To stop multiple thefts, seven accounts on the EOS blockchain were frozen on June 17th.
At first glance, many will see this move by the 21 block producers (BPs) responsible for validating transactions on the new live blockchain as a success in preventing malicious actors from hijacking multiple users of more than $ 20,000 to burden in EOS. Others, however, are concerned that such a decision will have far-reaching implications – not just for EOS, but for many other blockchains as well.
But first, it helps to understand what happened last weekend.
When the migration from the Ethereum blockchain to EOS’s own blockchain took place, EOS holders had to register their new EOS wallet addresses. During the transition, some users were tricked into giving away their private keys by scammers.
Within the cryptocurrency space, this usually means that a user’s crypto is gone forever. In the case of the EOS blockchain migration, the scammers could not sell the tokens immediately and run away with them. Within the EOS rules, all but 10 of the users’ EOS tokens were staked when the blockchain went live. To withdraw tokens, users had to redeem their coins, which started a 72-hour wait.
While many EOS owners reported fraud, only seven controversial accounts had closed, the first step towards selling. Her cases were among the many before the EOSIO Core Arbitration Forum (ECAF), which is supposed to resolve disputes between users. But the ECAF did not rule, arguing that it was not yet competent.
Less than 24 hours before the stolen tokens were put up for sale, the BPs acted (unanimously) and locked those accounts until the ECAF could make a valid decision to protect those who rightly bought tokens during the nearly one-year starting coin Offers (ICO) the creator of the blockchain, Block.one, executed.
While the BPs seem defensible to prevent theft, some speak out against the decision.
The argument revolves around the fact that the rules for the EOS blockchain – what the stakeholders call their “constitution” – have not yet been decided and made official.
And even leaving aside the larger legal questions about the legitimacy of such a document in court, BPs currently remain in this authoritarian gray area until the constitution is ratified by users.
Therefore, the EOS employees are discussing whether the right measures have been taken, and the EOS employees are convinced that the proof-of-stake mechanism delegated by EOS, which was used to create a faster and more scalable blockchain, is prone to being too central Control and thus potential censorship.
Like a military in a weak nation-state, the action highlighted the fact that BPs have real power over EOS with or without a governance process.
As Dean Eigenmann put it in a middle article:
“The whole EOS model seems to be an oligarchy hidden in a democracy that can be easily corrupted in a number of ways.”
Others even claimed that the system rules were a bad idea in either case, as they could ultimately endanger other blockchains.
When Block.one published the code for the EOS blockchain, the EOS tokens in the Ethereum blockchain were locked in a smart contract – gone forever.
This, of course, confused some users, and where confusion and crypto meet, there are many ways to steal assets.
While most of the world’s EOS holders were just watching and waiting to see if EOS would ever manifest itself as a public blockchain, a small group of holders panicked that one website or another had got them to take control of their tokens to lose on EOS.
Some groups of users then put together a site called EOS911 to help out the scammers.
The theory was that if a user could prove that they controlled the private key that had held the EOS when it was in Ethereum, it proved that they should have the EOS on the new public blockchain or on the mainnet.
While more accounts than these seven have been identified as hacked by phishing websites and other malicious actors, the other accounts’ private keys have not yet been moved to remove the tokens they control, and as such, those accounts have not been frozen.
And while many see this move as in line with EOS’s mission to be a more user-friendly blockchain, some are questioning whether or not solving the immediate problems of a few people poses a long-term threat to EOS and even other blockchains.
Therefore, even EOS-BPs do not necessarily agree with the steps taken.
While the decision was unanimous, EOS New York, one of the top BPs, stated that it was reluctant to support the temporary freeze.
The group asked the EOSIO Core Arbitration Forum (ECAF), a group in charge of handling disputes on the blockchain once the constitution is ratified, to take a full decision by June 19, or it would theirs Refuse Support for Freezing and Unlock the Law Tokens must be withdrawn. On late June 18, ECAF issued a statement confirming the urgency decision, so EOS New York continues to support the freeze.
However, in a statement from EOS New York, the group said it would not support such an extraordinary move without jeopardizing the entire protocol.
It came to the conclusion:
“We encounter these issues every day and we don’t have the tools to properly address them.”
Most BPs, however, have been publicly silent about the decision.
While the group that will settle disputes, ECAF, already exists, the arbitrators were not in charge, according to Moti Tabulo, the interim ECAF administrator, stating that “this is due to a lack of mechanisms in the blockchain to ensure that EOS users of EOS consent to the Constitution and Binding Arbitration. “
Still, EOS Tribe, a standby BP (not one of the 21 validating BPs, but a party that could and wants to be one of them at some point) has expressed its support for the freezing of medium.
“Some were reluctant to take action to avoid risk or liability for themselves,” wrote Steve Floyd on behalf of the group. “… If we were elected, we would not hesitate to take the right steps to protect the accounts of the token holders and go to great lengths to convince other BPs.”
EOS Amsterdam, another manufacturer of standby blocks, expressed similar support.
Not everyone agreed. By the name of Kev, one of the co-founders of EOS Go, the group that exchanged information about the protocol, wrote in response to the EOS Amsterdam statement on his organization’s forum:
“What is striking about this case is that for the first time we had a group with the power to act unilaterally, which they did. ECAF said, “We don’t have the power to act” and BPs said, “Well we do, so we will.”
And this signals perhaps an important aspect of the EOS system – that ECAF will have power if and when the community grants it power, but the BPs will have power as long as EOS exists, whether there are rules or not.
The downward spiral
For many crypto enthusiasts, this control could be daunting as centralized power structures are generally shunned, but Emin Gun Sirer, a professor at Cornell University and himself a designer of a consensus protocol, said it was possibly the least of all concerns.
He told CoinDesk: “The fact that EOS transactions are subject to arbitration due to an unclear document with zero legal force means that EOS transactions are not final.”
Further, Sirer said, if BPs can roll back misunderstood tokens to their original holders, it creates a dangerous situation for everyone in crypto.
Imagine if an attacker manages to steal an EOS from a legitimate user and that attacker immediately moves it to an exchange and exchanges it for Bitcoin. Then the attacker pulls the Bitcoin from the exchange. EOS later discovers the theft, the aggrieved owner proves his case and EOS resets the trade. Now the exchange is both an EOS and part of a Bitcoin.
Either the exchange eats this loss or it imposes it on the innocent user who previously owned the partial Bitcoin because the attacker is gone.
Now imagine that the attacker stole thousands, not one EOS token, and imagine that EOS BPs rolled back the transaction after the attacker acted many more times. The exchange or whoever was deemed liable would then spend significant amounts of money.
Because of this, Sirer can describe the mechanism as a potential “contagion,” as it did in a recent tweet thread.
Sirer responded to this statement and told CoinDesk:
“The main cause of the problem is that all cryptocurrencies with the exception of EOS are carrier instruments with accounting periods and EOS looks like a cryptocurrency. But it is not a carrier instrument and has an infinite processing time.
In this most recent case, there is no such danger as the poorly preserved EOS never left the Genesis block wallets. In the future, however, EOS enthusiasts envision that millions of transactions are carried out every hour through EOS, the token holders and / or the BPs may not catch these thefts that fast. Or even more, arbitration can take far too long.
Sirer concluded: “The EOS crypto-API has taken over the exchange and treats it as equivalent to others. You will receive a wake-up call when the governance model starts and transactions roll back. “
Broken padlock photo via Shutterstock