Secret Changes I found in the Nano codebase

Medium Muidem
5 min readMay 3, 2018

--

Hello internet,

Late last night, I accidentally discovered a group of insiders secretly grabbing control of a billion dollar cryptocurrency. Specially, changes in the Nano v12.1 source code show that now almost everyone no longer is allowed to participate in elections (ie, removing the primary ideological reason why one runs their own node). Nano version 12.1 also includes a new ability for accounts larger than 53 million USD, while critically never announcing either of these major changes publicly.

The critical lines of code in question, from the Nano github

A brief overview of these changes in commit #63e15c for non technical readers:

If you look at commit 63e15c, you see the developer PlasmaPower adding some code. If you scroll down 2,900 lines, you notice key changes to the governance structure of the currency. Specifically, these changes he made:

  1. He requires any node who wants to have their vote count hold a minimum of 133,000 nano (@ 8 per, just over a million US dollars worth). This completely changes the network topography: the network used to have all the dots (nodes) connected to each other in a web of trust, but now all the dots (nodes) connect to at maximum 31 hub nodes that everyone else spikes out from. This is very significant change philisophically for a cryptocurrency.
  2. He added a new ‘cooldown’ variable. This variable gives ultra-ultra-high-wealth users a new ability: If you have $53 million USD worth of nano (5% of total supply, 6,650,000 nano), your node sends transactions 15 times faster than those that merely own more than 133,000 nano. But for most readers that own far less than that, this doesn’t impact you at all — because after change #1, you don’t get to vote anymore anyway, and so you don’t have any reason to be assigned a cooldown timer in the first place.

The most damning point: these sweeping changes were secretely made by a developer who slipped it into the source code without any public communication. They titled this change on github “Fix vote republish rules and duplicate sequence number detection”, which neglects to mention the sweeping changes to the very soul of the crypto currency, that is to say transaction approval and chain governance.

This is fradulent behavior at the very heart of the cryptocurrency called Nano. I think this might be the most dramatic and insiduous github commit I’ve ever read. The amount of money and peole that will be impacted is immense.

Technical specifics and further proof:

The key changes happen on the Nano github account, in the Version 12.1 branch, in commit hash 63e15c21ae2b0098db266ef23c6f58f1e40676df, lines 2909 through 2923.

Click through to view the code yourself, and get others opinion — don’t take my word for it, the code speaks for itself. For context, these lines are contained the critical ‘election’ function. Change #1, the disenfranchisement of almost all nodes, happens in the following if statement added to the code:

if (rai::rai_network == rai::rai_networks::rai_test_network || weight > supply / 1000)

This means that you are only able use the election functionality on the main network if your nano node has more than 133,000 nano (0.1% of all circulating nano). This changes the core network topography and trust-web of the network. PlasmaPower commented on that only 31 accounts meet this critaria here: https://github.com/nanocurrency/raiblocks/pull/663

Feel free to peruse that conversaion and note that no one actually mentions why these changes are made, I would suspect because the limited number of core devs are colluding again the users of the network, and they think no one will notice. Oops.

The second item is the major addition to the transaction processioning, through the addition of a account-weight (ie wealth) dependent ‘cooldown’ multiplier. This new variable PlasmaPower made suddenly restricts the ability of the should_process variable in the following block:

if (last_vote.first <= std::chrono::steady_clock::now () - std::chrono::seconds (cooldown))
{
should_process = true;
}

The should_process variable notably determines if the nodes vote is counted through the node.network.republish_vote, votes.vote, and confirm_if_quorum function calls. As a side note, at least these guys have decent variable naming conventions: I bet the next time someone tries something this ballsy, they will use a bunch of misdirection to try to hide it to the casual software developer glancing at the code like myself.

This is the most damning part of all: these sweeping changes to core network philosophy and topography occur in a innocently sounding and totally inappropriate github commit titled “Fix vote republish rules and duplicate sequence number detection.” For the trolls that will try to justify this change, they aren’t going to be able to justify using a super sneaky commit to try to slip these major changes into the codebase.

Taken together, these two changes mean that whomever controls the handful of account greater than 50 million USD worth of Nano can get away with almost anything on the network, most certainly including censoring transactions and likely including doublespends and a number of other more sublte nefarious tactics. If a government served one of these ultra wealthy accounts with a warrant, it could very possibly result in a government controlling the ability of transactions to publish.

Most damningly, they did this major re-architecture secretly. Tactics like this are completely contrary to everything that open source software development stands for, and reflect badly on the cryptocurrency space as a whole. I hope that we one day have enough collective understanding to supress these shuckers before their shitcoins garner a billion dollar market cap (though this also makes a good demonstration of why market cap is an extremely poor indicator of quality).

In closing, for those hodling nano that are just skimming this article, running a nano node is now meaningless, the network has been secretely centralized and does not trust you anymore.

Facts not fud,

-Muidem

My PGP fingerprint: 8694 D7EC 6ED3 66D5 A7C7 A816 FBE5 7648 EB71 53CF

To view my full PGP key and a PGP signed message, to keep nano trolls from impersonating me, go here: https://medium.com/@muidem1000_49085/pgp-proof-and-public-key-60c0fd6a1b7d

--

--