On February 8, 2018, 15 million Raiblocks, the old native currency of the Nano network, were stolen from BitGrail. Cointelegraph conducted an exclusive interview with Francesco Firano, the founder and operator of BitGrail, to provide insight into the alleged security breach and the theft of more than 150 million USD of XRB

to the Nano team and conducted an interview with Troy Retzer, who oversees the community and public relations of the organization, to better understand the large-scale flight

During the interview with Cointelegraph, Firano asserted that the Nano Development Team accused BitGrail of being insolvent and careless in managing hundreds of millions of dollars of funds. Firano added that the problem came from Nano timestamp technology and that the cryptocurrency blocker was not reliable. Firano said:

"Unfounded and malicious accusations are made by the Nano Development Team." The truth is that their explorer is dated Jan. 19, date of theft. RaiBlocks does not have timestamps on the string, so we can not really know when this has occurred other than on the block explorer, which, as has already shown the private conversation, is totally unreliable. "

However, Troy Retzer explained that on January 19, the date noted by Firano, the Nano blockchain network performed a resynchronization of its nodes, providing each block or transaction missing by January 19 with a timestamp recorded at that time. This means that all transactions or blocks have been accurately recorded, with a timestamp on that date. Retzer tells Cointelegraph:

"On January 19, a resynchronization of the nodes was performed and in this process she picked up the blocks having no time stamp recording and At the time of the transition of the site there were failures in the current script, while we managed the transition of the site of the site. previous administrator to our current administrator.We have received a copy of the old database and have worked for a while to make it work properly on the new server, so many blocks have never been registered before the full synchronization of January 19. Regarding Firano's comment that the Nano team issued malicious accusations against itself and the BitGrail trading platform, Retzer commented that the core team had not received any information from BitGrail and Firano apart from the data that he had publicly published

[19459004"Itisdifficultforustohelpresolvetheserioussituationofunrequestedinformationabouttheextirpation"saidthestatementstatingthatBitgrass'39)hadnotclarifiedthedetailsofthebaselineespeciallythenumberofXRBflightsTheinitialreportsofGroupeBassoonwereashighas17millionbutthereportspublishedinmorethanhalfamillionthsofXRBweredropped

The Nano team also pointed out that it extended to the Italian police in order to cooperate in the investigation. the theft and provide any help needed to analyze the violation of BitGrail.

"Missing Transactions"

On February 15, Firano published a Telegram conversation on his Twitter, in which he claimed that transactions prior to January 19 are missing on the explorer blocks of the Nano network. Firano also stated that the transactions were withdrawn and reinserted at a later date. But, in any public Blockchain, it is not possible to delete data stored in previous blocks, unless the entire Blockchain is compromised and attacked.

pic.twitter.com/IsGS7CWOJh – Francesco The Bomber (@bomberfrancy) February 15, 2018

Even through public attacks as a 51% attack (where a group takes control of half of the hash power of the Blockchain), it is not realistic to modify the stored data historical blocks. In response to such claims, developer Nano Mica Busch wrote:

"A Blockchain, and accounts within a network of blocks, are structures to one way, each refers to the cryptographic signature of its previous block.It is impossible to insert new blocks before a new block.Following this logic, our block browser stores the timestamps at best.Therefore, if a transaction shows a date subsequent to another transaction that follows, we can prove that this transaction took place before the later date and consider the timestamp as erroneous. "

Since Nano is a public blockchain the network and blocks in a blockchain can not be changed, a claim that transactions are missing in the blockchain is probably not valid.

Using Hot Wallet, Bad Security

On October 23, 2017, as the Nano team disclosed in its official statement, a massive amount of XRB was abruptly withdrawn from the exchange of BitGrail cryptocurrency. 1 million XRB has been withdrawn, which equates to nearly $ 10 million based on the current price of XRB at $ 9.82

Although the nature of this transaction remains to be confirmed, it may also be possible that the theft of 15 million XRB tokens was initiated on October 23, beginning with the removal of 1 million XRB

"Specifically, this transaction for a withdrawal of 1 million XRBs is worth $ 15 million. is produced on October 23, 2017, at 01:22 (GMT) according to the BitGrail database timestamp data.You can see from the Explorer data that significant funds have been removed before and after this transaction to report on "bbjn". Firano categorized this transaction on Twitter and in our Telegram conversation as "unauthorized" "says Nano's report on the subject.

The public Nano Blockchain explorer, Nanode, BitGrail has con continued to use a hot wallet to store all of its funds in XRB, which is not secure. Hot Portfolios are managed online and may be vulnerable to attack and security breaches. For example, the Japanese Coincheck, one of the country's largest cryptocurrency exchanges, suffered a $ 530 million hacking attack due to the exchange of funds in hot wallets.

Until December 16, 2017, the BitGrail Rep 1 wallet as the only hot wallet of the BitGrail exchange to store user funds, which is extremely unsafe and dangerous. Once a hot wallet is compromised, all the funds it contains can be lost, especially if there is no security system based on multi-signature technology.

On December 16, the BitGrail Rep 1 wallet was changed BitGrail Rep 2 was changed to a hot wallet, as seen on Nanode

It is not possible to Assert that the BitGrail trading platform has been violated because of poor security measures, unless and until all information regarding the flight is shared seamlessly with the community. But, unlike Coincheck and other large-scale cryptocurrency swaps like Bithumb, BitGrail has not been able to repay its investors and as Firano explained in his interview with Cointelegraph, the company believes that it is "impossible" to repay all its investors Nano

In the end, as an independent company, BitGrail could be held liable for the theft of funds from its customers it turns out that the cause of the 15 million XRB flight on the platform is not due to a Nano Blockchain protocol number.