Ad
News
Ethical Hacker Exposes Vulnerabilities in EOS Code Ethical Hacker Exposes Vulnerabilities in EOS Code
🚨 This article is 7 years old...

Ethical Hacker Exposes Vulnerabilities in EOS Code

Ethical Hacker Exposes Vulnerabilities in EOS Code

Photo by Hoach le Dinh on Unsplash

Join Japan's Web3 Evolution Today

In the week leading up to the launch of the EOS mainnet, an ethical hacker has confirmed eight vulnerabilities in the blockchain’s code.

As a participant of the EOSIO Bug Bounty Program run by Block One — the parent company of EOS — Guido Vranken will be compensated a minimum of $10,000 per confirmed discovery.

On May 28, the founder and lead architect of EOS, Daniel Larimer tweeted:

Should Block One recognize all 12 bugs, this would equate a net payout of $120,000 for a week’s work, according to the hacker:

Having previously discovered nine bugs, Vranken — who describes himself as an “Ethereum Foundation dedicated fuzz tester” — will earn more than $200,000 for his contributions to the program.

EOS: All Systems Go, or Cracks Appearing?

Vranken’s findings come just days after a Chinese cybersecurity firm discovered a “critical bug” in the EOS codebase. The report notes:

“The attacker can steal the private key of super nodes or control content of new blocks. What’s more, attackers can pack the malicious contract into a new block and publish it. As a result, all the full nodes in the entire network will be controlled by the attacker.”

After identifying and exploiting the “buffer out-of-bounds write vulnerability,” Beijing-based Qihoo 360 reported the issue to Dan Larimer — who quickly clarified the rumored delay of the mainnet launch:

78 hours on at the time of press, the boot process has been initiated — the first of four stages in the launch. A public block producer appointed by EOS, EOS Nation describes the current state of play:

“Verify Snapshot & Boot: ERC-20 token Snapshot is verified by EOS Mainnet Launch Group (EMLG) and third parties. Appointed Block Producers within the EMLG initiate the Boot process.”

While Vranken’s compensation may appear generous, one must note that EOS — a $12.5 billion start-up — now stands in a pivotal position. As the 5th cryptocurrency by market cap with no working product, EOS may have a huge amount riding on the mainnet’s delivery as promised.

Posted In: , Technology