TechFlow reported on October 29, according to Cointelegraph, a Web3 security researcher earned a $150,000 bounty by reading Cosmos network documentation and discovering a critical vulnerability that could have halted the Evmos blockchain and all decentralized applications (DApps) built on it.
In a blog post published on October 28, security researcher "jayjonah.eth" explained encountering the concept of "module accounts" in the Cosmos documentation: "If these addresses (module accounts) receive funds outside the state machine's expected rules, invariants may be violated and could lead to a network halt." Conducting a crash test on the Evmos blockchain based on the Cosmos documentation, the researcher attempted sending funds to a module account within a test environment and reported: "At this point, no further blocks were being produced; the blockchain had completely stopped. This would break the Evmos blockchain and all DApps built on top of it." He revealed that the Evmos team had already patched the vulnerability before public disclosure.




