The EOS network might have resumed operations after a halt for several hours on Saturday but has already come under severe criticism from one blockchain researcher, claiming that a yet to be discovered vulnerability will cause a ‘massive exchange hack’ within the next year.
I’m calling it: there will be a massive exchange hack within the next year, taking advantage of an EOS vulnerability. That exchange will lose its hot wallet.
Hackers will send the proceeds to downstream exchanges, where they will trade into other coins.
(1/n)
— Emin Gün Sirer (@el33th4xor) June 18, 2018
He also warned that developers of EOS could face serious legal consequences in the following tweet.
If EOS uses its arbitrators to reverse the hack, the contagion will spread downstream.
There will be threats of lawsuits involving the devs and the BPs.
Twitter lawyers will point out the absurdity of the EOS constitution, or any document not grounded in actual law.
— Emin Gün Sirer (@el33th4xor) June 18, 2018
Cornell professor Emin Gün Sirer made it clear that his EOS doomsday forecast is not based on any specific vulnerability he has discovered within the EOS source code. Nonetheless, he placed the blame on developers saying that such an unfortunate event is probably unavoidable due to the way developers “handle safety critical bugs.”
Mr. Sirer ended his outburst by giving some security tips that may well prove to be helpful in the future.
What should one do:
1. Don’t store coins and money on exchanges long term.
2. Ask that development teams provide careful post mortems after bugs, describing not only the patch to fix them, but the changes made to address whatever gave rise to the bug in the first place.
— Emin Gün Sirer (@el33th4xor) June 18, 2018
As Toshi Times reported, a bug within the newly-launched EOS mainnet has caused the blockchain to pause all operations on Saturday, as developers hurriedly implemented a fix. The code bug occurred within 48 hours after the EOS blockchain activation, marking a very difficult period for the fifth-largest digital currency.
The bug was patched after a couple of hours but nonetheless, Mr. Sirer was not happy with the developers for releasing a patch without sufficient analysis.
You can’t incrementally patch your way to correctness. Testnets help find bugs but lack of bugs in testnet doesn’t provide any assurance of correctness.
— Emin Gün Sirer (@el33th4xor) June 18, 2018
EOS mainnet finally went live on June 15th after two prolonged weeks, during which various EOS launch groups voted in order to stake the required 15 percent of the total EOS token supply. The mainnet launch succeeded a year-long crowdsale that raised over $4 billion in the biggest ICO so far.
However, the EOS blockchain has been a troubled one since then, as the bugs and faults within the code manifested themselves to pile pressure on the EOS developers and investors. Some crypto aficionados criticised the project for failing to solve technical issues, despite having the biggest funding for a blockchain project in history by some margin.
Recently a Chinese digital security company Qihoo 360 detected numerous ‘high-risk vulnerabilities’ in the EOS network. These faults could have allowed hackers to gain control and remote access over any EOS node.
On the other hand, the company has taken measures to scout and remove similar vulnerabilities. A Dutch ethical hacker Guido Vranken was paid well over $100,000 by the EOS parent company block.one for identifying 11 faults in the EOS code.
Image Source: “Flickr”
The post Cornell University Researcher Predicts an EOS Vulnerability Will Lead to ‘Massive Exchange Hack’ appeared first on Toshi Times.
Source: Toshi Times
Original Post: Cornell University Researcher Predicts an EOS Vulnerability Will Lead to ‘Massive Exchange Hack’
