BitcoinSV ‘feature’ exploited to store child abuse imagery on the blockchain

A change to the Bitcoin Satoshi’s Vision (BSV) protocol has inadvertently led to child exploitation material being posted to its blockchain, forcing apps and block explorers into actively monitoring the network for illegal content.

This was made possible after community members increased the amount of data accepted in transactions by 450 times (to 100KB), allowing for images, video, and audio to be stored in BSV’s blockchain.

The abhorrent imagery was first discovered on a site that displays files “hosted” by the BSV network. Later investigations revealed the content was “uploaded” with a transaction processed by Money Button , a payment app specific to the BSV network.

“[The website] contacted us suspecting that Money Button may have been used to write the data, since Money Button is a very convenient/easy tool to write data to the [BSV] blockchain,” a spokesperson told Hard Fork. “Sure enough – we checked our database and this criminal did in fact use Money Button.”

“Almost certainly, whoever posted this was trying to prove a point about inserting something illegal into the blockchain, since that content can never be removed,” they added.

BSV’s immutable nature unfortunately means the illegal content will remain hosted by the blockchain (unless it undergoes a hard fork to roll back the unwanted transactions).

“It is not possible to delete things from the blockchain. Block explorers have stopped showing the data in those transactions,” the spokesperson confirmed, which renders the illegal content invisible to the general public.

What is Bitcoin Satoshi Vision?

BSV is one of the blockchains created during the monstrously wasteful Bitcoin Cash hash wars . The recent raising of BSV’s transactional data limit was heralded by its community as the removal of “another limitation to scale Bitcoin.”

It is a fork (of a fork) of Bitcoin. It purports to be closer to the original intention of Bitcoin‘s pseudonymous creator , which SV proponents say has been bastardized since Satoshi Nakamoto’s disappearance.

Much of the disagreement revolves around Bitcoin‘s 1MB block size limit , which Nakamoto imposed (in part) to reduce the threat of spam transactions.

Bitcoin Cash was created by forking Bitcoin to increase that limit to 8MB , and additionally to 32MB shortly after. Bigger blocks are thought to increase the efficiency of the network as usage ramps up.

Big block advocates took that argument one step further last November, when a small community forked Bitcoin Cash to spawn BSV – a blockchain with the dramatically larger block size limit of 128MB.

Curiously, the most recent change that enabled BSV users to send images and video to its blockchain was made without a hard fork.

In fact, the dev who proposed the increase acknowledged the only requirement was to simply convince BSV miners to agree with the new 100KB limit. They noted at least 99 percent of BSV’s hash rate had adopted the change.

nChain says limiting data capacity is not the answer

Hard Fork reached out to nChain, the software firm behind the BSV protocol , to see how it’s responding to the ongoing situation.

CEO Jimmy Nguyen expressed the BSV blockchain is simply a data ledger. As with any platform that stores and transmits data, there is always the chance someone would use the platform to store and transmit illegal content.

“This is nothing unique to BSV. The same is true for the internet, and is true for the Bitcoin, Bitcoin Cash, Ethereum, and other cryptocurrency networks – on which illegal content likely already lives,” alleged Nguyen. “We of course do not encourage nor want illegal content on BSV or any technology platform.”

When asked if nChain had considered possibility of this ugly situation before the transactional data limits were increased, Nguyen responded by stating he was not convinced the problem is solved by reimposing smaller data limits on transactions.

“The answer does not lie in limiting the data capacity of the platform. Instead, responsible service providers operating on the BSV blockchain will take measures to prevent writing to or reading from the blockchain any content that is illegal,” he said, before stating it’s impossible to stop all illegal content from being posted to the internet.

He also described BSV’s ethos to be the encouragement of legally-compliant business action, and urged anyone to “think twice” before trying to add illegal content to its blockchain, as they must digitally sign any data they want to add.

“Those digital signatures are admissible in courts of law to prove possession of illicit material and intent to distribute,” added Nguyen.

The entire BSV ecosystem must be on watch

If the changes to transactional data limits are not rolled back, the burden of censorship and monitoring rests entirely with the services that make up BSV’s network, including miners.

