How Cartels May Control EOS and Fundamentally Threaten its Survival
There is evidence that a small group of block producers (miners) control the entire EOS network.
There is evidence that a small group of block producers (miners) control the entire EOS network. These block producers have the power to censor transactions and blacklist individuals, ensuring they remain in power. If these block producers are colluding, then that group can control the EOS protocol to their whim.
These allegations are in culmination with a streak of other troubling news. The delayed release of the platform and the discovery of critical bugs in the protocol have already drawn stark criticism of Block.one and CTO Daniel Larimer.
Background on EOS
The EOS platform emerged as a major contender in 2017 when Ethereum was encountering serious issues. At the time, Ethereum was struggling with scalability and was experiencing high fees and long transaction times. EOS was hailed as the panacea to these problems.
EOS is the brainchild of serial entrepreneur Daniel Larimer. Before EOS, Larimer has had a track record of successful blockchain projects. Beginning with decentralized exchange BitShares in 2014 and blockchain-based social media platform Steemit in 2016, Larimer went on to develop the protocol layer blockchain EOS in early 2017. The first EOS tokens were offered to the public June 2017.
During the initial coin offering the EOS platform raised a record-breaking $4 billion in its token sale.
However, following the historic raise, the project has fallen short of expectations. Now the project is surrounded by a slew of controversy. Main launch delays, critical bug vulnerabilities, and other malfeasance have rattled Block.one.
Gatekeepers of EOS
To comprehend how power is centralized in EOS, it is first necessary to understand how the EOS network is structured. At its core, the parties that validate transactions and run the underlying EOS software are called ‘block producers’ (also known as miners in other blockchains).
These block producers manage huge industrial servers that manage the majority of the underlying computational power on the EOS network.
In all, only 21 accounts are selected as block producers. This number was chosen as a mechanism to decentralize the EOS network, create redundancy in case of server failure, and to create competition between block producers should one act maliciously. The location and identities of these servers are kept anonymous to protect them from hacking.
The Stakes at Stake
To incentivize participation as a block producer, those who are selected are rewarded with a substantial number of EOS tokens.
Annually, over 10 million EOS (currently worth $52 million) is distributed to block producers.
In addition to the financial incentive, block producers are also given enormous power in the EOS network. Block producers have three responsibilities:
- Vote to make updates and upgrades to the protocol
- Neutralize malicious smart contract code
- Freeze accounts which violate EOS governance laws
Competition from the Sidelines
Beyond these 21 block producers, there are also a large number of parties that compete for this spot. Outside of those 21 block producers, the accounts within the top 101 are designated as standby block producers.
Both block and standby block producers are critical to the EOS delegated proof-of-stake consensus model for two reasons: 1) They create competition for existing block producers should they behave badly or fail to perform their duties, and 2) They act as a fault tolerance mechanism; if a block producer does not produce a block for 24 hours the standby block producer should replace them in the next vote.
Financially, standby block producers are rewarded with 75 percent of the total block producer rewards, with 25 percent going to current 21 block producers.
How Block Producers are Selected
Block producers are selected through voting in a model called delegated proof-of-stake. In delegated proof-of-stake, participants use their tokens to select up to 30 accounts which they wish to select as block producers. Each of these accounts receives a vote equal to the total number of tokens the voter holds. Every 126 seconds votes are reevaluated to generate the next set of block producers and standby block producers.
Voting is the underpinning mechanism in EOS’s trustworthiness and immutability. Ideally, malicious block producers are voted out and replaced with trustworthy ones.
The Ugly Side of Democracy
Unfortunately, the system depends on a large portion of the community participating in voting. However, only a tiny fraction of EOS holders end up participating in elections.
According to statistics from EOS Authority only 39,000 accounts voted in the most recent election, many of which could be duplicate accounts owned by the same individuals.
The average voter holds a total of 6,700 EOS ($35,000). Each of the current block producers received anywhere between 2,000 and 20,000 votes.
In total, only 25 percent of all of the EOS tokens in circulation are used in voting.
However, because block producers are voted into position using EOS tokens, there is a strong incentive to hold tokens and vote for themselves. Additionally, it is prudent for these block producers to solicit votes from other current block producers because they tend to be large token holders — further solidifying the position of incumbent block producers.
Governance by the Super Rich
The high concentration of tokens on EOS is alarming. According to statistics from Etherscan, the top 100 EOS accounts collectively own 75 percent of the 1 billion EOS tokens. The top 10 accounts own 50 percent of all tokens.
Although it is against the EOS constitution for members to hold more than 10 percent of the token supply (this is conveniently the percentage of tokens that Block.one holds), concentrations below 10 percent are still dangerous to the stability of the ecosystem. Furthermore, it is impossible to enforce the 10 percent limit given that accounts can be made anonymously.
