After the 2.09 million EOS was hacked, what was going on?
Yesterday afternoon, in the Telegram of EOS Mainnet BPs, one people threw the news about abnormal operation monitored by PeckShield Security. The stand by BP games.eos became the active block producer, and they were advanced 11 compared with the previous day, but did not update its own blacklist. And the result is more than 2 million EOS were transferred because of the broken blacklist.
Well，it really deserve angry.
Blaming the BP games.eos seems to have been useless.
There was a contingency plan issued, but everyone knows that if the BP was to operate, as long as the games.eos is still in the position of the active block producer, the hackers can still operate when the game.eos is producing. So some people in tg group called for the withdrawal of tickets to games.eos.
We can see the picture below.
The voting accounts that have been put up by this BP in the past few days are all big whales. Moreover, it can be seen in the website ranked by the BP that the number of voting accounts on the first page is generally more than 5 digits, and the number of voting points is also 4 digits, while the number of votes for games.eos is only 761.
So, see it, this is a campaign BP where most of the voters are whales. In the absence of any significant contribution to the ecology, the super-large voter voted for it, why? Well, imagine it.
So, why was the games.eos’ s ranking falling?
We can look back at Figure 3 (from EOSPark) of this article. The first column from the left to the right shows the rise and fall of the ranking. We can see that the eosswedenorg ranked 11th (form 24th to 11th) and the eosauthority ranked 17th(from 21th to 17th).
Who was the specific operation? Everyone interested can use the search tool to find out. I don’t post it out because have not known about this whale well. I don’t want you will think this is a positive token holder with a large amount of EOS, or have other additional ideas. I don’t want there is some jugdements you get from this article.
But in fact, at that moment, the individual of me will have a sigh that
“The world really needs to have mysterious power (a lot of money) to save!”
But, the point I want to talk about is not how serious this case is. The history book always gives you the feeling that “the revolution is the first to shed blood and sacrifice”. Because there are no serious accidents, the whole environment is difficult to pay attention to. So the first batch of unfortunate people who were sent to the GUILLOTINE by history gave us a chance to reflect, and after their sacrifice or loss, how can we make the current environment better.
EOS 42 has been updating their list of proposals, and EOSLaoMao’s previous blacklist wrap plugin is re-emphasizing here… all BPs were able to respond and coordinate in a timely manner. Although there will always be some points of view that cannot be agreed upon. Overall, the emergency response of the BPs was commendable.
So why was it happening?
Yesterday, a friend of mine said:
No matter how complicated the relationship is in EOS, it seems that you can’t rule out that the hacker puts the ranking of games.eos up, and then starts the follow-up. You can’t default the hacker without the ticket.
If I really talked about conspiracy, I might be able to open a hole and give many examples. If you let go of the results of the strategy and tactics mentioned in the previous paragraph, then the rest may be classified as the public’s point of view: games.eos ranks up, hackers stare at inexperienced BPs every day, and then start their own Action. It is a patient hacker who finally waits until he can act.
If there was not the whale voters or the hacker left the traces that can continue to search and analyze, the above two supposes will not have the final answer.
And my own, what is the opinion in this matter?
- If the real answer is the one above, the hacker holds can control the whale voters, and superb technology. Who will be the next games.eos?
Every candidate block producer was worried. When they slept deeply in the night, they became the active BP. Unfortunately, did not configure the blacklist in time. And, he missed some important things and caused a big loss.
Ps. This is not an excuse for a BP that does not meet the requirements, that is, the BP that caused the accident. In the beginning, each participating BP should know what technical capabilities and related requirements they should have in order to meet the standards of participation. Otherwise, this kind of accident will not happen only once. We should all know that the ability of hackers to observe and analyze is much better than ours. Once the network security becomes weak, they can always find and invade the first time.
2. Are BPs with no technology and no responsible really qualified to run for the node? When there is an accident or loss, is this BP responsible for this loss? What is the level of responsibility?
This issue is mentioned in several versions of the Constitution I have seen. For example, 7.6 of EOS_Amsterdam_CHARTER1:
Block producers in their capacity of block producer are not liable for losses and damages unless those result from their intent or gross negligence 
It also has the same content in the EOS Community Constitution that just came out in February.
And how this will be implemented in the end, will not be implemented, is unknown.
3. In this accident, someone was able to pull out the proposals made by some previous BPs. In fact, I can see that many BPs really think about the security of the whole community from the beginning. Although the previous proposal is difficult to attract attention and pass : (
4.How good is EOS and how much size can it attract more security companies in the traditional world? Undoubtedly, this accident was caused by imperfections in the infrastructure. How many such imperfections should we avoid and fix in order to further encroach on more shares in the world?
5. Everyone’s discussion from yesterday afternoon to the present has not stopped. How to do it now, how to do it in the future, these are the points of discussion. Everyone’s emergency response ability is very good, there are no BPs that are not executed. Because everyone has the same goal: to make the community safer. I think, in a community, there must be an accident. For me, the most important thing is what happens to everyone after the problem occurs, and there is no feasible solution. At this point of view, the attitude of the BPs above the EOS is still full of hope.
This is a war that will not end, about hacking, about security. The latest situation is that the assets have been divided into many small shares and gone to more than one exchanges. Now, if it is tracing and controlling, the workload has begun to increase in magnitude and the difficulty is getting bigger. At present, I personally are pessimistic about this asset, I hope there will be a reversal and surprise.
The images and data queries in this article are from EOSPark, IMEOS and EOSBeijing. Thanks to the platform data and materials.
The last point, this article represents only the person(is Lochaiching) and does not represent any institution or company.