# A Closer Look at the RobbinHood Ransomware

• A Closer Look at the RobbinHood Ransomware
• Interview with Robin Matze, Blockchain Lawyer and Advisor ...
• What is Bitcoin? The Ultimate Guide for Beginners - Blockonomi
• Transaction - explorer.bitcoin.com
• Bitcoin 101 - CoinDesk
##### Dive Into Tendermint Consensus Protocol (I)

This article is written by the CoinEx Chain lab. CoinEx Chain is the world’s first public chain exclusively designed for DEX, and will also include a Smart Chain supporting smart contracts and a Privacy Chain protecting users’ privacy.
longcpp @ 20200618
This is Part 1 of the serialized articles aimed to explain the Tendermint consensus protocol in detail.
Part 1. Preliminary of the consensus protocol: security model and PBFT protocol
Part 2. Tendermint consensus protocol illustrated: two-phase voting protocol and the locking and unlocking mechanism
Part 3. Weighted round-robin proposer selection algorithm used in Tendermint project
Any consensus agreement that is ultimately reached is the General Agreement, that is, the majority opinion. The consensus protocol on which the blockchain system operates is no exception. As a distributed system, the blockchain system aims to maintain the validity of the system. Intuitively, the validity of the blockchain system has two meanings: firstly, there is no ambiguity, and secondly, it can process requests to update its status. The former corresponds to the safety requirements of distributed systems, while the latter to the requirements of liveness. The validity of distributed systems is mainly maintained by consensus protocols, considering the multiple nodes and network communication involved in such systems may be unstable, which has brought huge challenges to the design of consensus protocols.

## The semi-synchronous network model and Byzantine fault tolerance

Researchers of distributed systems characterize these problems that may occur in nodes and network communications using node failure models and network models. The fail-stop failure in node failure models refers to the situation where the node itself stops running due to configuration errors or other reasons, thus unable to go on with the consensus protocol. This type of failure will not cause side effects on other parts of the distributed system except that the node itself stops running. However, for such distributed systems as the public blockchain, when designing a consensus protocol, we still need to consider the evildoing intended by nodes besides their failure. These incidents are all included in the Byzantine Failure model, which covers all unexpected situations that may occur on the node, for example, passive downtime failures and any deviation intended by the nodes from the consensus protocol. For a better explanation, downtime failures refer to nodes’ passive running halt, and the Byzantine failure to any arbitrary deviation of nodes from the consensus protocol.
Compared with the node failure model which can be roughly divided into the passive and active models, the modeling of network communication is more difficult. The network itself suffers problems of instability and communication delay. Moreover, since all network communication is ultimately completed by the node which may have a downtime failure or a Byzantine failure in itself, it is usually difficult to define whether such failure arises from the node or the network itself when a node does not receive another node's network message. Although the network communication may be affected by many factors, the researchers found that the network model can be classified by the communication delay. For example, the node may fail to send data packages due to the fail-stop failure, and as a result, the corresponding communication delay is unknown and can be any value. According to the concept of communication delay, the network communication model can be divided into the following three categories:
• The synchronous network model: There is a fixed, known upper bound of delay $\Delta$ in network communication. Under this model, the maximum delay of network communication between two nodes in the network is $\Delta$. Even if there is a malicious node, the communication delay arising therefrom does not exceed $\Delta$.
• The asynchronous network model: There is an unknown delay in network communication, with the upper bound of the delay known, but the message can still be successfully delivered in the end. Under this model, the network communication delay between two nodes in the network can be any possible value, that is, a malicious node, if any, can arbitrarily extend the communication delay.
• The semi-synchronous network model: Assume that there is a Global Stabilization Time (GST), before which it is an asynchronous network model and after which, a synchronous network model. In other words, there is a fixed, known upper bound of delay in network communication $\Delta$. A malicious node can delay the GST arbitrarily, and there will be no notification when no GST occurs. Under this model, the delay in the delivery of the message at the time $T$ is $\Delta + max(T, GST)$.
The synchronous network model is the most ideal network environment. Every message sent through the network can be received within a predictable time, but this model cannot reflect the real network communication situation. As in a real network, network failures are inevitable from time to time, causing the failure in the assumption of the synchronous network model. Yet the asynchronous network model goes to the other extreme and cannot reflect the real network situation either. Moreover, according to the FLP (Fischer-Lynch-Paterson) theorem, under this model if there is one node fails, no consensus protocol will reach consensus in a limited time. In contrast, the semi-synchronous network model can better describe the real-world network communication situation: network communication is usually synchronous or may return to normal after a short time. Such an experience must be no stranger to everyone: the web page, which usually gets loaded quite fast, opens slowly every now and then, and you need to try before you know the network is back to normal since there is usually no notification. The peer-to-peer (P2P) network communication, which is widely used in blockchain projects, also makes it possible for a node to send and receive information from multiple network channels. It is unrealistic to keep blocking the network information transmission of a node for a long time. Therefore, all the discussion below is under the semi-synchronous network model.
The design and selection of consensus protocols for public chain networks that allow nodes to dynamically join and leave need to consider possible Byzantine failures. Therefore, the consensus protocol of a public chain network is designed to guarantee the security and liveness of the network under the semi-synchronous network model on the premise of possible Byzantine failure. Researchers of distributed systems point out that to ensure the security and liveness of the system, the consensus protocol itself needs to meet three requirements:
• Validity: The value reached by honest nodes must be the value proposed by one of them
• Agreement: All honest nodes must reach consensus on the same value
• Termination: The honest nodes must eventually reach consensus on a certain value
Validity and agreement can guarantee the security of the distributed system, that is, the honest nodes will never reach a consensus on a random value, and once the consensus is reached, all honest nodes agree on this value. Termination guarantees the liveness of distributed systems. A distributed system unable to reach consensus is useless.

## The CAP theorem and Byzantine Generals Problem

In a semi-synchronous network, is it possible to design a Byzantine fault-tolerant consensus protocol that satisfies validity, agreement, and termination? How many Byzantine nodes can a system tolerance? The CAP theorem and Byzantine Generals Problem provide an answer for these two questions and have thus become the basic guidelines for the design of Byzantine fault-tolerant consensus protocols.
Lamport, Shostak, and Pease abstracted the design of the consensus mechanism in the distributed system in 1982 as the Byzantine Generals Problem, which refers to such a situation as described below: several generals each lead the army to fight in the war, and their troops are stationed in different places. The generals must formulate a unified action plan for the victory. However, since the camps are far away from each other, they can only communicate with each other through the communication soldiers, or, in other words, they cannot appear on the same occasion at the same time to reach a consensus. Unfortunately, among the generals, there is a traitor or two who intend to undermine the unified actions of the loyal generals by sending the wrong information, and the communication soldiers cannot send the message to the destination by themselves. It is assumed that each communication soldier can prove the information he has brought comes from a certain general, just as in the case of a real BFT consensus protocol, each node has its public and private keys to establish an encrypted communication channel for each other to ensure that its messages will not be tampered with in the network communication, and the message receiver can also verify the sender of the message based thereon. As already mentioned, any consensus agreement ultimately reached represents the consensus of the majority. In the process of generals communicating with each other for an offensive or retreat, a general also makes decisions based on the majority opinion from the information collected by himself.
According to the research of Lamport et al, if there are 1/3 or more traitors in the node, the generals cannot reach a unified decision. For example, in the following figure, assume there are 3 generals and only 1 traitor. In the figure on the left, suppose that General C is the traitor, and A and B are loyal. If A wants to launch an attack and informs B and C of such intention, yet the traitor C sends a message to B, suggesting what he has received from A is a retreat. In this case, B can't decide as he doesn't know who the traitor is, and the information received is insufficient for him to decide. If A is a traitor, he can send different messages to B and C. Then C faithfully reports to B the information he received. At this moment as B receives conflicting information, he cannot make any decisions. In both cases, even if B had received consistent information, it would be impossible for him to spot the traitor between A and C. Therefore, it is obvious that in both situations shown in the figure below, the honest General B cannot make a choice.
According to this conclusion, when there are $n$ generals with at most $f$ traitors (n≤3f), the generals cannot reach a consensus if $n \leq 3f$; and with $n > 3f$, a consensus can be reached. This conclusion also suggests that when the number of Byzantine failures $f$ exceeds 1/3 of the total number of nodes $n$ in the system $f \ge n/3$ , no consensus will be reached on any consensus protocol among all honest nodes. Only when $f < n/3$, such condition is likely to happen, without loss of generality, and for the subsequent discussion on the consensus protocol, $n \ge 3f + 1$ by default.
The conclusion reached by Lamport et al. on the Byzantine Generals Problem draws a line between the possible and the impossible in the design of the Byzantine fault tolerance consensus protocol. Within the possible range, how will the consensus protocol be designed? Can both the security and liveness of distributed systems be fully guaranteed? Brewer provided the answer in his CAP theorem in 2000. It indicated that a distributed system requires the following three basic attributes, but any distributed system can only meet two of the three at the same time.
1. Consistency: When any node responds to the request, it must either provide the latest status information or provide no status information
2. Availability: Any node in the system must be able to continue reading and writing
3. Partition Tolerance: The system can tolerate the loss of any number of messages between two nodes and still function normally

