there is currently a proposal to re-open a channel between the Injective and LUNC chains
to clear up some misconceptions
this has nothing to do with the terraport hack
a channel gets frozen when it hasn’t been used for 2 weeks. due to inactivity it was frozen.
this is a common occurrence across the cosmos ecosystem. especially on links which don’t see much traffic.
when this is noticed, or people want to re-use the channel, they have a choice to make.
create a new channel.
this is permissionless, and doesn’t need governance to do. but it also causes the tokens already transferred to be next-to-useless. so most people don’t do this.
re-open the old one.
for chain security, this requires a governance vote. the funds transferred become usable again.
people prefer this.
this proposal is to do option 2.
these kind of proposals are not usually put on forums, or discussed… because usually they are self-describing, and never seen much debate about them.
I hope this clears up some misconceptions that have been flowing through the twitter-verse.
Please ask Achilleas from Injective to create a new post on this Agora forum with a link to the compiled binary.
We wanna check it once before it goes live.
We already have many people checking the Terraport contracts currently. They would not mind checking this one as well. I will request them personally to check it if needed.
From the proposal, it is clear that what is written in the description is not the same tendermint client number as the one which is being updated.
You can check it yourself.
There is definitely a mistake here and we wanna reconfirm whether this has been uploaded by the same person and whether this is the same contract that is supposed to be updated.
Otherwise this cannot be passed since this could potentially lead to exploits on the chain that we may not have control over.
create a new channel
There is nothing technically called creating a channel. That is a non-technical term.
The following repository needs to be cloned and bundled into module which runs on the chain:
More information about an IBC client can be found here:
The exact type of client they are using is this:
And this what is written in the page above:
And they didn’t have to tell us this, this is pretty obvious. Literally the job of this Tendermint client is to verify blocks. So if malicious blocks are passed to it, is going to verify it without checking where these blocks are coming from. Blocks over here mean any type of transaction on the blockchain.
You are giving the complete control of signing and verifying blocks to this client. So obviously, we need to do an audit of THIS tendermint client PACKAGE before we can approve this proposal.
you appear to be a bit misinformed.
the code required to do IBC is already built into the terrad codebase.
IBC is currently operational and running on LUNC
there are 3 endpoints defined in IBC.
I suggest you read a bit more about how IBC operates, and how the security model works to satisfy your own curiosity.
but as state above. this is more to re-open a frozen ‘path’, so people can use it to transfer funds across these 2 chains.
This conversation can be solved very easily if anyone from the Injective team can come here, show us the implementation on their end and ensure that everything is working on a testnet first.
There IS a way to connect between testnets first and check whether IBC transfers are working.
We just wanna check whether the implementation is fine and everything works smoothly.
Recently, the Terraport exploit has left the entire community baffled and they are still trying to figure out what happened and they have been able to recover only some of the funds till now.
We are actually better off not opening up channels rather than face another exploit.
If there was absolutely no issue in the IBC connection settings between Injective and Terra, then how did they drain the liquidity pool of Terra THROUGH Injective? Can you explain that?
listen up, lunc is ded…PERIOD.
When you get a clear answer and ask to see manager…
Yeah. Cause the clear answer isn’t convincing enough.
It can’t happen like this if people do not feel the need to explain themselves and even when they do, the explanation falls flat.
This community, as it is, will not go anywhere, always rejecting everything and doubting everything. People make decisions without reading or researching, often based on what others say, out of fear or other nonsense.
Have you read the clarification from HighStakes?
They are literally saying that the hackers are gonna use this for transferring their hacked assets.
They said it themselves.
They said the proposal should be rejected right now to be on the safe side.
Go and check it if you want. I can’t post the screenshot here cause I am not on Discord.