Yesterday an account that was in the blacklist of the EOS blockchain, managed by Block Producers, succeeded to get around the ban and liquidated in a short time as many as 200 thousand EOS, to be precise 199,990 tokens.
The blacklist system that works on the EOS blockchain allows the affected accounts to not be able to make any transaction: in fact, then, the account had been frozen for committing malicious and harmful behaviour to the detriment of the entire ecosystem.
Probably, in fact, the account had carried out an attack against a platform or dApp or could have received funds from illegal activities.
The blacklisted account managed to get around the ban because in the top 21 BP had entered a new BP, hashfineeosio, which had not updated the blacklist. The attack in these cases is a simple request from the blocked account to the BP to confirm the transaction. This request is made to all BPs and if even just one confirms the transaction then the account can continue with the release of funds and liquidate them on an exchange.
The account moved the funds and then, in fractions of 5,000 EOS at a time, for a total of 40 different transactions and accounts, sold everything using always a different account created specifically for the transfer of funds.
The damage was considerable as it could collect more than half a million dollars due to the negligence of the BP in question.
Because of this event, the BPs have now proposed to introduce a multi-signature system to solve the problem.
This is definitely another governance issue that concerns the EOS blockchain: although it can be scalable and effective as a platform for dApps, the management of the blockchain is entrusted to only 21 BP, which are in fact nodes.
In the last period this centralization has created a lot of confusion in the community, even if, as stated by block.one’s CTO, Daniel Larimer, they will soon integrate different solutions to change the cards on the table.