At the moment, the threshold to become a block producer is 92 million tokens. Because of the concentration of tokens, some accounts could secure their position as a block producer without garnering much support, or buying just one or two accounts’ votes. Such behavior would negate the platform’s ability to hold them accountable should they act maliciously towards the network.
The Block Producer Cartel
There is evidence of collusion beyond the speculative. In September, Documents from inside Chinese block producer and exchange Huobi were leaked showing that they were selling and trading votes with other block producers.
The document shows Huobi vote for 20 block producers with 16 of them voting for Huobi in return. Moreover, there is evidence that Huobi voted for a block producer in exchange for 150 EOS and 50 percent of any earned returns.
At the time of the incident, seven of these block producers are alleged to have no public nodes, no website, no ownership information, and no node interaction, criteria deemed by the community as necessary to become a block producer.
Although this kind of collusion is against the EOS constitution, none of the accounts involved in the conspiracy have been brought to justice, further raising questions about the effectiveness of the EOS governance process.
The Proof is in the Votes
By analyzing EOS voting patterns, watching wallets owned by the current block producers, and the correlation between votes for different candidates it is possible to deduce the alliances within the EOS system.
By examining the top 200 EOS accounts, it is possible to determine which accounts are owned by which block producers. Then, by examining the paper trials and votes tied to these accounts, it is likely that some of the block producers are engaging in collusion. To understand the full extent and gravity of this collusion requires further investigative work that CryptoSlate will conduct in the coming month.
Using a limited data set, it is evident that many votes cast by incumbent block producers are traded with other incumbents. Exchanges such as Huobi and Bitfinex are also seen voting for themselves using tokens stored on each respective exchange — it is unclear whether this is performed with the permission of the users of these exchanges.
One of the block producers, Cochainworld, received only 2000 votes with an average vote size of 46,000 EOS ($240,000). This is in comparison to the median of 14,000 votes. This a high concentration of EOS per vote indicates that many of these votes are owned by the same group of people or potentially bought from large token holders.
Block producers already hold enormous power. What these numbers suggest is that EOS is governed by a plutocracy of super-rich accounts.
How Block Producers Could Destroy EOS
What is alarming is that incumbent block producers have the power to cement their positions. If the parties in EOS act in self-interest and maximize their own profits, then they undermine the security of the network.
One of the powers block producers have is to blacklist and freeze accounts, thus giving the BPs the ability to delay access to the network to opponents. If all 21 block producers collude this would effectively freeze an account, censoring them from participation in the network.
What’s worse is that these same block producers could file arbitration claims against opponents. All a block producer would need is to produce an anonymous account and file an arbitration claim against an opponent. Then, as the case is getting adjudicated upon the funds are typically frozen by the arbitrator; effectively silencing an opponent.
Another source of power is the authority over EOS upgrades. If 15 out of 21 block producers vote to enact a change, then that change becomes law in EOS. Although Block.one is the primary party that proposes changes, there is nothing stopping block producers from introducing their updates to EOS. Undoubtedly, block producers will vote for changes that benefit their bottom line.
Furthermore, there is limited transparency with how the EOS protocol fundamentally operates. There is no guarantee that block producers are running the correct client or software version. Most of the security in EOS depends upon the social enforcement of the EOS constitution and the social rules of the platform, and consequently, there is a lack of algorithmic or cryptographic enforcement present in other blockchains. CryptoSlate will post a more in-depth analysis of these differences in an upcoming article.
Block.one Vows to Combat Collusion
That said, the core developers of EOS are combating collusion. In a Medium post, Brendan Blumer, CEO of Block.one, has vowed to combat any collusion using the company’s 10 percent ownership of the EOS supply:
“We are aware of some unverified claims regarding irregular block producer voting, and the subsequent denials of those claims. We believe it is important to ensure a free and democratic election process within EOS and may, as we deem appropriate, vote with other holders to reinforce the integrity of this process.”
In spite of Blumer’s comment, it is still unnerving that a centralized authority such as Block.one needs to step-in to guarantee the security of EOS.
What this Means for EOS
EOS is a profound innovation in decentralized governance and computing. The platform offers a unique solution to the scalability and consensus issues faced by other blockchains. Delegated proof-of-stake was hailed as the cure to the bottlenecks faced by traditional blockchains. In such a system, voting determines which group of people control the EOS network.
For the longevity of EOS, it is critical that block producers are held accountable. The survival of EOS is predicated on the assumption that bad actors can be consistently be voted out of power should they act maliciously.
Because of the level of concentration among major token holders (a.k.a. The block producers), there is a strong financial motivation to make it hard to remove block producers. If left unchecked, these token holders will become a cartel that is toxic to the network.
To combat these cartels, it is important that the community bands together to vote, create policies that hold those in power accountable, and actively understand and participate in the governance process.
Update November 16th, 21:30 UTC: Block producers are unable to censor an account with a 15/21 vote, this requires a consensus of all 21 block producers.