EOS Sheds ~$700m After Damning Allegations From Internet Security Giant; More FUD Targeted at Block.one?
Block.one’s EOS.IO software – that which values the near US$10 billion EOS cryptocurrency – is riddled with technical vulnerabilities, according to the Beijing-based internet security giant, Qihoo 360 Technology Co. Ltd.
News of such findings emerged late on Monday evening (PT) when this tweet went viral, sending the value of the Ethereum-based EOS token plummeting by 7.98 percent in little under two hours.
Indeed, these proportional price movements are commonplace in the volatile world of cryptocurrencies. But, when you consider that EOS holds the fifth highest market cap of all cryptocurrencies, the shedding of some $700 million off of its value better explains the ruthless sell-off that EOS saw as a result of the reported Qihoo 360 findings.
What Was Said
Per this English translation of the official article, Qihoo 360 discovered over 330,000 vulnerabilities in the EOS blockchain. They proceed to detail how an EOS supernode could be attacked and successfully compromised; listing examples of real-world implications throughout their explanation.
Remote attacks can directly control and take over all nodes running on EOS.”
1/ Chinese Internet security giant 360 has found “a series of epic vulnerabilities” in the #EOS platform. Some of the bugs allow arbitrary code to be executed remotely on EOS nodes and even taking full control of the nodes.
Source (in Chinese): https://t.co/pt6nj6EodP
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
Worryingly, these hypotheticals extend beyond the EOS blockchain itself, with Qihoo 360 suggesting that owners running a node on the EOS network would be vulnerable to having their financial and privacy data acquired by the malicious actor.
Block.one Already Has Bug Bounty
Somewhat ironically, it was just earlier on Monday that Block.one CTO Daniel Larimer offered “$10K for every unique bug that can cause a crash, privilege escalation, or non-deterministic behaviour in smart contracts.”
Help us find critical bugs in #EOSIO before our 1.0 release. $10K for every unique bug that can cause a crash, privilege escalation, or non-deterministic behavior in smart contracts. Offer subject to change, ID required, validity decided at the sole discretion of Block One.
— Daniel Larimer (@bytemaster7) May 28, 2018
At the time of writing, neither Larimer nor Block.one have commented on Monday’s fresh allegations.
There is a real possibility that these allegations will be falsified by Larimer. The EOS software has been targeted on numerous occasions in relation to the technical integrity of its underlying code. In fact, earlier in the month Larimer debunked a circulating story claiming that the EOSIO smart contract system was flawed.
Crypto Influencers React
Sharing his views some twenty minutes after the above tweet was Loi Luu, the founder of Kyber Network (KNC) who also co-authored the sharding protocol adopted by Zilliqa (ZIL); an emerging blockchain platform similarly linked to National University of Singapore assistant professor, Prateek Saxena.
This is NOT how to roll out your new blockchain. Even for @KyberNetwork we had had to go through several testing phases including internal, private beta, public beta before we launched the platform live! https://t.co/E4FSy9cjAF
— Loi Luu (@loi_luu) May 29, 2018
Luu’s disagreeable reaction was expected, given his academic background in computer science has made him a stern believer in the scientific method.
One cannot help but wonder the vindication the team behind Cardano (ADA) must be feeling if these reports out of Qihoo 360 are in fact true. As the first blockchain platform to evolve out of scientific philosophy and a research-first driven approach, Cardano – led by IOHK and its CEO, Charles Hoskinson – are repeatedly criticised by crypto investors for being too slow and too meticulous.
VeChain another that similarly finds itself keeping the impatient masses at bay whilst it diligently sticks to a rigorous testing regime. Indeed, it was only on Sunday when Boxmining uploaded an interview with VeChain CEO Sunny Lu, where he shared (@0:45) his philosophy that for “any kind of software project or system project, you should put at least fifty percent of [your] budget and time in testing.”
Vindication for Crypto Critic?
By far Wall’s most notable critique of EOS, however, was the below 17-part rant thread from April 29th.
1/ New rant thread. Yes, it’s about an altcoin. Yes, it’s about one of your favorites (EOS). No, I’m not writing a medium post. Yes, this is totally FUD. No, nobody is paying me. Yes, your ad hominems will totally change my and everyone else’s opinion (not).
Facts or gtfo.
— Eric Wall (@ercwl) April 29, 2018
Like Larimer and Block.one, Wall is yet to add his take on the strong allegations being made by Qihoo 360.
Image From Shutterstock