https://preview.redd.it/1ozfwk7u7m851.png?width=1400&format=png&auto=webp&s=fdee6318de2cf1c021e636654766a7a0fe7b38b4
A distributed system aims to provide consistent services. Therefore, the consistency attribute requires that the two nodes in the system cannot provide conflicting status information or expired information, which can ensure the security of the distributed system. The availability attribute is to ensure that the system can continuously update its status and guarantee the availability of distributed systems. The partition tolerance attribute is related to the network communication delay, and, under the semi-synchronous network model, it can be the status before GST when the network is in an asynchronous status with an unknown delay in the network communication. In this condition, communicating nodes may not receive information from each other, and the network is thus considered to be in a partitioned status. Partition tolerance requires the distributed system to function normally even in network partitions.
The proof of the CAP theorem can be demonstrated with the following diagram. The curve represents the network partition, and each network has four nodes, distinguished by the numbers 1, 2, 3, and 4. The distributed system stores color information, and all the status information stored by all nodes is blue at first.
1. Partition tolerance and availability mean the loss of consistency: When node 1 receives a new request in the leftmost image, the status changes to red, the status transition information of node 1 is passed to node 3, and node 3 also updates the status information to red. However, since node 3 and node 4 did not receive the corresponding information due to the network partition, the status information is still blue. At this moment, if the status information is queried through node 2, the blue returned by node 2 is not the latest status of the system, thus losing consistency.
2. Partition tolerance and consistency mean the loss of availability: In the middle figure, the initial status information of all nodes is blue. When node 1 and node 3 update the status information to red, node 2 and node 4 maintain the outdated information as blue due to network partition. Also when querying status information through node 2, you need to first ask other nodes to make sure you’re in the latest status before returning status information as node 2 needs to follow consistency, but because of the network partition, node 2 cannot receive any information from node 1 or node 3. Then node 2 cannot determine whether it is in the latest status, so it chooses not to return any information, thus depriving the system of availability.
3. Consistency and availability mean the loss of the partition tolerance: In the right-most figure, the system does not have a network partition at first, and both status updates and queries can go smoothly. However, once a network partition occurs, it degenerates into one of the previous two conditions. It is thus proved that any distributed system cannot have consistency, availability, and partition tolerance all at the same time.

The discovery of the CAP theorem seems to declare that the aforementioned goals of the consensus protocol is impossible. However, if you’re careful enough, you may find from the above that those are all extreme cases, such as network partitions that cause the failure of information transmission, which could be rare, especially in P2P network. In the second case, the system rarely returns the same information with node 2, and the general practice is to query other nodes and return the latest status as believed after a while, regardless of whether it has received the request information of other nodes. Therefore, although the CAP theorem points out that any distributed system cannot satisfy the three attributes at the same time, it is not a binary choice, as the designer of the consensus protocol can weigh up all the three attributes according to the needs of the distributed system. However, as the communication delay is always involved in the distributed system, one always needs to choose between availability and consistency while ensuring a certain degree of partition tolerance. Specifically, in the second case, it is about the value that node 2 returns: a probably outdated value or no value. Returning the possibly outdated value may violate consistency but guarantees availability; yet returning no value deprives the system of availability but guarantees its consistency. Tendermint consensus protocol to be introduced is consistent in this trade-off. In other words, it will lose availability in some cases.
The genius of Satoshi Nakamoto is that with constraints of the CAP theorem, he managed to reach a reliable Byzantine consensus in a distributed network by combining PoW mechanism, Satoshi Nakamoto consensus, and economic incentives with appropriate parameter configuration. Whether Bitcoin's mechanism design solves the Byzantine Generals Problem has remained a dispute among academicians. Garay, Kiayias, and Leonardos analyzed the link between Bitcoin mechanism design and the Byzantine consensus in detail in their paper The Bitcoin Backbone Protocol: Analysis and Applications. In simple terms, the Satoshi Consensus is a probabilistic Byzantine fault-tolerant consensus protocol that depends on such conditions as the network communication environment and the proportion of malicious nodes' hashrate. When the proportion of malicious nodes’ hashrate does not exceed 1/2 in a good network communication environment, the Satoshi Consensus can reliably solve the Byzantine consensus problem in a distributed environment. However, when the environment turns bad, even with the proportion within 1/2, the Satoshi Consensus may still fail to reach a reliable conclusion on the Byzantine consensus problem. It is worth noting that the quality of the network environment is relative to Bitcoin's block interval. The 10-minute block generation interval of the Bitcoin can ensure that the system is in a good network communication environment in most cases, given the fact that the broadcast time of a block in the distributed network is usually just several seconds. In addition, economic incentives can motivate most nodes to actively comply with the agreement. It is thus considered that with the current Bitcoin network parameter configuration and mechanism design, the Bitcoin mechanism design has reliably solved the Byzantine Consensus problem in the current network environment.

## Practical Byzantine Fault Tolerance, PBFT

It is not an easy task to design the Byzantine fault-tolerant consensus protocol in a semi-synchronous network. The first practically usable Byzantine fault-tolerant consensus protocol is the Practical Byzantine Fault Tolerance (PBFT) designed by Castro and Liskov in 1999, the first of its kind with polynomial complexity. For a distributed system with $n$ nodes, the communication complexity is $O(n2$.) Castro and Liskov showed in the paper that by transforming centralized file system into a distributed one using the PBFT protocol, the overwall performance was only slowed down by 3%. In this section we will briefly introduce the PBFT protocol, paving the way for further detailed explanations of the Tendermint protocol and the improvements of the Tendermint protocol.
The PBFT protocol that includes $n=3f+1$ nodes can tolerate up to $f$ Byzantine nodes. In the original paper of PBFT, full connection is required among all the $n$ nodes, that is, any two of the n nodes must be connected. All the nodes of the network jointly maintain the system status through network communication. In the Bitcoin network, a node can participate in or exit the consensus process through hashrate mining at any time, which is managed by the administrator, and the PFBT protocol needs to determine all the participating nodes before the protocol starts. All nodes in the PBFT protocol are divided into two categories, master nodes, and slave nodes. There is only one master node at any time, and all nodes take turns to be the master node. All nodes run in a rotation process called View, in each of which the master node will be reelected. The master node selection algorithm in PBFT is very simple: all nodes become the master node in turn by the index number. In each view, all nodes try to reach a consensus on the system status. It is worth mentioning that in the PBFT protocol, each node has its own digital signature key pair. All sent messages (including request messages from the client) need to be signed to ensure the integrity of the message in the network and the traceability of the message itself. (You can determine who sent a message based on the digital signature).
The following figure shows the basic flow of the PBFT consensus protocol. Assume that the current view’s master node is node 0. Client C initiates a request to the master node 0. After the master node receives the request, it broadcasts the request to all slave nodes that process the request of client C and return the result to the client. After the client receives f+1 identical results from different nodes (based on the signature value), the result can be taken as the final result of the entire operation. Since the system can have at most f Byzantine nodes, at least one of the f+1 results received by the client comes from an honest node, and the security of the consensus protocol guarantees that all honest nodes will reach consensus on the same status. So, the feedback from 1 honest node is enough to confirm that the corresponding request has been processed by the system.

