How NEO’s consensus failure is spreading FUD
On 3 March the NEO blockchain stopped working. An initial statement by Malcolm Lerider, NEO’s senior research and development manager, said the reason for the failure was because one of its consensus nodes was disconnected from the network.
NEO uses the delegated Byzantine Fault Tolerance (dBFT) consensus mechanism, which at its simplest means that the nodes on the network elect a smaller number of nodes to carry out the consensus work.
Because the NEO Council holds most of the token supply it has centralised control of the network. As such, it also controls the delegation process and has limited the number of consensus nodes to seven. This fact alone has seen NEO attract criticism from those who consider it not to be a “true” cryptocurrency because of its lack of decentralisation, a criticism also levelled against Ripple.
On the other hand, centralisation means its software can be updated without having to reach a consensus across the hundreds or thousands of decentralised nodes on the network, thereby avoiding the divisions that, for example, have stymied the upgrading of the bitcoin network.
Another key feature of dBFT, as the name suggests, is resistance to faults, but Lerider’s explanation of the network downtime (delays) implies that there is very little fault tolerance in the system if just one node being disconnected can stop the network functioning. How would the network cope with malicious code being executed by one or more of the consensus nodes if it can’t even protect itself against a simple connection failure?
Alarm bells ring
These and other questions set alarm bells ringing. If this can happen to a top 10 project and the only one to have received an A rating from Weiss, what does it say about all the other blockchains out there?
The accusations levelled at the governing NEO Council that oversees the Chinese blockchain project, forced it to issue a statement today denying claims that NEO was built on badly written code exposing the network to major vulnerabilities and that its consensus mechanism was not a proper implementation of dBFT.
Da Hongfei, NEO’s founder, says that the head of research and development gave the wrong reason for the system breakdown. That’s a worrying statement in itself as it throws into question the quality of the development team.So what was the reason for block “delay”?
Da Hongfei is not very forthcoming, basically saying its complicated and we are working on fixing it and that it was a known issue.:
“The delay is not out of the reason described by the statement of Malcolm Lerider in Discord, although he is NEO’s Senior R&D Manager. His statement was then misused as evidence that 1 Consensus Node failure will bring down the NEO network. It is a ridiculous and ignorant accusation and can be debunked easily. The actual reason is more complicated and we were aware of this issue and had been working on it long before the recent delay happened.”
There’s a bug “deep in NEO’s p2p protocol”, says Da Hongfei, and his team has been working on a fix “for weeks”:
“We are pretty sure the block delay is caused by a corner case lying deep in NEO’s p2p protocol implementation: in some unusual scenarios, Consensus Nodes disconnect from the networks temporarily but reconnect shortly after. In such scenarios block delay is observed. We had been testing fixes for weeks on testnet and it was planned to be deployed on mainnet this week.”
Ok, so why hasn’t the fix planned for deployment this week been rolled out or is it a related issue, namely it was rolled out but went wrong? That would be a not untypical software development problem where a fix has unintended consequences and introduces other bugs.
It might be a stretched to say the argument has helped drag the crypto market lower but it certainly got market participants asking some hard questions not just about NEO but the wider sector.
Weiss A rating not worth the paper it’s written on?
NEO is a top-tier coin with a market of $6.9 billion. It is also the only token that has received an A-class rating from Weiss, the US ratings agency that launched crypto ratings at the beginning of February. The closely watched ratings gave bitcoin a relatively lowly C+ to the consternation of many crypto watchers, so to receive an A rating is high praise indeed. Some commentators see Weiss’s NEO A rating as further evidence that it doesn’t really understand crypto.
Da Hongfei says that NEO has plans to decentralise consensus nodes, and it released details at DevCon 1 held in San Francisco in January . The founder signs off his blog by decrying the FUD “spreading among those who are not aware of or agree with NEO’s vision and philosophy”.
The critics are not impressed by what they see as a fatal flaw in the network. This from Eric Wall:
15/ This happened on the live NEO mainnet, a cryptocurrency valued $7.8 billion. Without exaggeration, this is the most blatant display of sheer incompetence I've ever seen from a project in this space. No project with *any* form of code review would have allowed this to happen.— Eric Wall (@ercwl) March 4, 2018
The faster the NEO council can communicate in a clear and fully transparent manner what are admittedly highly technical matters the better, because as things stand there remains a high level of uncertainty despite the founder’s attempts to dispel the malevolent mist. Is it a bug with a fix in hand or a major design fault as others would maintain?
In a blog post yesterday entitled “Shoutout to take responsibility”, Lerider says “consistency is and never was threatened”. That’s good news but given the boss’s correction of the head of R&D’s earlier statement, onlookers are understandably in need of further convincing.
Weiss for its part has reduced its rating of NEO from A- to B+. Weiss updates its ratings on a weekly basis.
NEO is up around 91,000% year to date although is down 10% today.