Jump Crypto Finds Double-Voting Vulnerability in Celer’s SGN

Critical Double-Voting Vulnerability in Celer’s SGN Found by Jump Crypto, Highlighting Potential Risks and Mitigation Techniques.

• Celer’s State Guardian Network (SGN) contains a vulnerability that Jump Crypto has discovered that could provide access to the network and any apps that depend on it, including Celer’s cBridge.
• After inspecting the off-chain SGNv2 code published on GitHub, the vulnerability was found in Celer, a Cosmos-based blockchain that facilitates cross-chain communication.

Introduction

The State Guardian Network (SGN) of Celer has recently been found to have a severe vulnerability, according to Jump Crypto, a well-known Web3 investor and developer. Due to this flaw, malevolent validators might have been able to access the network and its dependent programs, including Celer’s cBridge.

Understanding the Vulnerability

ACCORDING TO JUMP CRYPTO’S POSTMORTEM ANALYSIS, the SGN EndBlocker code contained a fault that caused the vulnerability. The flaw made it possible for validators to cast several votes for the same update, boosting their influence. By casting repeated votes for the same update, unscrupulous actors could take advantage of this vulnerability and potentially sway the outcome in favor of a false or harmful update. The study drew attention to the lack of a check in the code that would have prevented such double voting.

Implications for Celer’s State Guardian Network

Due to this weakness, Celer, a Cosmos-based blockchain that enables cross-chain communication, was exposed to several hazards. It is possible that a rogue validator took over to manipulate on-chain activities like bridge transfers, message emissions, staking, and delegation on Celer’s primary SGN contract. The security of the network and the applications built on top of it could be jeopardized by this type of control.

Safeguards Implemented by Celer

To stop a complete theft of the bridge funds, Celer has put in place several defenses. These actions consist of the following:

Delay triggered by the bridge contract: Transfers that exceed a specific value are delayed, giving potential malicious actions time to be discovered and stopped.

Limitations of Safeguards

Although Celer’s security mechanisms provide some protection, they are not infallible. Jump’s research states that transaction restrictions apply per chain and token, which means that a hacker might be able to steal tokens worth about $30 million before the contracts are stopped. This roughly equals 23% of Celer’s current total locked value. It’s crucial to remember that these built-in safeguards only protect Celer’s bridge contracts. The inter-chain messaging provided by Celer would continue to leave all dApps open to these security flaws.

Bug Bounty Program

To encourage identifying and disclosing vulnerabilities in its bridge, Celer runs a bug bounty program with a $2 million budget. Off-chain exposures like the one discovered in the SGNv2 network are not covered by this program, though. Jump Crypto and Celer have discussed including the SGNv2 network in their bug bounty program. The Celer team is now analyzing a potential compensation for Jump’s report.

Conclusion

Jump Crypto’s discovery of the double-voting flaw in Celer’s SGN has highlighted potential dangers related to the network and its applications. Although the issue has been addressed and resolved without any known malicious exploitation, it serves as a reminder of the significance of concrete security measures in the quickly developing blockchain industry.

 Although functional, Celer’s implementation of protection mechanisms needs to be improved, leaving dApps built on top of the network unprotected. The ongoing assessment of a bug bounty payment made in response to Jump Crypto’s report reveals Celer’s dedication to fixing flaws and maintaining the integrity of its ecosystem. The faith of users in decentralized systems will need to be preserved by constant vigilance and proactive security measures.