EOS.IO phasing out free network resources after smart contract exploit

One is planning to phase out free network resources on EOSIO after the feature allowed an attacker to exploit a smart contract for 30,000 EOS. On the heels of v1.8, network's first consensus hard fork upgrade, Block.

One is moving block producers to eliminate free network resources.

In mid-September the gambling dApp EOSPlay was exploited for 30,000 EOS, worth $110,000 at the time, by abusing developers' expectations of free network resources.

The exploit was conducted by pushing the network into "High congestion mode," the end of free network resources, by renting a huge amount of network resources from EOSIO's recently implemented resource exchange, REX. Many dApps and users on the network weren't ready to handle the sudden shock to resource availability.

"This behavior forces the network to reduce the amount of 'free' bandwidth it offers to all users, and disrupts those that have come to rely on a consistency of free resources."

During the state of high network congestion the attacker was able to manipulate the transactions included on the blockchain to guarantee wins on EOSPlay, allowing them to drain the smart contract.

"Removing this feature will ensure everyone adapts to securing network resources through renting or staking tokens, and will result in an improved user experience where every user always gets what they expect," stated Block.

The grey list allows block producers to restrict users solely to their allocation of guaranteed resources, removing their access to free resources.

To phase out free resources from the network, Block.

One plans to introduce a new feature that would allow block producers to apply the grey list to all accounts and gradually reduce free resources for all users.