“Since we are a wallet that writes data to the blockchain and reads data from the blockchain, we can moderate our own service,” Money Button’s spokesperson told Hard Fork. “Just because this data was written to an immutable blockchain does not mean we have to host that data, and doesn’t mean we have to allow more data like that to be written to the blockchain through our service.”

Mirroring Nguyen’s comments, Money Button explained if enough businesses make it difficult to write such data to and from the blockchain, it doesn’t exactly matter if the blockchain is immutable. Criminals simply won’t be able to find anybody to write it for them.

“Even miners could refuse to mine this content, although more than likely they will not parse it and will end up pruning it simply for economic reasons, because the miners are not incentivized to store this data,” the spokesperson added.

“If the criminals can’t find anybody to write it to the blockchain for them, then they could mine themselves, but they probably won’t bother.”

While this may sound reassuring, the harsh reality is there now exists a Proof-of-Work blockchain perpetually verifying the existence of child exploitation material, and on a network that prides itself on assuming “Satoshi’s Vision,” no less.

None of the ‘mining phones’ announced at MWC19 actually mine cryptocurrency

Though “foldable phones” and “5G” were undeniably the top buzzwords at this year’s Mobile World Congress (MWC) in Barcelona, there was one minor trend that caught my eyes: “mining phones” – or put elsewise, phones that mine cryptocurrency.

For the uninitiated, mining refers to the process of solving cryptographic puzzles to verify transactions on the blockchain; in return for solving puzzles, miners get rewarded in cryptocurrency.

Due to their difficulty, these puzzles require significant computational resources, which is why miners usually rely on specialized hardware solutions to make the process more efficient. These puzzles also consume a lot of electricity .

In comparison to standard CPUs and GPUs hosed in laptops and PCs, mining hardware tends to be awfully expensive . It also has a much shorter lifespan – sometimes due to the intensity of the mining process, and other times due to changes in blockchain software (known as “ forks “) that make the hardware less efficient .

As you probably already guessed, phones aren’t particularly well-suited for mining. For one, they can’t offer the computational power mining rigs can; neither can they sustain mining for long periods because, well, a phone battery can only get you that far.

But for some reason, blockchain startups at MWC seemed determined to make mining on your phone a thing. But there is a catch: “mining” doesn’t actually mean mining in this case. Or at least, the mining doesn’t happen on the “mining phones” these startups are pushing.

“Mining phones”: an elaborate marketing stunt?

Considering that both Apple and Google recently outlawed on-device mining on iOS and Android, my bullshit radar kicked in: these startups must either be doing something (shady) to bypass the mining ban – or they are bending the definition of “mining.”

In the case of Spanish mobile operator and phone-maker Wings Mobile, it was the latter. The company announced its new Minephone WX phone, what Wings Mobile claims is the “world’s first smartphone that generates Ethereum.”

While there is nothing interesting about a poorly designed phone with mid-range specs, what piqued my curiosity was Wings Mobile’s promise the handset can earn you up to 2 Ethereum each month.

Yes, you heard it right – up to 2 Ethereum a month. At the time of writing, this amounts to about $280. But at the height of the cryptocurrency mania, it would’ve been worth well over $2,000. For context, we tested a (somewhat) specialized Ethereum miner back in 2017, and it only mined about 1 Ethereum per month.

Yet Wings Mobile claims it has developed a device that can generate twice this amount – in a much smaller form factor. Not only that, the Minephone WX purportedly could reach 1,000 MH/s per second. By contrast, the Ethereum miner we tested ran on eight graphic cards and only reached about 200 MH/s.

Wings Mobile says the WX will retail at about $3,300 (€2,900). This might seem like an exorbitant price for a device packing such mid-range specs, but the Spanish phone-maker assures your investment will pay off in the long run, claiming the device could net you a profit of over $10,000 in just three years.

Not only that, Wings Mobile notes Ethereum is projected to spike in value in the years to come.

“The projections concerning the trend of the Etherereum estimate that at the end of 2021 its value will be €5,000,” the company wrote in a pitch deck . “This means that all owners of a MinePhone Wings WX 1000 have a revenue potential of €360,000.”

So how can the Minephone WX mine cryptocurrency at rates much higher than specialized mining hardware, you might ask yourself. Pretty simple: it can’t.

