Security company: Cosmos SDK is now a serious security vulnerability. There is a logic error in the unbinding operation of the verification node.

On May 31, the Cosmos team said that a serious security vulnerability was found in the Cosmos SDK. The patch has been in effect at a block height of 482100 (about 10 am today), but many nodes did not patch before this height and needed to replay the block. Ensure that the data is consistent with the main network. According to the analysis of the slow fog security team, the reason for the vulnerability is that there is a logic error in the unbinding operation of the verification node. More details will be announced after the main network is repaired. Slow fog security reference recommendation, upgrade method: cd $GOPATH/src/github.com/cosmos/cosmos-sdk git fetch –all git pull origin v0.34.6 make tools install If there is a backup before 482100, use backup to restore, then Restart the node. If there is no backup: # reset stategaiad unsafe-reset-all then restart the node.