Major vulnerabilities in the EOS blockchain and smart contracts platform may push back the Mainnet launch scheduled for June 2.
Chinese security firm Qihoo 360 discovered a series of high-risk vulnerabilities in the network that could allow an attacker to gain remote control over any EOS node, construct and publish malicious smart contracts, or become a ‘free miner' and dig up digital currencies based on the EOS platform, according to The Next Web.
The researchers announced their discovery in a May 29 Weibo blog post written in Chinese and said they had reported the vulnerability to EOS officials earlier that day.
Researchers said security vulnerability in the implementation of a blockchain node may cause thousands of nodes to be attacked and that even a denial-of-service vulnerability that is considered to be relatively harmless in the area of traditional software vulnerabilities may cause a huge impact on the entire digital currency system.
The vulnerabilities will also allow an attacker to steal the key of the EOS super node, construct and publish malicious smart contracts, or become a ‘free miner' and dig up digital currencies based on the EOS platform.
The stolen EOS supernode key would also allow attackers to control the transactions of cryptocurrencies on the EOS network or acquire the financial and privacy data about the users including their wallet private keys.
Researchers were reportedly told there would not be an official launch until the issues were patched.