Does it support both Go and Rust projects?

Yes, it is specifically designed to analyze Cosmos SDK modules written in Go and CosmWasm smart contracts written in Rust.

How does this skill help prevent chain halts?

It scans for non-deterministic code (like map iterations or float usage) and unbounded loops in consensus-critical paths, which are the primary causes of validator state divergence and chain halts.

What specific vulnerabilities does this skill detect?

The skill identifies 9 critical patterns including non-deterministic map iterations, ABCI panics, missing denom validation, insufficient authorization, and improper IBC packet validation.

Can I use this for pre-launch audits?

Absolutely. It is an ideal tool for pre-launch security assessments to ensure that custom modules and contracts follow Cosmos SDK security best practices.

Cosmos Vulnerability Scanner

Name: Cosmos Vulnerability Scanner
Author: trailofbits

bytrailofbits

•

938

Security & Testing

Scans Cosmos SDK modules and CosmWasm contracts to identify security vulnerabilities and consensus-critical issues.

About

The Cosmos Vulnerability Scanner is a specialized skill designed for developers and security auditors working within the Cosmos ecosystem. It systematically analyzes codebase modules for nine critical vulnerability patterns—such as non-determinism, ABCI panics, and improper message validation—that can lead to chain halts or fund loss. By supporting both Go-based Cosmos SDK modules and Rust-based CosmWasm contracts, this skill provides actionable insights and remediation strategies for maintaining the integrity of decentralized networks.

Key Features

Provides actionable remediation steps and code fixes for identified issues
938 GitHub stars
Identifies non-deterministic map iterations and platform-dependent types
Analyzes both Cosmos SDK (Go) and CosmWasm (Rust) codebases
Validates ABCI method implementations like BeginBlocker and EndBlocker
Detects 9 critical Cosmos-specific vulnerability patterns

Use Cases

Investigating and fixing chain halt incidents caused by state divergence
Conducting security audits of custom x/ modules in Cosmos SDK chains
Pre-launch vulnerability assessment for CosmWasm smart contracts

About

Key Features

Provides actionable remediation steps and code fixes for identified issues
938 GitHub stars
Identifies non-deterministic map iterations and platform-dependent types
Analyzes both Cosmos SDK (Go) and CosmWasm (Rust) codebases
Validates ABCI method implementations like BeginBlocker and EndBlocker
Detects 9 critical Cosmos-specific vulnerability patterns

Use Cases

Investigating and fixing chain halt incidents caused by state divergence
Conducting security audits of custom x/ modules in Cosmos SDK chains
Pre-launch vulnerability assessment for CosmWasm smart contracts