A sybil attack is where one individual pretends to be 100 different accounts, with eos seemingly having no defense against it where it concerns Block Producers (BP) which effectively run and control the network.
According to a site that keeps track of eos voting data, one account, GYZDCMJWGMGE, holds controlling votes on at least 11 BPs.
As can be seen above in orange, that account has voted for a number of BPs, but not all. Some are speculating that account might actually control those BPs, but that’s something which we do not know.
What we do know, however, is that the account has significant say on who becomes and who stays a BP, raising concerns the eos network might effectively be controlled by just one or two individuals.
Bitfinex, too, has voted for a number of BPs which may well be a front for Bitfinex itself. As can be seen, for example, they hold significant votes for jerda and eosgenblockp.
The latter is Genesis Mining, which may well have some sort of agreement with Bitfinex. Whether they do, however, we don’t know.
What we do know is that this appears to be very easily gameable, which is what necessitated the use of Proof of Work in bitcoin in the first place while ethereum will have permissionless staking through random allocation which should protect from any cartels.
This compromise in eos was purportedly made to allow free transactions, but transactions are not free. You need ram, which is similar to gas in ethereum. To get that ram you need to stake tokens or buy it. For an airdrop that apparently costs some $12,000.
Making it quite an expensive exercise for the blockchain which claimed to have free transactions and a capacity of 100k transactions a second.
The latter might be true, but capacity is significantly constrained in practice due to the requirement of ram. So for a dapp to offer a popular game, they’d need a lot of tokens, potentially into millions of dollars worth.
King Larimer has thrown out the eos constitution. “It’s gone,” he said to wide applause, well by some. Some others are chattering of potentially even having a fork of eos that runs the old constitution. One eoser, for example, says:
“How is this not canceling EOS’ main USP? Namely: we can be the positive UX chain for non technical people where an ECAF could restore accounts and block hacked funds?”
Many, however, appear to be happy with this change, but not all. Yet if Larimer says it, it will probably be done.
That should address some of the concerns with the way arbitration was working, but why anyone thought it would have worked any different, is unclear.
Just as why anyone should think 21 Block Producers, or perhaps two BPs as they may be in reality, should in any way be trusted, is unclear.
And just as why we now suddenly find out eos does not actually have free transactions is unclear. But at least they keep giving out free popcorns and a chain that is not hesitant to right DAO like events or Parity like events is not a bad idea if it was not easily susceptible to sybil attacks or cartels.