EOS dApp Used Blockchain Backdoor To Remove Tokens From User’s Wallets Without Their Consent

EOS dApp Used Blockchain Backdoor To Remove Tokens From User's Wallets Without Their Consent

EOS has recently been in the news following the revelation that an EOS decentralized application (dApp) could access users’ token wallets without their consent through the use of a backdoor technique.

More specifically, this EOS dApp is called Trybe, and describes itself as a ”tokenized knowledge sharing network for the crypto and blockchain community”.

Issues first arose when Trybe were set to distribute tokens to user accounts through a token airdrop. Due to unknown circumstances, Trybe accidentally distributed an incorrect number of tokens to more than a hundred different EOS accounts.

Moreover, some accounts were said to have received upwards of four times the correct amount. One would presume that this mistake on Trybe’s part would have been written off as an accident, or shared with the wider Trybe community in an effort to rectify it.

However, Trybe’s developers instead opted to covertly access user wallet and to return the Trybe tokens without the consent of the users.

Although the amounts involved were comparatively minuscule – amounting to 8,740 Trybe tokens, or $60, for a user posting on Reddit – the fact that Trybe developers could access user wallets is more worrying. This sort of centralized control flies in the face of the very ideology underpinning cryptocurrencies.

Nevertheless, the option to return funds in this manner is enabled through the mutability feature supported by the EOS blockchain. In fact, the support for mutability is often touted as one of the advantages of the EOS blockchain.

Moreover, Trybe’s founder, Tom Norwood, commented on the revoked airdrop in a Reddit post, stating that EOS has ”options available for when things don’t go exactly according to plan”, and that Trybe could not be blamed for using the features available through the EOS blockchain.

Furthermore, Norwood stated that Trybe were ”comfortable in [their] decision to reverse transactions in this instance” and he also stressed that all tokens developed on the EOS blockchain feature support for reversing this sort of transaction.

In addition to this, Norwood argued that although this allows for centralized control, he made the case that this could actually be a good thing – something which many cryptocurrency supporters are sure to argue with.

Although one could make the case that the tokens had been distributed as a result of a mistake, the implications that dApp developers can remove coins from users’ wallets against their will are serious ones.

Commenters on Reddit noted that although this mutability feature ”proved useful to fix the problem” it is ”not exactly a good idea to actually do for a lot of reasons” – such as undermining the trust and reliability of EOS dApps in general and Trybe in particular.

Image Source: “Pexels”

Leave a Reply

Your email address will not be published. Required fields are marked *