https://preview.redd.it/sz8so5ly7m851.png?width=1400&format=png&auto=webp&s=d472810e76bbc202e91a25ef29a51e109a576554
For the status synchronization of all honest nodes, the PBFT protocol has two constraints on each node: on one hand, all nodes must start from the same status, and on the other, the status transition of all nodes must be definite, that is, given the same status and request, the results after the operation must be the same. Under these two constraints, as long as the entire system agrees on the processing order of all transactions, the status of all honest nodes will be consistent. This is also the main purpose of the PBFT protocol: to reach a consensus on the order of transactions between all nodes, thereby ensuring the security of the entire distributed system. In terms of availability, the PBFT consensus protocol relies on a timeout mechanism to find anomalies in the consensus process and start the View Change protocol in time to try to reach a consensus again.
The figure above shows a simplified workflow of the PBFT protocol. Where C is the client, 0, 1, 2, and 3 represent 4 nodes respectively. Specifically, 0 is the master node of the current view, 1, 2, 3 are slave nodes, and node 3 is faulty. Under normal circumstances, the PBFT consensus protocol reaches consensus on the order of transactions between nodes through a three-phase protocol. These three phases are respectively: Pre-Prepare, Prepare, and Commit:
• The master node of the pre-preparation node is responsible for assigning the sequence number to the received client request, and broadcasting the message to the slave node. The message contains the hash value of the client request d, the sequence number of the current viewv, the sequence number n assigned by the master node to the request, and the signature information of the master nodesig. The scheme design of the PBFT protocol separates the request transmission from the request sequencing process, and the request transmission is not to be discussed here. The slave node that receives the message accepts the message after confirming the message is legitimate and enter preparation phase. The message in this step checks the basic signature, hash value, current view, and, most importantly, whether the master node has given the same sequence number to other request from the client in the current view.
• In preparation, the slave node broadcasts the message to all nodes (including itself), indicating that it assigns the sequence number n to the client request with the hash value d under the current view v, with its signaturesig as proof. The node receiving the message will check the correctness of the signature, the matching of the view sequence number, etc., and accept the legitimate message. When the PRE-PREPARE message about a client request (from the main node) received by a node matches with the PREPARE from 2f slave nodes, the system has agreed on the sequence number requested by the client in the current view. This means that 2f+1 nodes in the current view agree with the request sequence number. Since it contains information from at most fmalicious nodes, there are a total of f+1 honest nodes that have agreed with the allocation of the request sequence number. With f malicious nodes, there are a total of 2f+1 honest nodes, so f+1represents the majority of the honest nodes, which is the consensus of the majority mentioned before.
• After the node (including the master node and the slave node) receives a PRE-PREPARE message requested by the client and 2f PREPARE messages, the message is broadcast across the network and enters the submission phase. This message is used to indicate that the node has observed that the whole network has reached a consensus on the sequence number allocation of the request message from the client. When the node receives 2f+1 COMMIT messages, there are at least f+1 honest nodes, that is, most of the honest nodes have observed that the entire network has reached consensus on the arrangement of sequence numbers of the request message from the client. The node can process the client request and return the execution result to the client at this moment.
Roughly speaking, in the pre-preparation phase, the master node assigns a sequence number to all new client requests. During preparation, all nodes reach consensus on the client request sequence number in this view, while in submission the consistency of the request sequence number of the client in different views is to be guaranteed. In addition, the design of the PBFT protocol itself does not require the request message to be submitted by the assigned sequence number, but out of order. That can improve the efficiency of the implementation of the consensus protocol. Yet, the messages are still processed by the sequence number assigned by the consensus protocol for the consistency of the distributed system.
In the three-phase protocol execution of the PBFT protocol, in addition to maintaining the status information of the distributed system, the node itself also needs to log all kinds of consensus information it receives. The gradual accumulation of logs will consume considerable system resources. Therefore, the PBFT protocol additionally defines checkpoints to help the node deal with garbage collection. You can set a checkpoint every 100 or 1000 sequence numbers according to the request sequence number. After the client request at the checkpoint is executed, the node broadcasts messages throughout the network, indicating that after the node executes the client request with sequence number n, the hash value of the system status is d, and it is vouched by its own signature sig. After 2f+1 matching CHECKPOINT messages (one of which can come from the node itself) are received, most of the honest nodes in the entire network have reached a consensus on the system status after the execution of the client request with the sequence numbern, and then you can clear all relevant log records of client requests with the sequence number less than n. The node needs to save these2f+1 CHECKPOINTmessages as proof of the legitimate status at this moment, and the corresponding checkpoint is called a stable checkpoint.
The three-phase protocol of the PBFT protocol can ensure the consistency of the processing order of the client request, and the checkpoint mechanism is set to help nodes perform garbage collection and further ensures the status consistency of the distributed system, both of which can guarantee the security of the distributed system aforementioned. How is the availability of the distributed system guaranteed? In the semi-synchronous network model, a timeout mechanism is usually introduced, which is related to delays in the network environment. It is assumed that the network delay has a known upper bound after GST. In such condition, an initial value is usually set according to the network condition of the system deployed. In case of a timeout event, besides the corresponding processing flow triggered, additional mechanisms will be activated to readjust the waiting time. For example, an algorithm like TCP's exponential back off can be adopted to adjust the waiting time after a timeout event.
To ensure the availability of the system in the PBFT protocol, a timeout mechanism is also introduced. In addition, due to the potential the Byzantine failure in the master node itself, the PBFT protocol also needs to ensure the security and availability of the system in this case. When the Byzantine failure occurs in the master node, for example, when the slave node does not receive the PRE-PREPARE message or the PRE-PREPARE message sent by the master node from the master node within the time window and is thus determined to be illegitimate, the slave node can broadcast to the entire network, indicating that the node requests to switch to the new view with sequence number v+1. n indicates the request sequence number corresponding to the latest stable checkpoint local to the node, and C is to prove the stable checkpoint 2f+1 legitimate CHECKPOINT messages as aforementioned. After the latest stable checkpoint and before initiating the VIEWCHANGE message, the system may have reached a consensus on the sequence numbers of some request messages in the previous view. To ensure the consistency of these request sequence numbers to be switched in the view, the VIEWCHANGE message needs to carry this kind of the information to the new view, which is also the meaning of the P field in the message. P contains all the client request messages collected at the node with a request sequence number greater than n and the proof that a consensus has been reached on the sequence number in the node: the legitimate PRE-PREPARE message of the request and 2f matching PREPARE messages. When the master node in view v+1 collects 2f+1 VIEWCHANGE messages, it can broadcast the NEW-VIEW message and take the entire system into a new view. For the security of the system in combination with the three-phase protocol of the PBFT protocol, the construction rules of the NEW-VIEW information are designed in a quite complicated way. You can refer to the original paper of PBFT for more details.

VIEWCHANGE contains a lot of information. For example, C contains 2f+1 signature information, P contains several signature sets, and each set has 2f+1 signature. At least 2f+1 nodes need to send a VIEWCHANGE message before prompting the system to enter the next new view, and that means, in addition to the complex logic of constructing the information of VIEWCHANGE and NEW-VIEW, the communication complexity of the view conversion protocol is $O(n2$.) Such complexity also limits the PBFT protocol to support only a few nodes, and when there are 100 nodes, it is usually too complex to practically deploy PBFT. It is worth noting that in some materials the communication complexity of the PBFT protocol is inappropriately attributed to the full connection between n nodes. By changing the fully connected network topology to the P2P network topology based on distributed hash tables commonly used in blockchain projects, high communication complexity caused by full connection can be conveniently solved, yet still, it is difficult to improve the communication complexity during the view conversion process. In recent years, researchers have proposed to reduce the amount of communication in this step by adopting aggregate signature scheme. With this technology, 2f+1 signature information can be compressed into one, thereby reducing the communication volume during view change.

