EVM – Cosmos Convergence Research From Security Base: Part 2

This blog post analyzes a class of vulnerabilities introduced by stateful EVM precompiles on Cosmos EVM chains that allow Cosmos SDK state mutations to become inconsistent with the EVM state. It describes three principal issues—(1) missing commits causing partial state transitions, (2) precompile execution reverts that do not roll back Cosmos state (enabling delegation/fund-drain scenarios), and (3) out-of-gas induced partial writes—provides GHSA identifiers and code references, and notes that patches have been released for affected implementations.