EOS Vulnerability Will Lead to ‘Massive Exchange Hack’, Predicts Cornell Blockchain Researcher
The EOS network has barely processed its first blocks, but one blockchain researcher is already predicting that an as-yet-undiscovered vulnerability in the nascent cryptocurrency’s codebase will lead to a “massive exchange hack” within the near future.
Writing on Twitter, Cornell professor Emin Gün Sirer forecasted his belief that EOS, which launched last week following a yearlong crowdsale that raised more than $4 billion, will be the root cause of a significant cryptocurrency exchange hack at some point during the next calendar year.
“I’m calling it: there will be a massive exchange hack within the next year, taking advantage of an EOS vulnerability. That exchange will lose its hot wallet.”
“If EOS uses its arbitrators to reverse the hack, the contagion will spread downstream,” he added. There will be threats of lawsuits involving the devs and the [block producers].”
While clarifying that this prediction is not based on any specific vulnerability he has identified or believes lies hidden within the EOS source code, he argued that such an exploit is likely inevitable given the way developers “handle safety critical bugs.”
As CCN.com reported, a bug in the EOS network caused the blockchain to grind to a halt for several hours on Saturday as developers scrambled to release a patch. This code fault occurred less than 48 hours after the EOS blockchain had been activated. The bug was quickly patched, but Sirer criticized developers for pushing it without sufficient analysis.
“You can’t incrementally patch your way to correctness,” he said. “In the same vein, you can’t start out with some bricks, beams and cables over a body of water, patch the holes where cars fall into the ocean, and end up with a load-bearing bridge.”
Sirer concluding by reminding users not to store coins on cryptocurrency exchanges, as if his prediction comes to pass it could have serious ramifications for all traders — not just those holding EOS. He also encouraged users to demand more transparency from developers when releasing post-mortems after patching bugs.
“Ask that development teams provide careful post mortems after bugs, describing not only the patch to fix them, but the changes made to address whatever gave rise to the bug in the first place,” he said.
EOS creator Block.one did not immediately respond to a request for comment.
Featured Image from Shutterstock
