founder Jae Kwon noted that AiB scrutinized Manian’s actions and inactions during the LSM’s development and rollout, expressing serious concerns over the Cosmos Hub’s transparency and security measures.

Kwon outlined a timeline highlighting various missteps related to the LSM’s development and associated security issues.

On June 24, 2021, the Interchain Foundation (ICF) revealed that Iqlusion had received funding to continue work on Gaia and network enhancements, including staking derivatives. By August, Manian and Iqlusion had embarked on the LSM’s development, with notable contributions from Jun Kai and Sarawut Sanit, later identified as being linked to North Korean interests.

A pivotal audit conducted by Oak Security in July 2022 identified major vulnerabilities, especially concerning slashing avoidance. Alarmingly, the same developers with direct ties to North Korea were assigned to rectify these issues, casting doubt on the integrity of the solutions provided.

Despite these revelations, Kwon alleged that Manian communicated with the FBI in March 2023 regarding the developers’ North Korean links but failed to inform the broader community. Subsequently, Stride Labs attempted to improve security in April 2023, but much of their work involved minimal adjustments to the original code.

A Signaling Proposal to embed the LSM into the Cosmos Hub was submitted on April 19, 2023, even with the unresolved security concerns. This proposal navigated through various processes, ultimately resulting in the LSM’s integration on September 11, 2023, nearly 19 months after the most recent audit.

Manian ultimately admitted on October 2, 2024, that he had been aware of the connections to North Korea since March 2023 but neglected to inform the Cosmos community prior to endorsing the LSM’s integration, raising serious questions about transparency and security within the Cosmos framework.

Call for Accountability from Cosmos Leadership

Kwon urged for a thorough audit of the LSM and demanded full transparency regarding the involvement of developers with ties to North Korea. He also proposed that the Interchain Foundation establish a blacklist of individuals and organizations associated with insecure protocols, including Manian and Iqlusion.

Moreover, Kwon emphasized the necessity for instituting audit requirements for code development funded by the ICF and creating oversight procedures to guarantee comprehensive safety evaluations before any new implementations are proposed for the Cosmos Hub.