Company Chengdu LiaAn Technology Co and its research platform VaaS (Verification as a Service), a member of the group CYBEX has identified a critical vulnerability in the architecture of the smart contract EOS.
The disadvantage is strikingly similar to the error “batchOverflow” that afflict some tokens ERC-20, mostly predominant in BeautyChain (BEC). In the end, this error led to the suspension of trading and withdrawal of tokens ERC-20 with most of the major exchanges and exchanges last week.
In batchOverflow used a set of fairly innocuous lines of code containing the value for variable “amount” that is determined by multiplying the values for the variables “cnt” and “value”.
Hackers, it is sufficient to install the necessary code snippet to fill their wallets. Due to the peculiarities of smart contracts, each transfer of the token was legitimate, allowing you to generate virtually unlimited amounts of currency out of thin air.
LianAn Tech closely acquainted with the problem batchOverflow and explored the architecture of other smart contracts. The company found that they are almost the same vulnerability.
Remains to be seen whether the EOS platform in the extensive work on the parts before it can really compete with smart contracts with Ethereum.
The market capitalization of EOS have reached an incredible high of $ 18.8 billion, at the moment, the capitalization fell to 14 billion.