Wu said that he learned that All in Bits (AiB), a Cosmos ecosystem builder, issued an emergency alert and found that the Liquid Staking Module (LSM) of the Cosmos Hub had serious security risks. AiB pointed out that most of the LSM code was written by North Korean proxy developers; LSM is not an independent module, but a modification of the existing staking, distribution, and slashing modules, which may affect all staked ATOMs; loopholes for circumventing penalties still exist; 19 months of code changes have not been audited; Zaki Manian and Iqlusion have engaged in major misleading behavior; ICF, Stride Labs, and Informal Systems lack transparency. AiB recommends that the major staking vulnerabilities in LSM be fixed immediately, a comprehensive audit be conducted, and the timeline of the discovery of North Korean involvement be fully disclosed, and the relevant parties be blacklisted.