Instead, the mining takes place on a third-party mining pool Wings Mobile intends to build with the revenue its Minephone generates, the company told Hard Fork.

“Mining happens on a pool,” a Wings Mobile rep told my colleague Matthew Hughes at MWC. “We don’t use your device to mine, otherwise the battery would be destroyed in two hours.”

Here’s the trick: when you buy the Minephone WX, you also subscribe to what Wings Mobile calls an “activation mining plan.” The company currently offers four different tiers – starting from 100 MH/s entry-level and going all the way up to a premium of 1,000 MH/s.

Wings Mobile calls this approach to reaching consensus Proof-of-Data; curiously, a Wings Mobile rep we spoke with erroneously referred to it as “Proof-of-Time” before swiftly correcting his mistake.

In Proof-of-Data, “the probability of validating a block is determined by the activated contract (100, 300, 600, 1000) and by the time of internet connection with the pool within 24 hours,” according to a Wings Mobile pitch deck .

While the activation mining plan for the entry tier is free of charge, you will have to shell out a hefty one-off fee to subscribe to the upper tiers. The 1,000MH/s plan costs 13 Ethereum, which currently amounts to over $1,750.

Wings Mobile says each activation plan lasts a period of three years.

For the record, Wings Mobile is not the first company to trial a business model like that.

Indeed, mining contracts – what Wings Mobile essentially calls “activation mining plan” – were a popular trend last year. That is until the market started bleeding and mining pools began losing money. Mining service Genesis Mining recently had to prematurely terminate a slew of user contracts, blaming the bearish market for the abrupt cancellations.

Even worse, Genesis Mining was hardly the only company facing this issue.

For some reason though, Wings Mobile is adamant its model makes sense. Pressed about the longterm sustainability of their business plan, Wings Mobile reps told Hard Fork they remain convinced they will be able to keep their promise to customers.

That remains to be seen, but as history shows – the odds are stacked against it.

Also, Wings Mobile wasn’t the only company boasting mining-enabled phones at MWC. Similarly, cryptocurrency developer Electroneum announced the M1 , its new $80 handset aimed at developing countries.

“ The Electroneum M1 features built-in Cloud Mining which earns it’s owner up to $3 USD worth of ETN (the mobile cryptocurrency) every single month,” the company wrote in a press release.

Unlike Wings Mobile though, Electroneum clearly stated the mining doesn’t take place on the phone. Instead, the “mining” takes place on Electroneum’s mobile app (available for Android and iOS).

“The mining is actually cloud mining, which is conducted in our cloud,” Electroneum head of marketing Conor Doyle told Hard Fork. “Also when we saying mining, it is simulated mining, we are rewarding users for their engagement. As long as the user engages with the app on our regular basis, they receive up to $3 worth of ETN every month.”

So why buy the M1 if you can use the device you already own to “mine?” Doyle explains that M1 owners will get “ preferential mining rates.”

A monthly reward of up to $3 might not seem like much to users in developed countries, but Electroneum says could make a difference to locals in developing regions. “The M1 represents not only a powerful tool for communication, but also a means of financial empowerment for the millions in economically disadvantaged areas,” the company wrote in a press release.

That said, it seems the bigger issue for M1 owners will be finding ways to spend the ETN they’ve earned, as most vendors still don’t support cryptocurrency payments, let alone a little known currency like ETN. Alternatively, they could seek to exchange their ETN on various cryptocurrency exchange services (but that would cost them some extra transaction fees).

“Blockchain phones” at MWC

Mining phones weren’t the only attraction for cryptocurrency enthusiasts attending MWC. There were also “blockchain phones.”

Cryptocurrency issuer Pundi X teased its upcoming XPhone handset – a device it calls “the first blockchain phone.” That is despite the fact there are at least two other “blockchain phones” that have already beat the company to market – Sirin Labs and HTC .

Pundi X still thinks it has rightful claim to “the first blockchain phone” though. “[HTC’s and Sirin Labs’] focus is crypto wallets,” a Pundi X rep told Hard Fork. “The blockchain mode that XPhone offers is beyond financial transactions. It is made to decentralize everything (text, audio, video, images and more) you do on the phone.”

