The Chengdu LiaAn Technology Co company and its research VaaS platform (Verification as a Service) entering into the CYBEX group has revealed critical vulnerability in architecture of the smart contract EOS.
The shortcoming is similar to an error of "batchOverflow" to which some tokens of ERC-20 which is generally prevailing in BeautyChain (BEC) are subject. Finally, this mistake has led to suspension of trade and a conclusion of tokens of ERC-20 from the majority of the main exchangers and the exchanges last week.
In batchOverflow set enough harmless lines of a code containing value for the sum variable which is defined by multiplication of values for the "cnt" and "value" variables was used.
It is enough to hackers to establish a necessary fragment of a code to fill the purses. And thanks to features of smart contracts, each transfer of tokens was lawful, allowing to generate almost unlimited number of currency literally from air.
Critical vulnerability of the smart contract EOS
LianAn Tech has attentively got acquainted with a problem of batchOverflow and investigated architecture of other smart contracts. The company has found out that they are subject to almost identical vulnerability.
Still it is necessary to find out whether the EOS platform needs extensive work on details before she is able to compete to smart contracts of Ethereum really.
Market capitalization of EOS has reached a maximum in 18,6 billion dollars.
bitcoin earn and exchange best in 2018
