# Copyright Infringement of HUSH code This file exists to document the copyright infringement of HUSH code as clearly as possible with as much supporting info as possible, so people can decide for themselves. Any project that infringes on "The Hush Developers" copyright will be listed here. Currently there is one project that severely infringes the copyright of Hush code, which is Pirate. ## What is Copyright Infringement? Copyright infringement is when one project takes code from another project, and maliciously or accidentally changes copyright information and/or mixes code of incompatible copyrights together. In the case of HUSH, our code is GNU Public License Version 3 (GPLv3), which means projects that use non-GPL code cannot (legally) take our code and add it to their project, unless they: * Change their copyright to GPLv3 (or a higher version) * Add copyright disclaimers from "The Hush Developers" ## z\_getbalances RPC Hush wrote a new RPC which does not exist in any other cryptocoin called `z_getbalances` first created on April 13th 2021 in commit https://github.com/hushmirror/hush3/commit/52e14828c8366d28a47d16acff42f64e988669fe then less than a month later the same exact RPC name, with same functionality was added in Pirate commit https://github.com/PirateNetwork/pirate/commit/be114569ec692c41b0af5d6ad84e6acf7da6305f . It adds a new optional argument and is a derived work: https://github.com/hushmirror/hush3/blob/dev/src/wallet/rpcwallet.cpp#L3646 https://github.com/PirateNetwork/pirate/blob/master/src/wallet/rpcwallet.cpp#L4157 ## hush-cli was renamed pirate-cli Very interestingly, in https://github.com/PirateNetwork/pirate/commit/412f5a296165ed7601749383cb4b94a4d8a0a9c5 it can be seen that the `hush-cli` script was renamed `pirate-cli`, and the Hush copyright line was removed and replaced with a Pirate copyright that says "no rights reserved" : ``` #!/bin/bash -# Copyright (c) 2019 Hush developers +# Copyright (c) 2019 PirateChain - no rights reserved # set working directory to the location of this script DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" cd $DIR -NAME=HUSH3 +NAME=PIRATE CLI=${KOMODOCLI:-./komodo-cli} $CLI -ac_name=$NAME "$@" ``` This file no longer exists in their master branch, but is a good example of Pirate blatantly infringing on Hush code copyright. ## TLS Code Pirate seems to have copied huge sections of the TLS code from Hush, including entire files and detailed code comments in certain functions, while also not adding our Copyright disclaimer to their files. Since Pirate is MIT and Hush is GPLv3, mixing this code is incompatible. For instance: https://github.com/hushmirror/hush3/blob/dev/src/hush/tlsenums.h was created in commit https://github.com/PirateNetwork/pirate/commit/a21bf4051094a8ca9c481efd32d706361e8003b5 on Oct 31st 2021 but https://github.com/hushmirror/hush3/blob/dev/src/hush/tlsenums.h was created on Sep 29th 2020 in commit https://github.com/hushmirror/hush3/commit/62f67821ecd801cc26b9f3aa14de8735d6563a0a The files are almost exactly the same, except Hush Copyright lines have been removed, the namespace "hush" was changed to "tls" and whitespace has been added. The exact ordering of elements and exact names of variables is exactly the same. Another fact is that all the filenames in https://github.com/PirateNetwork/pirate/tree/master/src/tls are exactly the same as the filenames in https://github.com/hushmirror/hush3/tree/dev/src/hush yet the Hush files were created over a year prior. Additionally the function threadSocketHandler at https://github.com/PirateNetwork/pirate/blob/master/src/tls/tlsmanager.cpp#L347 is almost exactly the same. The differences are because Hush uses WolfSSL where Pirate uses OpenSSL and logging to a different log category ("net" vs "tls") . The `-tls` CLI option and `-tls=only` argument was added in commit https://github.com/hushmirror/hush3/commit/62f67821ecd801cc26b9f3aa14de8735d6563a0a on Sep 29th 2020 and then appears over a year later in Pirate source code in commit https://github.com/PirateNetwork/pirate/commit/a21bf4051094a8ca9c481efd32d706361e8003b5 Additionally, Hush added the field `tls_connections` to two RPCs: `getinfo` and `getnetworkinfo` and Pirate took this code, and turned the oneliner to a for loop to make it look different, yet it is still a derived work: ``` pirate/src/rpc/net.cpp 515: " \"tls_connections\": xxxxx, (numeric) the number of TLS connections\n" 557: obj.push_back(Pair("tls_connections", sslNode)); pirate/src/rpc/misc.cpp 212: " \"tls_connections\": xxxxx, (numeric) the number of TLS connections\n" 302: obj.push_back(Pair("tls_connections", sslNode)); hush3/src/rpc/net.cpp 506: " \"tls_connections\": xxxxx, (numeric) the number of TLS connections\n" 541: obj.push_back(Pair("tls_connections", (int)std::count_if(vNodes.begin(), vNodes.end(), [](CNode* n) {return n->ssl != NULL;}))); hush3/src/rpc/misc.cpp 219: " \"tls_connections\": xxxxx, (numeric) the number of encrypted TLS (SSL) connections\n" 293: obj.push_back(Pair("tls_connections", (int)std::count_if(vNodes.begin(), vNodes.end(), [](CNode* n) {return n->ssl != NULL;}))); ``` You can also notice they exactly copied the documentation of each RPC, with no changes. In the file `src/net.h` you can see that Pirate copied the exact variable names of the TLS context objects: ``` pirate/src/net.h extern SSL_CTX *tls_ctx_server; extern SSL_CTX *tls_ctx_client; /hush3/src/net.h extern SSL_CTX *tls_ctx_server; extern SSL_CTX *tls_ctx_client; ``` Additionally, these two objects were added at exactly the same place in the file, between the `strSubVersion` and `LocalServiceInfo` struct. https://github.com/PirateNetwork/pirate/blob/master/src/net.h#L226 https://github.com/hushmirror/hush3/blob/dev/src/net.h#L196