A recent article written by pseudonymous smart-contract developer and security engineer Dexaran described the apparent root of the problem: an inexpensive technique that allows hackers to "Congest" the network - or put it into a low-efficiency mode - with just a few dollar's worth of EOS. Seemingly, that exploit allowed a hacker to steal more than $110,000 in cryptocurrency from an EOS gambling application, EOSPlay, earlier in September.
The length of time that a Block Producer requires to validate the transaction is called CPU. Put simply, EOS users and developers can get access to chainwide CPU and bandwidth resources by staking their tokens.
As per another article penned by EOS Canada, a major Block Producer in the EOS blockchain network, if there were 1,000 tokens being staked for CPU at a given moment, and a single account had 20 tokens staked, then that account would be guaranteed 2% of the total CPU capacity of the network.
For the experiment, the developer staked 7,156 EOS for CPU. That amount of EOS can be borrowed from resource exchanges at the low cost of two EOS per month, Dexaran stressed.
The developer then executed a contract that spawned lots of deferred transactions with a delay of one second, with each transaction consuming "25 to 27 ms of CPU." After monopolizing the CPU utilization for an entire minute, the contract pushed the EOS network into congestion mode.
As a result, all three sample accounts were out of CPU and therefore "Frozen completely" - basically meaning that all casual EOS users were unable to engage with any DApps on the network at the time.
As a result, the EOS network went into even "Deeper" congestion, and CPU availability reportedly shrunk by 35 times for all EOS users.
Notably, a couple of days prior to Dexaran's entry on EOS congestion being published, developer Christoph Michel wrote a blog post linking the recent EOSPlay casino hack to network congestion, hence showcasing how the network problem might be exploited for profit.
According to the developer, that is exactly why the attacker borrowed EOS to spam the network: to have control over the network and therefore be able to predict the block hashes and win most of his or her bets.
"The difference between this attack on EOS and a high fee spam on BTC or ETH is you can still pay more to send a transaction on BTC or ETH," argued Rob Finch, CEO of U.S.-based EOS Block Producer CypherGlass.
Research Claims EOS Network Can Freeze, Block.one Denies Any Errors
gepubliceerd op Oct 4, 2019
by Cointele | gepubliceerd op Coinage
Coinage
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.