Some may place EOS near the end of its post-mainnet launch teething stage; however, several developers of the dPoS blockchain have stepped in to fight off another memory-related bug-this time, allowing malicious transaction recipients to hijack the RAM of senders.
Addressed by EOS developers in a GitHub bug report, the issue permits users to insert large quantities of bogus data into the transactions of senders, thereby parasitically consuming their resources.
"A malicious user can install code on their account which will allow them to insert rows in the name of another account sending them tokens. This lets them lock up RAM by inserting large amounts of garbage into rows when dApps/users send them tokens."
Unlike vulnerabilities discovered before exploitation, the issue forced EOSBet to go offline after discovering a "Malicious actor" that had been feeding on their resources.
While the EOSBet team claims to have worked "Around-the-clock" to achieve this, the team also reports working alongside other developers to devise a more permanent solution to the network-wide vulnerability.
Currently, users must send tokens via a RAM-less, and thus bugless, proxy account to assure the welfare of their memory.
Back online after the #EOS #RAM bug crippled our system.
As a finite resource integral to the operation of EOS dApps, RAM appears to have become both a hot commodity and chronic headache for the fifth largest cryptocurrency by market capitalization.
As reported previously by Cryptoslate, several EOS block producers crashed in early June when they exceeded a net 1Gb of memory consumption, and while lead block producer EOS New York put the fault down to human error, one might eye the platform's emerging RAM-hoarding market or recurring governance issues as exemplary elephants in the room.
Coupled with the latest bug and its seemingly enterprise-foreign solution, such issues would certainly appear as a number of kinks to be ironed out; at least before the proverbial ribbon-cutting ceremony of a truly industry-ready smart contract platform.
Major EOS Bug Allows Users to Poach RAM, EOSBet Reports 'Crippled' System
pubblicato su Aug 28, 2018
by Cryptoslate | pubblicato su Coinage
Coinage
Notizie recenti
Vedi tutti
First Mover: What's Next for Bitcoin as Wall Street Gets Vaccine Booster
Bitcoin was higher for a second day, staying in a range of between roughly $15,200 and $15,600, as news of progress in developing a coronavirus vaccine appeared to touch off a rally in U.S. stocks.
Market Wrap: Bitcoin Fails to Break $15.9K; Over 50K ETH Staked on Eth 2.0 Contract
Bitcoin gained Wednesday while Ethereum 2.0 staking has been ramping up.
Citibank Analyst Says Bitcoin Could Pass $300K by December 2021
A senior analyst at U.S.-based financial giant Citibank has penned a report drawing on similarities between the 1970s gold market and bitcoin.
Blockchain Bites: Data Unions. Hard Forks. And One Citi Analyst's Case for $300K BTC.
A Citibank managing director thinks bitcoin could hit $318,000.