A closed door online meeting of block producers has delayed the launch of EOS following the recent disclosure of a number of protocol bugs.
After 48 hours of testing, the EOS blockchain was meant to open today for a token holders’ vote in an election of 21 supernodes (block producers), but apparently there were demands for an audit. SonataSystems, which seems to be involved with EOS and apparently was on the call, says:
“Due to overwhelming demand from Chinese stakeholders, the China BPs have hired an outside/independent auditing firm to evaluate everything, and that work is already underway.
On top of that, the BPs themselves are also doing network infrastructure penetration testing, and lots of feature/functionality acceptance testing.
There are daily go/no-go meetings to review findings and determine whether to launch. When the majority of BPs vote to go, then the mainnet launches 12 hours later.”
An official announcement was made regarding a “no go” decision for launching today. It says 24 hours have been given for an audit:
The minutes of the online video conference call have been published. Initially, the supernode candidates were of the view that they should launch today, but that changed after someone going by the name of Mao from a supernode candidate, EOSReal, asked for seven days.
“Some firms have been working on this for up to 40 hours already at this point – based on what they’ve seen so far, they figure they need the 7 days to have a better idea of how things look,” Mao said.
Someone named Bo, a proxy for the EOS Silicon Valley supernode candidate, “gave a rundown of the desire by Chinese teams to conduct security audits, code audits… they will deliver a report on security level of overall EOS system: both the network, and eosio/eos software.
He says that token holders in China prioritize the security over speed. This group is trying to represent the token holders and not only the Block Producers.”
There was some resistance, with someone apparently commenting: “Will the testing ever stop?” Others however argued “the codebase has only been solidified for less than a week so it was impossible to test prior to last week.”
So confirming there has been no audit of a bearer asset code base that is to carry more than $12 billion in value according to its current market cap.
The end result was an agreement to give them 24 hour for the audit of so many lines of code even while just one developer found some twelve bugs in one week.
Ethereum, in contrast, has given auditors some four months, and that’s for “just” an upgrade rather than an entire chain.
While even Tron is undergoing a near month long testing process during which they have offered an incredible bug bounty of a maximum of $10 million for any one fatal bug.
24 hours therefore, or even a week, for a $12 billion blockchain that is to run on brand new code which has not been tested at all since it has just been finalized, has clearly not been audited, sounds reckless.
And there may be plenty of things to say about other EOS aspects, but here there is no subjectivity whatever. Security must be paramount where billions are at stake, and going ahead without a proper audit when just a week ago it was shown how nodes can be taken over, sounds very irresponsible.
It is true, however, that in EOS transactions are not irreversible. Supernodes can just reverse them as they please with their misbehavior kept in check only by the token holders vote, if they haven’t been confiscated their tokens.
But who is to know that mechanism itself isn’t faulty without some proper checks, for at least a month, let alone everything else? So we should think the launch will be delayed a lot longer since the code that was finalized only last week has had effectively no testing whatever, but that remains to be seen.