“ We believe there’s no phone in the market yet created for this purpose,” the spokesperson continued. “That’s why we call (if we may) the world first blockchain phone.”

In addition to standard phone features, the XPhone is expected to work as a node – or put in other words, to store a copy of the blockchain network it runs on and occasionally verify transactions. The device will run on Pundi X’s own blockchain called Function X.

A Pundi X spokesperson told Hard Fork that Function X uses a consensus mechanism called “Proof-of-Service,” but unfortunately couldn’t explain how the algorithm really works. What the spokesperson confirmed is that the Function X network will rely on “miners” and “service providers” to validate transactions.

This suggests that the XPhone – which runs on a “dual” operating system partially powered by Android and Pundi X’s own Function X OS – could run into trouble with Google’s on-device mining ban. The company is confident it has a solution for this though.

“ XPhone has dual OS, one is traditional mode and the other is blockchain mode,” a spokesperson explained. “The node functionality comes from the Function X OS. It’s not an app published through Google Play.”

To remind you, HTC too claimed its Exodus 1 handset will operate as a node ahead of launch – a promise the company had to break due to Google’s mining ban. Still, HTC continues to insist future iterations of the Exodus will act as “partial nodes,” whatever this means.

Speaking of HTC, the Taiwanese phone-maker had its own blockchain announcements to make at MWC.

In addition to a new ( not all that useful ) integration with Opera, users will now be able to purchase its cryptocurrency-oriented Exodus 1 handset in fiat. But really, you probably shouldn’t spend $700 on device that’s neither a great phone, nor a great cryptocurrency wallet.

It’s worth pointing out that, prior to this move, HTC promoted the Exodus 1 as the first blockchain phone you can exclusively buy with cryptocurrency. One wonders if this sudden change has anything to do with the fact hardly anyone buys stuff with cryptocurrency these days.

Talking the talk, but not walking the walk

Considering the blockchain industry is notorious for selling unrealistic visions over functional technology , it’s not surprising the trend extended to MWC.

The problem with this strategy is that it quickly backfires when people see the products they were promised are not the products they get.

At the heyday of the initial coin offering (ICO) boom in 2017, tons of blockchain startups put out white papers with ambitious road maps, outlining plans to have millions of users doing pretty much anything with blockchain – from cheap, fast, and secure micro-payments to cold fusion (otherwise known as alchemy) .

But over a year later, these visions are still far from reality. Even worse: there’s hardly any people using blockchain-powered apps (for anything else than gambling, at least).

So excuse me if I roll my eyes, when money-hungry entrepreneurs tell me “mining phones” (that don’t actually mine) are the key to mass adoption: I’ve been lied to one too many times to fall for that.

Want to explore the future of blockchain and cryptocurrency? Check out TNW2019 , our tech conference in Amsterdam on May 9 and 10 – and join the discussion at the Hard Fork track .

Long-serving cryptocurrency exchange forced offline, hackers blamed

One of the internet’s longest serving digital asset exchanges, Cryptopia, claims to have been hit by a debilitating hack.

After a full day of unscheduled maintenance outages, the NZ-based cryptocurrency exchange posted an official statement, explaining it had suffered “a security breach which resulted in significant losses.”

According to Cryptopia, both New Zealand police and its high tech crimes unit are jointly investigating the matter, which they are treating “as a major crime.”

Ominously, $2.4 million was removed from Cryptopia around the same time the outages began, reports CoinDesk , referencing a Twitter account that tracks notable amounts of cryptocurrency to and from exchanges.

A further $1.1 million in small-cap cryptocurrency , Centrality, was moved from the exchange just five minutes later.

For the past year, Cryptopia has seen an average total trade volume of just over a million dollars per day, making those amounts particularly suspicious.

Cryptopia is mostly known for its ridiculous amount of trading pairs, with the most recent data showing 1,095 different digital assets available for trade when it went offline.

If it’s indeed true that this is a major crime, then Cryptopia would be the latest addition to the long list of hacked cryptocurrency exchanges , a group that by halfway through last year had exceeded 30 members .

It would also mark what appears to be the first cryptocurrency exchange hack of the year. Hooray, I guess.

Hunter Jones

Hunter Jones

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *