|Prof. Yongdae Kim and Prof. Sooel Son’s joint research team published and presented papers at USENIX WOOT, the top-tier international conference workshop.|
A joint research team of Prof. Yongdae Kim and Prof. Sooel Son presented the paper titled “Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO” at the USENIX WOOT, which is held in San Jose, California on August 12-13 and mainly deals with attack papers in the security field. The researchers looked for a variety of threats that could arise due to the nature of the resource management used by EOS.IO, one of the representative blockchains, and verified the impact of these threats on the EOS.IO ecosystem. EOS.IO is a representative cryptocurrency that uses a delegated proof of stake to solve low TPS (Transaction per seconds) issues such as Ethereum and bitcoin. However, this delegated processing method has no choice but to provide limited resources to the node that handles all transactions and the users who request the processing.
The researchers demonstrated the attack method to stop the block of EOS.IO’s block producer by exploiting these resource allocation problems, the way how to effectively deplete the resources needed to operate the contract, and the attack to steal the user's resources effectively. Also, this paper emphasized the importance of resource allocation in adopting the DPoS method through these attack vectors and suggested ways to prevent the attacks.