# Nebulas Technical White Paper Review January 20, 2018

## Whitepaper version: 1.0 September, 2017.

Built on ground-breaking innovation, Nebulas brings blockchain technology into the 3rd generation.
Nebulas offers two different white papers; while the first is a basic overview, the second is technical.
The technical white paper describes the specifics of the project, and with each part broken down into details, it is not only quite long, it is also considered one of the most technical white paper of any blockchain technology to date. Although detailed information provides transparency and answers questions, many people are finding it difficult to comprehend.
No doubt, most investors are looking for the next hot coin that will provide a good pay day! While I believe that Nebulas can provide just that, I also feel that it is always important to understand what you are investing in. If you take the time to read everything carefully, Nebulas’ technical white paper shows the entire system in its final glory!
Therefore, the comments below compile my analysis of the technical white paper (in combination with other reliable sources). I will also do my best to include the page where you can find these facts in the technical white paper. Therefore, I suggest that rather than taking my word for it, read it for yourself.
Based on pros and cons, let’s break down the primary elements of Nebulas:

# Nebulas Rank (NR)

Nebulas Rank (NR) will be the first to integrate search engine capability into blockchain. In other words, Nebulas Rank is the protocol responsible for making search engine a viable element in the blockchain. Right off the bat, let’s address an important question, "What good is a ranking system inside a blockchain?"
Currently, there is no way to search the blockchain for meaningful data (other than simple transactions), and, therefore, it’s impossible to find dApps or locate smart contracts. If this doesn’t sound like a big deal, imagine trying to search the internet without google or some other search engine – it would be impossible!
Just as the first internet search engine evolved the internet into what it is today, the first blockchain search engine will inevitably evolve blockchain. Not only a stepping stone for the future of blockchain, we’re talking about a new foundation for blockchain technology.
By providing a blockchain search engine, the Nebulas Ranking system will allow users to locate quality dApps (decentralized apps) and smart contracts. For example, let’s say that you are looking for a dApp like CryptoKitties. No doubt, there could be dozens of similar apps. So, based on multiple data resources, such as blockchain activity, github activity, and even google search history, the ranking algorithm (NR) orders similar apps, and then lists them in a manner that the user can evaluate and select.

#### Now, can you see why Nebulas is being compared to google?

But, this is only the beginning…. Nebulas Rank is also interwoven into the Developer Incentive Protocol (DIP) and the Proof of Devotion (PoD) Consensus Algorithm. Without Nebulas Rank, these other two elements could not operate as the white paper states.
Based on the current white paper, let’s spotlight some potential negatives about the Nebulas Rank(NR) protocol. However, also keep in mind that these potential issues could be completely eliminated as the project develops (thanks to Nebulas Force – more on this later).

### Now the potential negative:

• The search engine will be centralized.[i] While I would prefer a decentralized system to search data, there is a huge technological barrier to accomplish this task presently. Due to databases and data feeds, web pages are constantly changing, and even ads randomly change, and this makes a decentralized search engine a huge undertaking. Imagine if multiple computers have to search all data points and agree on specific data. Not only would it be impossible to form a consensus, it would also take incredible power and bandwidth.
• The search engine will update weekly and be placed into the blockchain.[ii] You may not realize it, but most pages on google are not indexed daily or even weekly. Only the most active pages are crawled often – some are even crawled every few minutes. I know you might think, "Hey, it’s 2018 and I want real time information," but technology is just not there yet. If search data was consistently updated in the Nebulas blockchain, the blockchain would be extremely bloated, and, therefore, real time data is technically illogical at this time.
However, while the white paper describes the search engine being centralized, it also says "In current stage..." Thereby indicating that Nebulas developers have a better solution in the long run. Perhaps a sidechain just for searching? The white paper also states that "the complete code for searching backend is available to the community and third-party developers can create their own searching services on this basis." Hopefully, this will keep the ranking honest.
Since the Nebulas blockchain is based on the Nebulas Rank (NR) system, now that we have highlighted the most important aspects of Nebulas Rank (NR), we can dive deeper into specific functions.

# Proof of Devotion (PoD) Consensus Algorithm

In the cryptocurrency world, Proof of work (PoW) means mining. While damaging to the environment, few can argue that this is a terrible waste of natural resources. As an alternative, the cryptocurrency world also has Proof of Stake (PoS). Proof of Stake allows token/coin holders to stake (aka hold un-spendable tokens), and to be rewarded with more tokens when they create a new block. For example, if there are 100 people staking and there are 100 new blocks per hour, every stake will, on average, receive one block reward per hour.
While better for the environment, Proof of Stake creates an imbalance where major coin holders (aka whales) are rewarded with even more coins, and this allows "whales" to stake even more coins (this means that there could be a potential to monopolize the system).
Now, Nebulas brings us Proof of Devotion (PoD)[iii]. As far as I know, there is currently nothing like this in blockchain technology (nor ready to be released). Proof of Devotion essentially awards developers who make awesome things (such as dApps) on the Nebulas blockchain.
If you develop an dApp that’s performing well on the Nebulas network, you will have the option to be a validator (aka validate submitted transactions), and, in return, receive token rewards from the blockchain. To be a validator, you will need to stake (deposit) X amount of tokens. Then, multiple validators (per transaction) will have to agree on the result[iv], and, each will be rewarded 1.5x the amount staked.
The generation of new blocks[v] will be carried out by "highly important" accounts that Nebulas Rank (NR) calculates. As stated in the whitepaper, "PoD empowers the selected accounts to have the bookkeeping right with equal probability to participate in new block generation in order to prevent tilted probability that may bring about monopoly".
The bottom line... when it comes to Proof of Devotion, why use Ethereum to create a dApp when you can create the same dApp on Nebulas and make a profit? Needless to say, this is a huge incentive for developers to make dApps on the Nebulas network, and, consequently, it will increase the value of the network. Furthermore, since Nebulas will provide developer tools, it will be easier to create dApps.

### Now the potential negative:

• Although Proof of Devotion gives new developers the potential to profit greatly, it also favors top developers. For example, Gifto[vi] just announced that they will launch on the Nebulas network. At least in the beginning, Gifto will be a powerful contender for other dApp creators.
Because it inspires developers to create awesome dApps, and, at the same time, profit directly from blockchain, I personally love this idea! No longer will dApp creators require insane ICO’s nor will they need some other stream of revenue. However, participating in PoD does not stop developers from benefiting from other income streams. Truly groundbreaking!

# Developer Incentive Protocol (DIP)

Not only can Proof of Devotion give incentive to developers, quality developers will also receive extra coins/tokens for their hard work. Based on Nebulas Rank(NR), Nebulas will use an algorithm for reward distribution[vii]. The rewards will be automatically distributed to the smart contract cash-out address every 7 days.
There is really nothing negative to add to this. It’s truly a powerful incentive!

# Nebulas Force (NF)

Who needs hard forks? Nebulas Force will allow developers to introduce new features/protocols into the Nebulas blockchain without a fork. The Nebulas white paper calls it "Self-evolving blockchain technology" but I don’t believe this is quite correct. Rather than being self-evolving, it is actually community driven! Because this will build the blockchain community, in my opinion, this is even better!
With other blockchains for example, if a developer has an awesome idea for a dApp but it needs a new protocol that does not exist on any blockchain, the developer would have to centralize the dApp or chuck it altogether.
With Nebulas, new ideas can be developed, and if they provide positive contribution, the Nebulas community (Nebulas token holders) can vote on and approve changes to the network protocol. Once approved, Nebulas developers can add the new protocol into the Nebulas blockchain. Perhaps, further in the development, sub-chains will also support new protocols for full implementation.

Revolutionary for blockchain, Nebulas Force will include upgradable smart contracts[viii]. Why is this important? Well, due to bugs in smart contracts, investors can lose funds in any blockchain network that uses smart contracts. Once submitted to the blockchain, nothing can be done to fix the bugs, and, as a result, tens of millions of dollars have already been lost.
Nebulas plans to overcome this problem through the implementation of upgradable smart contracts. In a nutshell, token holders will vote on proposed changes (to fix specific bugs), and when the overall vote is affirmative, bugs can be eliminated at any time. By saving investors millions, it will restore lost confidence!

### Now the potential negative:

• The Nebulas protocol is only modifiable by the Nebulas core developers. Although this is not really a negative, I would not call it "self-evolving". If you look at Bitcoin, there is a handful of developers responsible for source code, and, subsequently, the source code for all alt coins that use Bitcoin core in some capacity (such as LTC, BCC, BTG, DOGE, etc…)
• The protocol updates will be applied via a hard coded signature into the genesis block[ix] and this means that there is a potential for network compromise.
• Although there are some ethical issues with modifying smart contracts, overall, it is a great idea! Since token holders will have to vote on any changes, there could be an issue with whales (monopoly owners) controlling contracts.
Even with the negatives, this is a powerful feature.

# The above includes Nebulas’ most innovative features, and although these features stand out, there is even more to Nebulas:

### Anti-cheating algorithms[x]

To ensure fairness, the above protocols contain anti-cheating algorithms that are manipulation resistant, and, if someone is found trying to cheat, there are penalties.

### Smart contracts almost anyone can write![xi]

Nebulas will support smart contracts written in Javascript, Python, Java and more! And this means that any coder can create a logical contract!

### Full voting protocol[xii]

Since Nebulas includes a full voting protocol in the blockchain, you and I, as token holders, can help decide the direction of Nebulas. As an example, the coin "Decred[xiii]" also has a voting system; giving end-users a voice keeps them engaged.

### Domain Name Service[xiv]

Although blockchain users are accustomed to "please send funds to: 0x488B2630CEdB5Bfd5e02c33A3653227170743357", it’s simply not logical. If you miss a letter, change a number, or simply enter an address incompletely, funds are sent into the abyss - forever. To correct this inherent problem, Nebulas will implement the use of "meaningful names." For instance, using a meaningful name, your Nebulas address could be "Rick_Sanchez.me." Users will have the opportunity to bid for requested names, and renew yearly - just like a web based domain name.

### Lightning Network[xv]

As many of you probably already know, bitcoin can now use a Lightning Network. This will allow multiple small transactions to be signed without clogging up the blockchain and memory pool. It keeps an open ledger between two entities and can be closed at any time by either party, resulting in one transaction on the network instead of potentially dozens or hundreds.If the Bitcoin network started with the Lightning Network, it would currently be able to handle all transactions per second without any problems. Without the Lightening Network, Bitcoin can only handle 7~ transactions per second (and usually less). With the Lightening Network initially in place, the Nebulas network will be able to handle the required transactions and close the lightning ledgers when requested by users. It would also not cost $20.00++ to send$5.00 nor would it take an hour. I won’t get into the ludicrous prices of Bitcoin transactions fees and how we got here, but if you don’t know much about it, you should learn more. As an important feature of Nebulas, the Lightning Network will provide quick and cheap transactions.

### High Strength Encryption

Nebulas uses SHA3-256 encryption. Although you won’t find this in the white paper, SHA3-256 is Highly Quantum Resistant[xvi] - research it yourself. Why is this so important? Well, as an inevitable evolution of quantum computing, previous generations of encryption will be rendered inadequate, and, consequently, susceptible to decryption of private keys. Basically, this means that once quantum computers are developed, you can lose your money in a non-quantum resistant blockchain. Since Quantum Resistance is a very important feature, many new coins (such as the QRL coin[xvii]) are being intentionally created for this purpose.

Directly from the white paper[xviii]; "The Nebulas network has its own built-in token, NAS. NAS plays two roles in the network. First, as the original money in the network, NAS provides asset liquidity among users, and functions as the incentive token for PoD bookkeepers and DIP. Second, NAS will be charged as the calculation fee for running smart contracts. The minimum unit of NAS is 10−18 NAS." If interested, the white paper goes into detail. If you question the purpose of NAS, simply ask yourself, "What role does ETHER play in the Ethereum network?" As of this writing, ETHER’s current price is $1098.00USD – and that’s not even it’s high. I believe that common sense indicates the potential value of the NAS coin! ### Nebulas will have a maximum of 100,000,000 tokens Many of the top 10 cryptocurrencies will distribute coins/tokens in the tens of billions, and, in fact, Ethereum will have an indefinite amount (albeit, they will taper off in time). However, when there are significantly less coins/tokens, the value of each increases. Treasure each NAS token! ### A web-based playground for developer tools[xix] To help developers create smart contracts easier and faster, Nebulas will offer developer tools. Nebulas will also support multiple IDE’s. Although the list of features and functions goes on, this should give you an overview of what the Nebulas network can do, how it can evolve blockchain technology, and why it will be a very attractive option for future dApps. Having said all this, please be clear, it is not financial advice. Also, keep in mind that the above statements are based on my analysis of the white paper (version: 1.0 September, 2017), but this is not to say that the developers don’t have a different perspective. With that being said, Nebulas staff and co-founder, Robin Zhong, actively responds to questions in their Slack channel. This leads us to a review of the Nebulas team. ### The Nebulas Team When looking at a new, and yet to be released, project, it’s not only important to understand the innovation, it’s also important to understand the team behind the innovation. Although not the largest team, the developers are highly educated with real blockchain experience. In fact, many have worked at Google, IBM, Alibaba, Alibaba financial, Airbnb, etc… Additionally, two Nebulas founders previously co-founded the NEO coin (formerly Antshares) which on January 20, 2018 trades at$140.00 (not even its high) per coin/token.
No doubt, the team is influential in past, current and future blockchain innovation. In fact, playing a huge part in bringing blockchain to China, Hitters Xu created Bitsclub, and many other team members started blockchain communities. If you have not yet learned about the team, I strongly suggest you do. Check out their LinkedIn pages and also look at the developers Githubs.

#### Full disclosure:

As a fellow investor and fan of blockchain technology, I got into the crypto world in 2012. Since then, I have mined, traded, and even created an arbitrary trading system. My portfolio includes dozens of different types of tokens/coins. My focus is on innovation rather than "rinse and repeat."
I first learned about Nebulas in the beginning of January 2018. After reading the technical white paper multiple times and fully understanding Nebulas (what it is and what it’s not), I confidentially purchased NAS (ERC-20) tokens.
As with any great blockchain, Nebulas will not be the last, but it is a crucial step to the next generation of blockchain innovation! Without doubt, I see the true potential of blockchain technology, and, if you ask me, Nebulas is an amazing short, medium and long term project, and I’m excited about the future!
To quote a Nebulas founder, "Ask not what blockchain can do for you, ask what you can do for blockchain..." - Hitters Xu

## Quick Update (January 31, 2018)

For full transparency, I wanted to add that I have been asked by the Nebulas Team Reddit manager if I would be willing to be a moderator of the Nebulas subreddit. I told them that I would happy to continue helping the community and accepted. There is no extra benefit to me and does not change my opinion about Nebulas. I look forward to continuing helping the community!

