Groundhog Day for BTCP
Bitcoin Private has been a drama filled roller coaster since its inception in early 2018. In an article that I published on the 17th November 2019 ‘No Sunshine, No Rainbows’ I described the issue where an exploit in the ZCash code had resulted in the introduction of a considerable number of counterfeit BTCP.
In a statement released in a Community Update on 31st January 2020 ‘THE STATE AND FUTURE OF BITCOIN PRIVATE | by Bitcoin Private | Medium’ it was confirmed that to address the issue a snapshot would be taken at block height 680,000 and a new chain would be launched. This information was published and communicated to mining pools and exchanges and when the time came on the 5th February 2020 the snapshot was performed. Shortly after this the chain halted at block 680,240 — this is important and will be explained later.
At this point my involvement reduced as there was little that I could do to drive the project forward. However, during the following months volunteers from the community rallied round to secure capable resource to complete the analysis of chain data and to create the new code base. From here progress was steady as the developers created a Testnet and sorted through both the counterfeit transactions and coins previously burned at block 480,000.
During the months since the snapshot Graviex have confirmed that they will support the new chain and have acknowledged the snapshot assuring users that coins traded after the snapshot will be correctly distributed to users. (https://t.me/graviex/46813) For me continuing trading after a coins blockchain has halted is nonsensical, but I recognise that people wish to ride the risk. For an exchange to facilitate this, in my opinion, is irresponsible.
Fast forward to December 2020 as things look closer to completion and I once again became more active in the community. It wasn’t long before something piqued my interest! A user reported that he had been able to make a successful deposit to Graviex after block 680,000. Not only this, he later confirmed that he was able to sell these coins albeit buying them back through a sense of guilt.
This brought back the anger I felt back at the end of 2019 when Graviex not only dismissed the evidence presented to them that deposits of counterfeit coins were being deposited in to their exchange but also actively opened up deposits and trading on the 27th December 2019 after being explicitly asked to cease by BTCP developers. This despite telling their community that the wallet could only be opened back up at the request of the developers (https://t.me/graviex/42008). It was time for another round of analysis and investigation.
On the 10th January 2020 I looked at the blocks between the snapshot and the final block 680,240. The first thing of note was that the last block that contained a transaction was 680,041, the significance will become apparent. I noted that after block 680,000 a number of transaction from the shielded pool to the transparent pool occurred, all in multiples of 5497.55803888 BTCP. This in itself is not a concern as we all know that transactions that occur after the snapshot height will not exist in the new chain. However, it follows the same patterns as the previous analysis of counterfeit coins, but this time with fewer layers of transactions blurring the trail. These blocks of ~5500BTCP were soon consolidated in to addresses containing between 18–25k BTCP each. This is more of a concern, the counterfeiter is clearly not stupid so why go to the effort of moving coins which will have no value after block 680,000? It is known that exchanges have been informed about the snapshot and they surely wont accept deposits after this time as it exposes them to potential loss. It is clear from the report of a BTCP user that Graviex allowed a deposit after the snapshot and furthermore continued running the chain to satisfy the required 200 confirmations. I found that the last transaction linked to the multiples of 5500 BTCP was in block 680,041 and the chain stopped at block 680,240–200 blocks later. All of the later blocks were mined by the same miner, perhaps keen to ensure that the 200 confirmations were met.
My findings were discussed at length within the BTCP telegram group as well as with some of the veteran contributors and developers. The information was used to contact Graviex to confirm that they had closed deposits at block 680,000. At first they confirmed that there were no deposits after block 680,000 but when presented with the evidence they confirmed that in fact all transactions between block 680,000 and 680,041 were associated with their deposit addresses and had been processed. Bear in mind this happened nearly 12 months ago, and that trading has continued throughout and you perhaps start to see the issue. To be fair to them, Graviex have been very cooperative in providing information and have been transparent about their total BTCP holding and assisting with the investigation. However, as an exchange owner you would surely question the motive of anyone moving coins to your exchange AFTER a declared snapshot, especially in the volumes identified.
This now obviously causes an issue as post snapshot coins will not be credited to Graviex and users that have purchased BTCP over the last 12 months will not be able to be credited any BTCP on the new chain that they may have acquired from the post snapshot coins circulating in Graviex.
Post snapshot coins, under normal circumstances, would be a small risk but in this case a significant amount of coins were deliberately introduced perhaps with the assumption that there was a good chance that the deposit to an exchange would be successful and that the coins could be sold.
Graviex have stated that they closed wallets on the 5th February as requested, but as we know a snapshot is defined by a block height. They have denied receiving email communication on the 31st January 2020 informing them of the snapshot and quite clearly pointing out that transactions after block 680,000 would not be included. They have even denied knowledge of the vulnerability despite extensive communication in November 2019.
Looking back at some of the communications from Graviex, both formal and informal, it appears that Graviex have not acted with malice but have simply not understood the situation and have not managed it successfully. This has left them with significant exposure when supporting the new chain for which they are asking to be compensated. At the time of the snapshot they have confirmed that they held approximately 300,000 BTCP on behalf of users. The 40 blocks post snapshot contained deposits to Graviex (and only Graviex) of around 300,000 BTCP. Graviex have stated they will not support the new chain unless they receive all 600,000 BTCP, 300k from pre snapshot and 300k post snapshot. It has been explained that the entitlement is only the 300k that they held at block 680,000. This sounds like a familiar story…..
