Odaily Planet Daily News On August 27, blockchain security company Asymmetric Research disclosed that it had discovered a critical vulnerability in Circle's Noble-CCTP (a component of the USDC USDC cross-chain transfer protocol) on the Cosmos network and had privately notified Circle. The vulnerability has been fixed in a timely manner, with no loss of user funds or malicious attacks. The security company found that malicious actors could circumvent the message sender verification process of the cross-chain transfer protocol and forge USDC on the Noble bridge. More specifically, the Noble-CCTP "ReceiveMessage" handler accepts "BurnMessages" from any sender without first checking whether the bridge message is sent from a verified "TokenMessenger" address on the initial chain. However, although the vulnerability initially looks like a flaw in unlimited casting, the actual impact is limited due to Noble's casting limit of approximately 35 million USDC. (Cointelegraph)