Key Security Insights from EVMOS Dual-Stack Architecture
EVMOS differentiates Ethereum transactions from Cosmos transactions by inspecting each message’s type URL for a specific ExtensionOptionsEthereumTx flag. A major fee-market discrepancy exists because Ethereum refunds unused gas, whereas Cosmos charges gas upfront without refunds. To prevent unauthorized EVM messages slipping through, the RejectMessagesDecorator was introduced to block any Cosmos transactions lacking the proper flag. However, nesting an Ethereum transaction (MsgEthereumTx) inside a Cosmos MsgExec can bypass ante handlers, enabling attackers to exploit inflated gas refunds and steal fees. Understanding these issues is vital for securing hybrid Ethereum-Cosmos chains.