This article was published on June 8, 2018

The EOS mainnet nightmare: How not to launch a blockchain network

Almost a week later, the EOS mainnet is still not live


The EOS mainnet nightmare: How not to launch a blockchain network

In a year-long initial coin offering (ICO), Block.one raised $4 billion for its blockchain and smart contracts platform EOS.

It is worth noting that a host of such platforms already existed, but Block.one promised a more scalable solution for decentralized applications (DApps). The only problem is, one year later, the EOS network is still not a reality.

EOS’s mainnet launch was slated to happen on June 2, 2018. But almost a week later the blockchain is not yet live.

For those who do not know, mainnet is an acronym for the main network of a blockchain platform. The EOS cryptocurrency was built on top of the Ethereum’s blockchain (a platform it aims to best), and the currency was to move on to its own blockchain with the mainnet launch.

EOS has received widespread criticism pretty much since its inception for loopholes in its vision and, worse, in its execution — but the mainnet launch has been a fiasco in its own right.

The whole saga began when hackers managed to gain control of Block.one’s Zendesk account and used it send phishing emails. I received one such email in my inbox, and I was almost convinced of its authenticity. No wonder, hackers could make away with millions of dollars of investors’ money.

Less than a week away from its mainnet launch, Qihoo360 — a reputed Chinese internet security firm — found several vulnerabilities in the EOS network. The bugs could allow hackers to remote control EOS nodes and attack any cryptocurrency built on top of its blockchain.

The security firm said that they notified Block.one about the vulnerabilities, and the company promised to delay the launch until all bugs were fixed.

But following the media reports, EOS denied any delay stating that the bugs have either already been fixed or are in the process of getting fixed.

For a company that just promised that all the bugs have been fixed, its next step was peculiar. EOS went ahead and announced a bug bounty program with heavy rewards for developers. Its HackerOne profile shows that bugs continue to be discovered and rewarded as recently as yesterday.

It is, of course, a good thing that bugs are found and reported. The problem here is that EOS announced the bug bounty program too late, when its security glitches already became public after the email breach and Qihoo360 reports. On top of it, EOS seems to have lied about vulnerabilities getting fixed in time for the mainnet launch.

As if their security worries were not enough, EOS came up with a poorly drafted constitution (An older draft was even worse) for its blockchain, that ended up receiving criticism from computer scientist and cryptographer Nick Szabo.

The fact that EOS even has a constitution of this manner goes against the idea of decentralization, but it is the words that do the actual damage, as twitter user Panek points out.

This is one of the clauses in the constitution, for example:

Article V – No Fiduciary No Member nor SYS token holder shall have fiduciary responsibility to support the value of the SYS token. The Members do not authorize anyone to hold assets, borrow or contract on behalf of SYS token holders collectively. This blockchain has no owners, managers or fiduciaries; therefore, no Member shall have beneficial interest in more than 10% of the SYS token supply.

The constitution has been drafted by the Block.one team. The fact that EOS will live by their words alone, it doesn’t sound like it has no owner. Another thing worth noting in this clause is that no one is “allowed” to control more than 10 percent of the EOS cryptocurrency supply.

Coincidentally (not), that is the exact amount of the EOS tokens Block.one publicly owns. This is probably the company’s way of saying that they do not want anyone to have more control over the EOS ecosystem than they have. It is another matter entirely that how do they plan to execute this clause for a publicly traded currency that anyone can buy and store in multiple wallets.

Other clauses in the constitution call for “monitoring,” “adjudication,” “penalization,” and “arbitrations.” All of these clauses establish Block.one as a central authority governing the blockchain.

It is not just the constitution that is raising worries about centralization with EOS. Their method of deciding when they will finally launch their mainnet is similar.

EOS block producers (BP) candidates meet on video every day vote on whether or not the mainnet will be ready to launch the following day,” the EOS website tracking the mainnet status states. “The vote is cast as GO or NOT GO.”

Under the project’s consensus algorithm — delegated proof-of-stake (dPoS) — a number of block producers are chosen to act as validators, which in EOS’s case is 21. The power of these 21 delegates is not just limited to deciding when the mainnet will actually go live though.

As the minutes of meetings from the latest Zoom call of EOS block producers shows, they even have the power to “print” new EOS cryptocurrency.

A poll is conducted in the middle of the meeting: Should we “print” 19k EOS or “work out” a solution to have 1 billion flush at launch?

The majority agrees to print the EOS tokens and the decision is made.

The fact that EOS is letting a handful of people control vital decisions about the network like this has received severe criticism from cryptocurrency community on Reddit and Twitter. “This is hardly democratic, let alone decentralized,” is the consensus on social media.

In my opinion, if blockchain companies can’t launch an actual product after raising millions (or billions in case of EOS) of dollars, then enthusiasts can hardly complain when critics argue that ‘blockchain is crappy technology and a bad vision for the future.’

If you want to know in case EOS finally launches its mainnet, you can track it here.

Get the TNW newsletter

Get the most important tech news in your inbox each week.