EOS Startup Uses Backdoor to Access User Wallets

A decentralized app (DApp) on the EOS blockchain, Trybe, has recently attracted negative attention following an erroneous distribution of tokens to more than 100 EOS accounts, some received up to four times the due amount.

The developers of Trybe - a blockchain based content ecosystem - chose to then access user wallets to retrieve the accidentally airdropped 8,740 TRYBE tokens (about $60) without notifying the users beforehand.

This mutability feature, interestingly, is often marketed as what makes the EOS blockchain different (in a good way) from its counterparts. In contrast to Ethereum’s immutable smart contracts, which require a hard fork like the infamous DAO hack.

Trybe founder, Tom Norwood, did not deny the aforementioned activities in a Reddit post:

Although maybe we were a little bit negligent in relying on the [EOS library] to work as it was supposed to work, the fact that it didn’t is not exactly our fault,

Tom Norwood

Tom Norwood went on to state that:

However, this is very new software, as you are probably aware, and the fact that it doesn’t have more bugs is a miracle in itself.

Critics say that this level of mutability offered by the EOS blockchain severely compromises its security and decentralization. Which to most in the crypto industry are considered core tenants that drew them to the technology.