Cole Petersen · 13 hours ago · 2 min read · Insights via Ari Paul
A Cornell University computer science professor has taken aim at the governance model of the rapidly-evolving EOS model, predicting that the way in which EOS handles security flaws will result in a large-scale exchange hack within the next year.
Associate Professor Emin Gün Sirer, notable for launching one of the first Proof of Work-based cryptocurrencies in 2002, fired a salvo of tweets directed at the EOS project earlier this week in which the distributed systems expert criticized EOS governance and security.
I'm calling it: there will be a massive exchange hack within the next year, taking advantage of an EOS vulnerability. That exchange will lose its hot wallet.
Hackers will send the proceeds to downstream exchanges, where they will trade into other coins.
— Emin Gün Sirer (@el33th4xor) June 18, 2018
EOS Security Flaws Could Cause “Hack Contagion”
The threat of an EOS security flaw, according to Sirer, is very real. By taking advantage of EOS vulnerabilities, hackers will be able to capture the hot wallet of an exchange, thereby accessing the EOS within and trading it for other tokens via downstream exchanges.
Should EOS leverage arbitrators in order to reverse the hack, Sirer predicts the proliferation of lawsuits aimed at EOS developers. The issue with EOS security, states Sirer, is its governance model itself:
“Exchanges have not yet figured out that EOS’s governance model does not mix well with other currencies. EOS folks will blame others, and they won’t be entirely wrong.”
Sirer’s statements appear to be, in part, driven by a bug present within the EOS code that caused the EOS blockchain to suffer from a temporary halt directly after launch, with developers struggling to develop a patch in a timely manner. The lack of an EOS testnet, states Sirer, is one of the primary causes of ongoing EOS issues:
“Testnets are nice in that they can help identify problems, if you’re lucky and they expose themselves in test. But the real subtle vulnerabilities arise only when a hacker prompts them. That won’t happen in testnet. ou can’t incrementally patch your way to correctness. Testnets help find bugs but lack of bugs in testnet doesn’t provide any assurance of correctness.”
Speaking with CryptoSlate, Sirer explains that the governance model used by EOS is new to the exchange ecosystem, which dramatically increases risk:
“EOS has a novel governance mechanism that the exchanges have not quite digested yet. Because EOS has an API similar to other crypto, they treat it as if it’s in the same category. In reality, EOS lacks finality due to its reliance on BPs to adjudicate and arbitrate disputes.”
Hack Prediction Based on Informed Opinion, Not Code
As Sirer is swift to point out in his own statements, however, his prediction that EOS security flaws will result in a massive exchange hack is not based on the assessment of the EOS code:
“I base this prediction not on any specific vulnerability I suspect is in EOS code … but on having read the project git and seen how they handle safety-critical bugs.”
Roshan Abraham, Head of Technology at EOS block producer EOS Authority commented on the current state of EOS security management, emphasizing the fact that an exchange hot wallet hack is extremely unlikely given the multiple security factors present within the EOS ecosystem:
“EOS has the best security configuration available for its users. A combination of multisig, owner keys, active keys and time-delayed transactions makes it highly secure.”
Even if an exchange wallet was to be targeted by malicious parties, states Abraham, exchanges possess the ability to detect and prevent fraudulent transactions, highlighting EOS accounts and permissions information:
“An exchange, for example, could have a wallet which only allows transfers after 4 hours of request. This gives the exchange sufficient time to cancel the transaction if it was not authorised by them.”
The recent EOS bug, notes Abraham, resulted in the loss of zero confirmed transactions or data. Ultimately, while concerns regarding the security of any centralized exchange are understandable, it’s arguable that the modus operandi of a project’s development team is not a foolproof indicator of the security of tokens on any given exchange.
Sirer, however, notes that EOS’s reliance on block producers to arbitrate disputes, could potentially disrupt exchange trade:
“… conversions from EOS to other cryptocurrencies, which are bearer instruments in contrast, is fraught with risk. If the EOS trade is unwound, the exchange might be out the crypto it traded for EOS, taking a substantial loss.”
Ultimately, Sirer’s recommendations for crypto security practices, however, provide EOS holders — and crypto investors in general — with guidance on protecting themselves from the security flaws in any project.
“Don’t store coins and money on exchanges long term … Ask that development teams provide careful post mortems after bugs, describing not only the patch to fix them, but the changes made to address whatever gave rise to the bug in the first place.”