EOS dApp Used Blockchain Backdoor To Remove Tokens From User’s Wallets Without Their Consent
EOS has recently been in the news following the revelation that an EOS decentralized application (dApp) could access users’ token wallets without their consent through the use of a backdoor technique. More specifically, this EOS dApp is called Trybe, and describes itself as a ”tokenized knowledge sharing network for the crypto and blockchain community”. Issues first arose when Trybe were set to distribute tokens to user accounts through a token airdrop.
Due to unknown circumstances, Trybe accidentally distributed an incorrect number of tokens to more than a hundred different EOS accounts. Moreover, some accounts were said to have received upwards of four times the correct amount. One would presume that this mistake on Trybe’s part would have been written off as an accident, or shared with the wider Trybe community in an effort to rectify it.
However, Trybe’s developers instead opted to covertly access user wallet and to return the Trybe tokens without the consent of the users. Although the amounts involved were comparatively minuscule – amounting to 8,740 Trybe tokens, or $60, for a user posting on Reddit – the fact that Trybe developers could access user wallets is more worrying. This sort of centralized control flies in the face of the very ideology underpinning cryptocurrencies.
Source: toshitimes.com