The Bitgrin.io Takeover

"That which does not kill me can only make me stronger.”

Today, we will delve into the recent Bitgrin.io takeover, how the community reacted and took action to address the situation. We will also clear up the false accusations/statements put forth in Bitgrin.io once the site had been hijacked. All in all, the hijacking of bitgrin.io ended up doing little to no damage to the community. In fact, it was helpful as the new website will now be open-sourced and mirrored in response to the sequence of events. Anyways, here it goes. Enjoy!


Update: The bitgrin.io website now seems to point to a Namecheap parking page. It's unclear why the web designer has taken down the false accusations in favor of a parking page, perhaps this was an attempt to purchase cheap coins, or even a moment of insanity. John has not been in touch with the team since the defacement occurred.

Preamble

As many of you must have noticed, on Saturday July 27, the website http://bitgrin.io was hijacked, its contents were deleted and a series of statements were published. Below is a screenshot of the new copy posted in the bitgrin.io domain, which has since been taken down.

Some Background

When the http://bitgrin.io domain was first registered, it was done so by community member John(name will be censored as there is no need to put this person the spot as he is no longer part of the community). Given that Bitgrin is a more community-centric project, the core dev team encouraged John to lead the efforts to create a website with information about the project.

The website was created and maintained by John for several months; whenever Smaug, Pharazen, or Maty(designer), desired to make a change, they would message John with the specific details and he would execute accordingly.

What Happened?

For reasons which are unknown to us, community member John, decided to rebel against Bitgrin and hijacked the website. He or she deleted the entire website(we have a backup) and made a series of aggressive and fraudulent statements about Bitgrin and its community(which we will delve into soon.)

Following this FUD campaign, a series of community members took the news to twitter in awe of the accusations which are all being addressed in this writeup today.

What Has Been Done To Address The Situation

The community was very quick to react to the situation. Given that “bitgrin.io” is now defunct and suffered a hostile takeover, the core team has migrated their servers and pointed all important info to http://bitgrin.dev while the updated website is published.

As many of you have already heard either in last week’s newsletter or in the Discord/TG channels, a new website redesign is underway. This redesign will be more user-friendly providing a better on-boarding experience for new investors, developers and miners.In addition, the new website will be open-sourced and mirrored. This will make the Bitgrin much more robust, eliminating the central point of failure as the site will have many identical copies spread out across different domain names(Wikipedia does this, as well as many popular torrenting sites). Being open-source, all the code will be up in the Bitgrin GitHub page.

Anti-Fragile.

Bitgrin has been live for over 6 months now and over 1M coins have been mined to date. We’ve seen hashrate grow from 0 to 2k GPS to now around 16k GPS, and community expand significantly as well. All of this has been achieved despite multiple double-spend attacks in the earlier days of the project, verbal attacks from other communities and so on. The project has proven to be anti-fragile and has shown that we are here to stay with the mission of becoming private money for everyone.

Every attack the project has faced has been a lesson and has made us stronger, and this was no exception. In response to this attack, we are now set in motion to open-source the website and create mirror websites to remove the central point of failure aspect of hosting website on a single domain.

We are still very early on. This stage of the project is called the innovator stage, where most of our members are strong believers in the tech and the mission Bitgrin stands for. It is normal for us to go through rough patches in the early days. It is important these things happen so we build a stronger foundation which will help propel this project onwards in its larger phases of its cycle.


Now that we’ve gone over the sequence of events that led to the hijacking of Bitgrin.io, let’s delve into the statements which were made in the site and address them one by one.

1. Developer fee is not locked, the amount is freely available

There have been many concerns around the dev fee. How much is it? Is it really locked, if so what has been the mechanism to do so? Who gets these coins? This week I will write out a detailed post concerning the treasury but I will answer this question here.

The developer fee is about 4% of the total supply; this means 1,000,000 coins will go to the developers of the Bitgrin project.

The developer fee is locked, it is set to 20,833 coins per month; you can read the code for yourself here in L128.

“Also worth noting height locking and reward amount is part of the consensus. Which means it can’t be changed without a hard fork, and nobody would accept that.”

As you can see, the dev fee is locked which makes Statement #1 in bitgrin.io FALSE. All the code is open-source and enforced by consensus, as we like to say in crypto “Don't Trust. Verify.”

2. Developer team consists of 2 people(Pharazen and Smaug). Only one can code. All other dev accounts are just alt accounts and an unknown number of community members are alt accounts.

“We’re a community project. I’m the main tech lead and we have 2 other technical contributors who work on mining software and the pool.” - Pharazen, lead dev

If you go on the Github page for Bitgrin, and verify the commits you will notice that most are done by Pharazen. As Pharazen stated above, he is the main tech lead and there are 2 other contributors working on mining software and the pool. Many of the mining software related commits have been done by Smaug, this can also be verified in the Github with time-stamps.

In no moment did Smaug or any other person mention they were main developers of the project aside from Pharazen in these early stages. The core team aims to expand development team as the project gains more traction and visibility.

Blade Doyle, who runs the pool is not a core Bitgrin contributor, but is responsible for more than 95% of the pool code, and has contributed to Bitgrin as well as Grin. Blade also (as you may know) helps with customer support regarding pool and wallet difficulties.

As for an “unknown number of community members being alt accounts”, we cannot verify this statement, neither can the person who made the accusation.

This second point, is a HALF-TRUTH, but the devs have never hidden the fact that Pharazen was the lead dev, this is not a bad thing.

3. All the people in the inner circle and close to developer team know this(point #2), much likely also @notsofast and @cryptochriscw from twitter who vouched for Bitgrin.

As we've already mentioned, there are no fake developer accounts; there is nothing secret that the people mentioned in this statement know. In the Bitgrin community, there is no inner circle. We are inclusive and encourage everyone to contribute.

As for the people falsely accused in this statement, none are part of any sort of inner circle or are privileged to any sort of information. These are simply people who supported the project early on, they are not “in on anything.”

Therefore this statement made above is pure speculation and FALSE.

4. The dev team has another project called “Blue Protocol”. Pharazen = Unibanker(made a pull to Bitgrin from his account)

This is another speculative attack with no concrete evidence. The claim that a project called Blue Protocol is related to the Bitgrin projects seems to stem from the fact that one of its team members, ECG, is an early miner of Bitgrin. Blue Protocol seems to be one of the many ICO tokens from early 2017, and it's quite clear that their developers likely lack both the skill and interest in PoW coins.

Therefore we can dismiss this statement. But it’s important to emphasize a few things here.

Pharazen is anonymous, no one knows his true identity. Even Smaug, who is part of the core team, does not know the true identity of Pharazen. This is important. Having a dev with no identity, detaches us from specific people in the project and shifts our focus towards the project’s mission; becoming private money for everyone. We’ve seen the power of having an anonymous dev in Bitcoin as Satoshi disappeared, but his vision has stayed alive for years to come. An anonymous dev makes the project uncensorable as there is no company or individual the government could pursue in the event of an attack.

Therefore this statement made above is also speculation and likely FALSE.


Wrap Up

We’ve gone over all the details surrounding the hijacking of Bitgrin.io, I hope this ANN cleared up all the doubts any of you had. In case, there are still some confusion, you can hop over to our Discord or Telegram and chat with the community there.

Onwards!


To stay up-to-date with the Bitgrin community you can continue the conversation at:

Twitter: https://twitter.com/BitGrin

Discord: https://discord.gg/pA3f6k

Telegram: https://t.co/jnKORmesBi

Reddit: https://www.reddit.com/r/xbg

Website: https://bitgrin.dev/

This newsletter is curated by Crypto Gatsby, for the Bitgrin community.