## References

i: Pg 41 – 6.2
ii: Pg 24 – Last bullet point
iii: Pg 34 - 5.3.1
iv: Pg 35 – 3.3.3
v: Pg 34 – 5.3.1
vi: Visit https://gifto.io/ for more info – Watch the video for an example of what Nebulas will do.
vii: Pg30 – 4.2
viii: Pg 27 – 3.3.2
ix: Pg 26 – Paragraph2
x: Many locations – There are many parts of the white paper that talk about anti-cheating in different capacities.
xi: Pg 26 – 3.3.1
xii: Many locations – There are many parts of the white paper that talk about voting in different capacities.
xiii: Visit https://decred.org/ for more information. For full disclosure, I do own DCR and stake them.
xiv: Pg 45 – 7.1
xv: Pg 45 – 7.2
xvii: Visit https://www.theqrl.org for more information. And yes, for full disclosure, I like this project as well, and have invested post ICO.
xviii: Pg 47 - 8
xix: Pg 46 – 7.3

##### Coinbase just revealed their new listing checklist, let's check how Nimiq does

https://listing.coinbase.com/policy#coinbase-mission-values
Open Financial System
Open financial system is defined as being available to everyone and not controlled by a single entity.
✔︎ Pretty easy
Innovation or Efficiency Gains
New or improved technology which helps solve a problem, creates a new market, addresses an unmet market need, or creates value for network participants.
✔︎ Again, pretty easy, Nimiq is bringing a huge leap forward in terms of accessibility and integration of cryptocurrencies.
Economic Freedom
A measure of how easy it is for members of a society to participate in the economy. The technology enables individuals to have more control over their own wealth and property, or the freedom to consume, produce, invest, or work as they choose.
✔︎ Basic requirement of any real cryptocurrency, easily fulfilled by Nimiq.
Equality of Opportunity
This technology is accessible to use by anyone with a smartphone or access to the internet. It contributes to the broader mission of building the on-ramps to Finance 2.0.
✔︎ Nimiq is the most accessible crypto on the market right now, you don't even have to install something to begin using it or mining it.
Decentralization
The network is public, decentralized, and enables trustless consensus.
〜 The architecture of Nimiq is decentralized however the hashrate is clearly not right now.
Security & Code
Assessment of engineering and product quality.
✔︎ Nimiq team has done everything it could to ensure the quality control of the code.
Source Code
Open-source code, well-documented peer-review, and testing by contributors separate from the initial development team on GitHub, etc.
〜 Of course Nimiq is open-source but the documentation is still weak, the good thing is that it's being redone.
Prototype
There is a working alpha or beta product on a testnet or mainnet.
✔︎ Well, the Nimiq Network is live.
Security & Code
Demonstrable record of responding to and improving the code after a disclosure of vulnerability, and a robust bug bounty program or third party security audit.
✔︎ Nimiq team has set a bug bounty program and has been very transparent on the issue of the 25th.
Team
Assessment of short-term operating expectations and decision making.
✔︎ You can even see them on video hehe.
Able to articulate vision, strategy, use cases or drive developmental progress. Has a track record of demonstrable success or experience. If information is available, Coinbase will apply "know your client" standards to publicly visible founders or leaders.
✔︎ The profiles of the team are all known and easily checked.
Engineering
Assessment of the engineering team and their track record of setting and achieving deadlines.
✔︎ They released the product which is a damn good track record in a sector full of vaporwares.
History of interacting with the community, setting a reasonable budget and managing funds, and achieving project milestones. Thoughtful cash management is a key driver of the project's long term viability.
✔︎ There has been some "lean" periods in terms of communication but overall the team has never stopped interacting with us. When it comes to cash management the dev team should be a model for everyone else with its last transparency report.
Specialized Knowledge and Key People
The project leadership is not highly centralized or dependent on a small number of key persons. Specialized knowledge in this field is not limited to a small group of people.
〜 Let's be honest: it is right now, that said the project protocol isn't even 6 months old.
Governance
Assessment of long-term operating expectations and decision making.
✔︎ Nimiq has a foundation.
Consensus Process
There is a structured process to propose and implement major updates to the code, or there is a system or voting process for conflict resolution.
✔︎ Well it's like Bitcoin, node operators decide whether they want or not to follow an update.
Future Development Funding
There is a plan or built-in mechanism for raising, rewarding, or allocating funds to future development, beyond the funds raised from the ICO or traditional investors.
✔︎ Yes, see the intended use of fund.
White Paper
Justifies the use case for a decentralized network and outlines project goals from a business and technology perspective. While a white paper is important for understanding the project, it is not a requirement.
〜 There is the "high level" whitepaper of the ICO however it doesn't really explain in detail how Nimiq works.
Scalability
Assessment of a network's potential barriers to scaling and ability to grow and handle user adoption.
✔︎ Like pretty much every project, that's what Robin is currently working on by the way.
Clear timeline with stages of development, reasonable project milestones, or built-in development incentives.
✔︎ We should have the roadmap soon™️.
Network Operating Costs
The barriers to scaling the network have been identified, or solutions have been proposed or discussed. The resource consumption costs for validators and miners are not the main deterrents to participation.
✔︎ Yes, the team has been considering second layer solutions like Lightning Network or Liquidity Network.
Practical Applications
There are examples of real-world implementation or future practical applications.
✔︎ The new Nimiq shop is a great example of it.
Type of Blockchain
The asset is a separate blockchain with a new architecture system and network, or it leverages an existing blockchain for synergies and network effects
✔︎ Both in fact, Nimiq is a whole new blockchain built from scratch in Javascript and Rust + it's using HTLC/atomic swap to interact with Ethereum.
Regulation
Can Coinbase legally offer this asset?
✔︎ I'm not a lawyer but I guess it can
US Securities Law
The asset is not classified as a security using Coinbase's Securities Law Framework.
〜 Hard to say, they have this checklist and the fact that some NIM were given against NET which were distributed through an ICO makes it kind of blurry
Compliance Obligations
The asset would not affect Coinbase or Coinbase's ability to meet compliance obligations, which include Compliance Obligations, Anti-Money Laundering (AML) program and obligations under government licenses in any jurisdiction (e.g. Money Transmitter Licenses).
✔︎ Conversion from NET to NIM went through a KYC specifically for that.
Integrity & Reputational Risk
Would listing the asset be inconsistent with Coinbase policy?
✔︎ I don't see why.
User Agreement
The asset, network, application or fundamental nature of the project does not constitute a Prohibited Business under Appendix 1 of the user Agreement.
✔︎ I read it and it's doesn't.
Liquidity Standards
How liquid is this asset?
〜 Weak liquidity right now.
Global Market Capitalization
How does the market capitalization compare to the total market capitalizations of other assets?
〜 Weak capitalization.
Asset Velocity
Trade velocity, or turnover, is a significant part of market capitalization. This is a measure of how easily the asset can be converted to another asset.
〜 Again, weak velocity.
Circulation
For service or work tokens, new supply is created through consensus protocols. If the supply is capped, then a material amount of the total tokens should be available to the public.
✔︎ It's available.
Global Distribution
Where is this asset available to trade?
Total # of Exchanges
The number of exchanges that support the asset.
✔︎ 5.
Geographic Distribution
The asset is not limited to a single geographic region and is available to trade on decentralized exchanges.
✔︎ It's tradable everywhere and I guess you can count Agoras as a DEX.
Fiat and Crypto Pairs
Fiat and crypto trading pairs exist.
〜 Fiat pairs don't.
Exchange Volume Distribution
If secondary markets exist, then volume should be relatively distributed across exchanges.
✔︎ It is.
Demand
What is driving demand for this asset and does it lead to stronger network effects?
✔︎ The Nimiq community I guess and of course it does.
Consumer Demand
Customer demand is carefully considered, however, any asset which is created from a fork, airdrop, or automated token distribution is subject to a separate set of criteria.
〜 It would be presumptuous to say there is a customer demand for Nimiq right now.
Developers and Contributors
Growing developer base and measured progress as defined by the number of repositories, commits, and contributors.
✔︎ Nimiq has already a flourishing developper base.
Community Activity
Dedicated forums are available where developers, supporters, users, and founders can interact and build a community and offer transparency into the project. The team provides regular updates or is responsive to feedback.
✔︎ Yes it has.
External Stakeholders
There are investments from venture firms or hedge funds which have experience working with crypto companies or projects. The project has corporate partnerships, joint ventures, or dedicated consortiums.
〜 It doesn't as far as I know.
Change in Market Capitalization
The market capitalization has grown after the network has activated, demonstrating increased demand for the asset after the project's launch.
Nodes
Growing # of nodes on the underlying blockchain. The project has a globally distributed node network, meaning operating nodes are not contained in a single country or geographic region.
✔︎ You can even check them on a map on https://miner.nimiq.com/
Growing # of transactions and fees paid over time. Growing # of asset or token holders, which is an indicator of asset distribution.
✔︎ Check the stats
Economic Incentives
Are the economic structures designed to incentivize all parties to act in the best interest of the network?
✔︎ It's a PoW coin so yes.
Type of Token
It is a service, work, or hybrid token. Tokens backed by fiat or other physical assets are categorized as US securities and will not be considered at this time.
✔︎ It's not backed by anything but the work done to generate them.
Token Utility
There is utility from obtaining, holding, participating, or spending the token. The team identifies a clear and compelling reason for the native digital asset to exist (i.e. the main purpose is not fundraising).
✔︎ Nimiq is a general payment protocol.
Inflation (Money Supply)
There is an algorithmically programmed inflation rate which incentivizes security and network effects. Or, if the total supply is capped, then a majority of the tokens should be available for trade when the network launches.
✔︎ You can check the inflation curve here.
Rewards and Penalties
There are mechanisms (such as transaction fees) which incentivize miners, validators, and other participants to exhibit 'good' behavior. Conversely, there are mechanisms which deter 'bad' behavior.
✔︎ Yes
Security
There is a focus on stringent security protocols and best practices to limit scams, hacks, and theft of funds.
✔︎ The smart-contract of the ICO was audited and they didn't lose the fund yet so I guess it's secure haha.
Participation Equality
Best efforts by the team to allow a fair distribution of tokens (i.e. setting initial individual purchase caps to limit the risk of small number of investors from taking a majority of the supply).
✔︎ The number of NIM distributed through NET is only 7% in any case.
Team Ownership
The ownership stake retained by the team is a minority stake. There should be a lock-up period and reasonable vesting schedule to ensure the team is economically incentivized to improve the network into the future.
✔︎ See the vesting schedule
Transparency
The team should be available and responsive to questions or feedback about the product, token sale, or use of funds across multiple forums.
✔︎ See the transparency report.
Total Supply The team should sell a fixed percentage of the total supply, and participants should know the percentage of total supply that their purchase represents, or have a clear understanding of the inflation rate.
✔︎ All informations are available freely online.
Ethics or Code of Conduct
White paper or project website should have an ethical or professional code of conduct.
✔︎ Check it here
Conclusion: 44 ✔︎ and 12 〜.

