Trybe doesn't have a backdoor

in #trybe6 years ago (edited)

A few days ago, cryptoglobe.com published an article about Trybe accusing it of having a backdoor. This is simply not true. The article says:

A decentralized app (DApp) on the EOS blockchain, Trybe, has recently attracted negative attention following an erroneous distribution of tokens to more than 100 EOS accounts, some received up to four times the due amount.

Yes, it is true that some people received a lot more than they should have. But it wasn’t done with a backdoor. It was done by entering with the front door, that is, changing the contract vulnerability by updating the contract itself.

In EOS, developers can update contracts if they have vulnerabilities. And that’s what the Trybe team did. It is obviously controversial to access wallets of users without their consent but that’s just how EOS works. It gives more power to developers so that they can fix things easily. Trybe team did the right thing by correcting the contract.

The developers of Trybe – a blockchain based content ecosystem – chose to then access user wallets to retrieve the accidentally airdropped 8,740 TRYBE tokens (about $60) without notifying the users beforehand.

This is laughable. It looks like the article writer has no idea of what happened in the airdrop. Millions of Trybe tokens were mistakenly awarded to people not just 8,740 tokens. If it was only 8,740 tokens, I doubt Trybe team would have bothered to null the contract.

I myself received 153,000 tokens which was 13 times my actual airdrop allocation. At the current market price, that’s worth over 1530$. Some users who had a higher Trybe token balance in the Trybe.one site received even more tokens than me.

Critics say that this level of mutability offered by the EOS blockchain severely compromises its security and decentralization. Which to most in the crypto industry are considered core tenants that drew them to the technology.

This part of the article is the only paragraph I agree with. Since EOS smart contracts can be updated using the private key of the contract address, it allows the owner of the contract address account to make changes to the contract however he wishes. This is a big security flaw.

If the private keys to a contract is compromised or hacked, the malicious actor can print tokens out of thin air and sell them on the exchanges that token is listed. If something like that were to happen, then that token’s reputation would be hurt severely and investors will lose a lot of money due to the free fall of the token price.

Crosspost

Sort:  

i got like 13 times more tokens then i should of haha. could any token do this or did trybe have it already written into the contract ?

Its interesting how the contracts are being managed here. 153 000 tokens is worth 15300 $, but then 8 740 Trybe should be about 874 $? The rate on the citation is not correct, is it?

Posted using Partiko Android

Ah, sorry. That was a mistake. Added an extra zero. I updated it with the correct number.

Hi @littleboy!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your UA account score is currently 4.010 which ranks you at #3441 across all Steem accounts.
Your rank has dropped 2 places in the last three days (old rank 3439).

In our last Algorithmic Curation Round, consisting of 499 contributions, your post is ranked at #280.

Evaluation of your UA score:
  • Some people are already following you, keep going!
  • The readers like your work!
  • Try to work on user engagement: the more people that interact with you via the comments, the higher your UA score!

Feel free to join our @steem-ua Discord server

Coin Marketplace

STEEM 0.19
TRX 0.18
JST 0.034
BTC 90853.98
ETH 3221.27
USDT 1.00
SBD 2.82