EOS Block Producers Are 'Colluding', Receiving 'Payoffs', and 'Mutual Voting', Token Holder Alleges

Omar Faridi
  • 30 Sep 2018
  • /
  • In #EOS
  • EOS block producers (BPs) have been accused by Twitter user MapleLeafCap of "colluding."
  • EOS's 21 BPs are allegedly receiving payoffs and engaging in "mutual voting."

Maple Leaf Capital (@MapleLeafCap), an EOS investor, recently pointed out that “an internal excel document from Huobi”, one of the 21 EOS block producers, had been “circulating in the Chinese community.” According to MapleLeafCap, the excel file reveals the “collusion, mutual voting, and payoffs” that take place between Chinese block producers (BP).

The Twitter user then shared an article, which makes the following allegations: 

(1) Huobi and many other BPs mutually vote for each other to cement their BP position (2) Huobi openly votes for a few BP candidates in exchange for EOS returns

MapleLeafCapital also shared a screenshot (above) that shows crypto firm Huobi voting for 20 different BPs - 16 of which vote for Huobi as well.

In another screenshot posted by the EOS investor, it shows that Huobi receives substantial EOS returns, or payments, from three BP candidates (eosiosg11111, cochainworld, eospaceioeos).

Commenting on the questionable actions of EOS BPs, MapleLeafCapital said:

As an EOS token holder myself, I view such action with utter disgust, and there is a reason why our Mapleleafcap proxy only votes for a very selective group of Chinese BPs.

@MapleLeafCap

The EOS token holder also claimed that EOS’ “integrity” may be “compromised” as 12 of the total 21  crypto platform’s BPs are located in China. In order to resolve these potentially serious issues, MapleLeafCapital recommended  “increased community awareness”, “higher voter participation”, and a “punishing mechanism” for bad actors.

"Blatantly" Against EOS's Mission Statement

He added that such exploitative actions must be addressed immediately as it “blatantly flies in the face of the very thesis” Block.one - the company that developed EOS - had created the crypto platform upon.

MapleLeafCapital further noted that blockchain startup Huobi had been aggressively “pushing” its Huobi Pool Token (HPT) - which he thinks is being done by “blatantly sharing the EOS block rewards with HPT holders in exchange for EOS-lockup.”

In a recent follow-up response by Huobi, crypto news source cnLedger reported that Huobi “denied having financial business” with the EOS BPs - as shown in the leaked spreadsheet. However, Huobi has not commented on the “authenticity” of the excel spreadsheet.

At present, “relevant information is still under investigation”, cnLedger said.

Failing To Understand The Serious Nature Of Collusion

Notably, the exploitative practices pointed out by MapleLeafCapital may be quite serious and could adversely affect many people. Meltem Demirors, a crypto treasury management professional, commented on the issue by stating that investors only care about “returns” and not “ideologies.”

While this may be true in many other cases, it has been seen by some as a highly inaccurate assessment of the potential harm these types of corrupt activities may have on investors.

Block.one Conceptualizes Passwordless Authentication & Authorization System

Block.one, a Cayman Islands-registered firm that publishes open-source software and protocols for EOS, one of the largest platforms for deploying enterprise-grade decentralized applications (dApps), has argued that “current methods of authentication suffer” from the “Hearsay Problem.”

Explaining what Hearsay means, in general, Block.one noted in its blog post, published on April 17th, 2019, that Hearsay is “any information received from one party about the statements or actions of a second party that cannot be adequately substantiated.”

Current “State-Of-The-Art Methods” Of Authentication May Not Be Reliable

Block.one also noted in its official blog that its stance on this matter is that “all information sourced from systems which rely on current state-of-the-art methods of authenticating users would qualify as mere hearsay if any of the involved parties were to call the validity of the information into question.”

Going on to mention that this “characteristic is referred to as repudiability,” which is a property whereby a statement’s claim or validity can be rejected, Block.one’s post explained that “two primary factors” could potentially “lead to this characteristic of repudiability.” According to Block.one, the “first factor is an authentication scheme that requires disclosure of a secret in order to validate the possession of that secret.”

For instance, “security schemes” such as “passwords” which are “subject to this factor,” make it “impossible to create logs of user activity that are verifiable by anyone other than the party and the counterparty,” Block.one’s blog stated. Moreover, the software publisher’s post noted that the “second factor is the lack of means to prove that the data within a system that actually represents the intent of the user,” which results in another issue, referred to as “The Blank Check”.

“The Blank Check” Problem

As mentioned in Block.one’s blog, the “Blank Check problem is present in any system that can take action on behalf of the user without needing the user’s explicit consent on that specific action.”

This same problem “is also present if the means of capturing the user’s consent is anything short of a log of proof that the user was informed of the implications of every individual action and explicitly consented to each action,” the software development firm wrote.

“Nothing Preventing Banks From Liquidating Or Locking User Funds”

From strictly a technical perspective, Block.one believes “there is nothing to prevent your bank from liquidating or locking your funds, and there would be no means of proving any wrongdoing, as the Bank could fabricate records of seemingly legitimate transactions. This would no doubt pose grave consequences that affect many stakeholders in a material way.”

These issues can be attributed to “the lack of provable auditable logs,” Block.one claims. It adds that technologies which “address this fundamental shortcoming” on existing platforms are not designed to be user-friendly.

According to Block.one, systems that “rely on passwords” for authentication and authorization are “subject to the Hearsay Problem and the Blank Check problem.” In order to provide robust security, while accurately determining whether a user should be allowed to access a system, Block.one proposes creating what they refer to as the “Pass Manager.”

Pass Manager: Ultimate Authentication And Authorization System?

As described in its blog post, Block.one noted that a Pass Manager could be implemented using “a blend of technologies [that could] work in tandem to produce superior security and usability for users, including cryptographic signing, hardware keys, and biometrics for credential security, as well as a transport-agnostic protocol for portability.”

Creating Non-Repudiable Logs

Going on to describe how an actual Pass Manager-enabled system would work, Block.one stated that “anytime a user’s consent is sought by a Pass Manager, human-friendly descriptions of the action should be shown to the user, and that description (or a cryptographically verifiable derivative of it) should be included in the signed response from the Pass Manager.”

The software publisher further noted that the “use of keys means that logs are non-repudiable and can be verified by third parties, and the inclusion of the human-friendly description in the signed response can serve as proof of the user’s intent. These characteristics solve both the Hearsay and Blank Check problems,” Block.one’s developers claim.

As explained, a Pass Manager-powered verification system would not require users to input passwords - which would arguably make the authentication and authorization process more secure.