# Nebulas Technical White Paper Review - January 20, 2018 by u/satoshibytes

## Whitepaper version: 1.0 September, 2017.

Built on ground-breaking innovation, Nebulas brings blockchain technology into the 3rd generation.
Nebulas offers two different white papers; while the first is a basic overview, the second is technical.
The technical white paper describes the specifics of the project, and with each part broken down into details, it is not only quite long, it is also considered one of the most technical white paper of any blockchain technology to date. Although detailed information provides transparency and answers questions, many people are finding it difficult to comprehend.
No doubt, most investors are looking for the next hot coin that will provide a good pay day! While I believe that Nebulas can provide just that, I also feel that it is always important to understand what you are investing in. If you take the time to read everything carefully, Nebulas’ technical white paper shows the entire system in its final glory!
Therefore, the comments below compile my analysis of the technical white paper (in combination with other reliable sources). I will also do my best to include the page where you can find these facts in the technical white paper. Therefore, I suggest that rather than taking my word for it, read it for yourself.
Based on pros and cons, let’s break down the primary elements of Nebulas:

# Nebulas Rank (NR)

Nebulas Rank (NR) will be the first to integrate search engine capability into blockchain. In other words, Nebulas Rank is the protocol responsible for making search engine a viable element in the blockchain. Right off the bat, let’s address an important question, "What good is a ranking system inside a blockchain?"
Currently, there is no way to search the blockchain for meaningful data (other than simple transactions), and, therefore, it’s impossible to find dApps or locate smart contracts. If this doesn’t sound like a big deal, imagine trying to search the internet without google or some other search engine – it would be impossible!
Just as the first internet search engine evolved the internet into what it is today, the first blockchain search engine will inevitably evolve blockchain. Not only a stepping stone for the future of blockchain, we’re talking about a new foundation for blockchain technology.
By providing a blockchain search engine, the Nebulas Ranking system will allow users to locate quality dApps (decentralized apps) and smart contracts. For example, let’s say that you are looking for a dApp like CryptoKitties. No doubt, there could be dozens of similar apps. So, based on multiple data resources, such as blockchain activity, github activity, and even google search history, the ranking algorithm (NR) orders similar apps, and then lists them in a manner that the user can evaluate and select.

#### Now, can you see why Nebulas is being compared to google?

But, this is only the beginning…. Nebulas Rank is also interwoven into the Developer Incentive Protocol (DIP) and the Proof of Devotion (PoD) Consensus Algorithm. Without Nebulas Rank, these other two elements could not operate as the white paper states.
Based on the current white paper, let’s spotlight some potential negatives about the Nebulas Rank(NR) protocol. However, also keep in mind that these potential issues could be completely eliminated as the project develops (thanks to Nebulas Force – more on this later).

### Now the potential negative:

• The search engine will be centralized.[i] While I would prefer a decentralized system to search data, there is a huge technological barrier to accomplish this task presently. Due to databases and data feeds, web pages are constantly changing, and even ads randomly change, and this makes a decentralized search engine a huge undertaking. Imagine if multiple computers have to search all data points and agree on specific data. Not only would it be impossible to form a consensus, it would also take incredible power and bandwidth.
• The search engine will update weekly and be placed into the blockchain.[ii] You may not realize it, but most pages on google are not indexed daily or even weekly. Only the most active pages are crawled often – some are even crawled every few minutes. I know you might think, "Hey, it’s 2018 and I want real time information," but technology is just not there yet. If search data was consistently updated in the Nebulas blockchain, the blockchain would be extremely bloated, and, therefore, real time data is technically illogical at this time.
However, while the white paper describes the search engine being centralized, it also says "In current stage..." Thereby indicating that Nebulas developers have a better solution in the long run. Perhaps a sidechain just for searching? The white paper also states that "the complete code for searching backend is available to the community and third-party developers can create their own searching services on this basis." Hopefully, this will keep the ranking honest.
Since the Nebulas blockchain is based on the Nebulas Rank (NR) system, now that we have highlighted the most important aspects of Nebulas Rank (NR), we can dive deeper into specific functions.

# Proof of Devotion (PoD) Consensus Algorithm

In the cryptocurrency world, Proof of work (PoW) means mining. While damaging to the environment, few can argue that this is a terrible waste of natural resources. As an alternative, the cryptocurrency world also has Proof of Stake (PoS). Proof of Stake allows token/coin holders to stake (aka hold un-spendable tokens), and to be rewarded with more tokens when they create a new block. For example, if there are 100 people staking and there are 100 new blocks per hour, every stake will, on average, receive one block reward per hour.
While better for the environment, Proof of Stake creates an imbalance where major coin holders (aka whales) are rewarded with even more coins, and this allows "whales" to stake even more coins (this means that there could be a potential to monopolize the system).
Now, Nebulas brings us Proof of Devotion (PoD)[iii]. As far as I know, there is currently nothing like this in blockchain technology (nor ready to be released). Proof of Devotion essentially awards developers who make awesome things (such as dApps) on the Nebulas blockchain.
If you develop an dApp that’s performing well on the Nebulas network, you will have the option to be a validator (aka validate submitted transactions), and, in return, receive token rewards from the blockchain. To be a validator, you will need to stake (deposit) X amount of tokens. Then, multiple validators (per transaction) will have to agree on the result[iv], and, each will be rewarded 1.5x the amount staked.
The generation of new blocks[v] will be carried out by "highly important" accounts that Nebulas Rank (NR) calculates. As stated in the whitepaper, "PoD empowers the selected accounts to have the bookkeeping right with equal probability to participate in new block generation in order to prevent tilted probability that may bring about monopoly".
The bottom line... when it comes to Proof of Devotion, why use Ethereum to create a dApp when you can create the same dApp on Nebulas and make a profit? Needless to say, this is a huge incentive for developers to make dApps on the Nebulas network, and, consequently, it will increase the value of the network. Furthermore, since Nebulas will provide developer tools, it will be easier to create dApps.

### Now the potential negative:

• Although Proof of Devotion gives new developers the potential to profit greatly, it also favors top developers. For example, Gifto[vi] just announced that they will launch on the Nebulas network. At least in the beginning, Gifto will be a powerful contender for other dApp creators.
Because it inspires developers to create awesome dApps, and, at the same time, profit directly from blockchain, I personally love this idea! No longer will dApp creators require insane ICO’s nor will they need some other stream of revenue. However, participating in PoD does not stop developers from benefiting from other income streams. Truly groundbreaking!

