Ethical Hacker Exposes Vulnerabilities in EOS Code

In the week leading up to the launch of the EOS mainnet, an ethical hacker has confirmed eight vulnerabilities in the blockchain’s code.

As a participant of the EOSIO Bug Bounty Program run by Block One — the parent company of EOS — Guido Vranken will be compensated a minimum of $10,000 per confirmed discovery.

On May 28, the founder and lead architect of EOS, Daniel Larimer tweeted:

Should Block One recognize all 12 bugs, this would equate a net payout of $120,000 for a week’s work, according to the hacker:

Having previously discovered nine bugs, Vranken — who describes himself as an “Ethereum Foundation dedicated fuzz tester” — will earn more than $200,000 for his contributions to the program.

EOS: All Systems Go, or Cracks Appearing?

Vranken’s findings come just days after a Chinese cybersecurity firm discovered a “critical bug” in the EOS codebase. The report notes:

“The attacker can steal the private key of super nodes or control content of new blocks. What’s more, attackers can pack the malicious contract into a new block and publish it. As a result, all the full nodes in the entire network will be controlled by the attacker.”

After identifying and exploiting the “buffer out-of-bounds write vulnerability,” Beijing-based Qihoo 360 reported the issue to Dan Larimer — who quickly clarified the rumored delay of the mainnet launch:

78 hours on at the time of press, the boot process has been initiated — the first of four stages in the launch. A public block producer appointed by EOS, EOS Nation describes the current state of play:

“Verify Snapshot & Boot: ERC-20 token Snapshot is verified by EOS Mainnet Launch Group (EMLG) and third parties. Appointed Block Producers within the EMLG initiate the Boot process.”

While Vranken’s compensation may appear generous, one must note that EOS — a $12.5 billion start-up — now stands in a pivotal position. As the 5th cryptocurrency by market cap with no working product, EOS may have a huge amount riding on the mainnet’s delivery as promised.

Cover Photo by Hoach le Dinh on Unsplash

Posted In: , Altcoins, Technology
Invest with AMFEIX

Like what you see? Subscribe to CryptoSlate

Get our daily newsletter containing the top blockchain stories and crypto analysis straight to your inbox.

Sign up to stay informed
Jonnie Emsley

Jonnie Emsley

Fintech Journalist @ CryptoSlate

Jonnie is a writer and blockchain enthusiast based in Ho Chi Minh City, Vietnam. Discovering new corners of the world and emerging tech trends makes him tick.

View author profile

Disclaimer: Our writers' opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.