1 changed files with 23 additions and 0 deletions
@ -0,0 +1,23 @@ |
|||
# Verus (VRSC) backdoor |
|||
|
|||
The story of the Verus (https://github.com/veruscoin/VerusCoin) backdoor is fascinating and an example of how users of a cryptocurrency are at the complete whim of the developers of a coin. They must completely trust the developers and anybody who runs the infrastructure or makes binaries/etc. If there is an evil/shady person in that set of people, Very Bad Things Can Happen. |
|||
|
|||
## High Level Explanation |
|||
|
|||
Here we will explain at a high level what motivated this backdoor and how it works, without delving into code. The lead developer Mike Toutonghi (https://github.com/miketout) mined large amounts of VRSC when it was first created. By some circumstances, he lost access to the wallet.dat file containing the funds. He did not want to relaunch the chain, as it causes a lot of work and confusion for users and mining pools/etc. So he decided to backdoor the code of VRSC, a "friendly" backdoor in his own mind, so he could reclaim his funds. |
|||
|
|||
If you are asking yourself, "what stops this from happening again?" or "What if an evil developer takes over control of VRSC?" or "how can we trust him to not do this again?" then you are understanding the slippery slope that this is. |
|||
|
|||
Mike wrote extremely hard-to-find and hard-to-understand code to backdoor VRSC, that even the lead developer of the upstream code didn't notice. VRSC code is a source code fork of KMD, written by jl777. In the process of code auditing KMD code when merging it into HUSH, I noticed something fishy. Some code that looked very suspicious, but I couldn't immediately understand what it was doing. I asked jl777 directly, as I was a KMD core dev at the time, to see if there was something I didn't understand correctly. |
|||
|
|||
What happened next was a bit shocking. jl777, the lead dev and author of most KMD code, did not know what the code did. It seems he had merged code from VRSC without fully auditing it. Then we both delved into how the code worked, like collecting clues to a mystery. In short time we figured out what the code did. |
|||
|
|||
The code allows the owner of a certain address to spend funds *from other addresses* ! That is quite a scary thing. What is even sneakier and scarier is that the address *never appears on a block explorer*! Those two things combined make it quite a sneaky backdoor. Only developers who can read the code would know the backdoor is there, which is exactly what Mike intended. |
|||
|
|||
Mike knew that he did not want anybody else to use his backdoor, only himself. To accomplish this, he found about 700 transactions where his inaccessible addresses received funds. He made his backdoor only able to operate on these past transactions, so the backdoor cannot work for future transactions with unknown transaction id's. Mike did not want to make his backdoor easy to find, so he "encrypted" them (not exactly, he "jumbled" them in a way where it was easy to get the original transaction id, but close enough) and so these transaction id's don't appear in the source code of VRSC. Only the "jumbled" versions of them, which hides the backdoor a bit more. |
|||
|
|||
When myself and jl777 discovered this, I was quite unhappy about it. I started to tell the VRSC community and was immediately asked to leave their Discord. Mike then proceeded to rewrite history and tell people it's not a backdoor, it's a "txid reclaimer" and eventually told new users that he asked older users if it was OK to do such a thing. In reality, there was no consent, Mike did what he wanted and informed users later, when his trick was unveiled. |
|||
|
|||
|
|||
|
|||
|
|||
Loading…
Reference in new issue