# Developer Incentive Protocol (DIP)

Not only can Proof of Devotion give incentive to developers, quality developers will also receive extra coins/tokens for their hard work. Based on Nebulas Rank(NR), Nebulas will use an algorithm for reward distribution[vii]. The rewards will be automatically distributed to the smart contract cash-out address every 7 days.
There is really nothing negative to add to this. It’s truly a powerful incentive!

# Nebulas Force (NF)

Who needs hard forks? Nebulas Force will allow developers to introduce new features/protocols into the Nebulas blockchain without a fork. The Nebulas white paper calls it "Self-evolving blockchain technology" but I don’t believe this is quite correct. Rather than being self-evolving, it is actually community driven! Because this will build the blockchain community, in my opinion, this is even better!
With other blockchains for example, if a developer has an awesome idea for a dApp but it needs a new protocol that does not exist on any blockchain, the developer would have to centralize the dApp or chuck it altogether.
With Nebulas, new ideas can be developed, and if they provide positive contribution, the Nebulas community (Nebulas token holders) can vote on and approve changes to the network protocol. Once approved, Nebulas developers can add the new protocol into the Nebulas blockchain. Perhaps, further in the development, sub-chains will also support new protocols for full implementation.

Revolutionary for blockchain, Nebulas Force will include upgradable smart contracts[viii]. Why is this important? Well, due to bugs in smart contracts, investors can lose funds in any blockchain network that uses smart contracts. Once submitted to the blockchain, nothing can be done to fix the bugs, and, as a result, tens of millions of dollars have already been lost.
Nebulas plans to overcome this problem through the implementation of upgradable smart contracts. In a nutshell, token holders will vote on proposed changes (to fix specific bugs), and when the overall vote is affirmative, bugs can be eliminated at any time. By saving investors millions, it will restore lost confidence!

### Now the potential negative:

• The Nebulas protocol is only modifiable by the Nebulas core developers. Although this is not really a negative, I would not call it "self-evolving". If you look at Bitcoin, there is a handful of developers responsible for source code, and, subsequently, the source code for all alt coins that use Bitcoin core in some capacity (such as LTC, BCC, BTG, DOGE, etc…)
• The protocol updates will be applied via a hard coded signature into the genesis block[ix] and this means that there is a potential for network compromise.
• Although there are some ethical issues with modifying smart contracts, overall, it is a great idea! Since token holders will have to vote on any changes, there could be an issue with whales (monopoly owners) controlling contracts.
Even with the negatives, this is a powerful feature.

# The above includes Nebulas’ most innovative features, and although these features stand out, there is even more to Nebulas:

### Anti-cheating algorithms[x]

To ensure fairness, the above protocols contain anti-cheating algorithms that are manipulation resistant, and, if someone is found trying to cheat, there are penalties.

### Smart contracts almost anyone can write![xi]

Nebulas will support smart contracts written in Javascript, Python, Java and more! And this means that any coder can create a logical contract!

### Full voting protocol[xii]

Since Nebulas includes a full voting protocol in the blockchain, you and I, as token holders, can help decide the direction of Nebulas. As an example, the coin "Decred[xiii]" also has a voting system; giving end-users a voice keeps them engaged.

### Domain Name Service[xiv]

Although blockchain users are accustomed to "please send funds to: 0x488B2630CEdB5Bfd5e02c33A3653227170743357", it’s simply not logical. If you miss a letter, change a number, or simply enter an address incompletely, funds are sent into the abyss - forever. To correct this inherent problem, Nebulas will implement the use of "meaningful names." For instance, using a meaningful name, your Nebulas address could be "Rick_Sanchez.me." Users will have the opportunity to bid for requested names, and renew yearly - just like a web based domain name.

### Lightning Network[xv]

As many of you probably already know, bitcoin can now use a Lightning Network. This will allow multiple small transactions to be signed without clogging up the blockchain and memory pool. It keeps an open ledger between two entities and can be closed at any time by either party, resulting in one transaction on the network instead of potentially dozens or hundreds.If the Bitcoin network started with the Lightning Network, it would currently be able to handle all transactions per second without any problems. Without the Lightening Network, Bitcoin can only handle 7~ transactions per second (and usually less). With the Lightening Network initially in place, the Nebulas network will be able to handle the required transactions and close the lightning ledgers when requested by users. It would also not cost $20.00++ to send$5.00 nor would it take an hour. I won’t get into the ludicrous prices of Bitcoin transactions fees and how we got here, but if you don’t know much about it, you should learn more. As an important feature of Nebulas, the Lightning Network will provide quick and cheap transactions.

### High Strength Encryption

Nebulas uses SHA3-256 encryption. Although you won’t find this in the white paper, SHA3-256 is Highly Quantum Resistant[xvi] - research it yourself. Why is this so important? Well, as an inevitable evolution of quantum computing, previous generations of encryption will be rendered inadequate, and, consequently, susceptible to decryption of private keys. Basically, this means that once quantum computers are developed, you can lose your money in a non-quantum resistant blockchain. Since Quantum Resistance is a very important feature, many new coins (such as the QRL coin[xvii]) are being intentionally created for this purpose.

Directly from the white paper[xviii]; "The Nebulas network has its own built-in token, NAS. NAS plays two roles in the network. First, as the original money in the network, NAS provides asset liquidity among users, and functions as the incentive token for PoD bookkeepers and DIP. Second, NAS will be charged as the calculation fee for running smart contracts. The minimum unit of NAS is 10−18 NAS." If interested, the white paper goes into detail. If you question the purpose of NAS, simply ask yourself, "What role does ETHER play in the Ethereum network?" As of this writing, ETHER’s current price is $1098.00USD – and that’s not even it’s high. I believe that common sense indicates the potential value of the NAS coin! ### Nebulas will have a maximum of 100,000,000 tokens Many of the top 10 cryptocurrencies will distribute coins/tokens in the tens of billions, and, in fact, Ethereum will have an indefinite amount (albeit, they will taper off in time). However, when there are significantly less coins/tokens, the value of each increases. Treasure each NAS token! ### A web-based playground for developer tools[xix] To help developers create smart contracts easier and faster, Nebulas will offer developer tools. Nebulas will also support multiple IDE’s. Although the list of features and functions goes on, this should give you an overview of what the Nebulas network can do, how it can evolve blockchain technology, and why it will be a very attractive option for future dApps. Having said all this, please be clear, it is not financial advice. Also, keep in mind that the above statements are based on my analysis of the white paper (version: 1.0 September, 2017), but this is not to say that the developers don’t have a different perspective. With that being said, Nebulas staff and co-founder, Robin Zhong, actively responds to questions in their Slack channel. This leads us to a review of the Nebulas team. ### The Nebulas Team When looking at a new, and yet to be released, project, it’s not only important to understand the innovation, it’s also important to understand the team behind the innovation. Although not the largest team, the developers are highly educated with real blockchain experience. In fact, many have worked at Google, IBM, Alibaba, Alibaba financial, Airbnb, etc… Additionally, two Nebulas founders previously co-founded the NEO coin (formerly Antshares) which on January 20, 2018 trades at$140.00 (not even its high) per coin/token.
No doubt, the team is influential in past, current and future blockchain innovation. In fact, playing a huge part in bringing blockchain to China, Hitters Xu created Bitsclub, and many other team members started blockchain communities. If you have not yet learned about the team, I strongly suggest you do. Check out their LinkedIn pages and also look at the developers Githubs.

#### Full disclosure:

As a fellow investor and fan of blockchain technology, I got into the crypto world in 2012. Since then, I have mined, traded, and even created an arbitrary trading system. My portfolio includes dozens of different types of tokens/coins. My focus is on innovation rather than "rinse and repeat."
I first learned about Nebulas in the beginning of January 2018. After reading the technical white paper multiple times and fully understanding Nebulas (what it is and what it’s not), I confidentially purchased NAS (ERC-20) tokens.
As with any great blockchain, Nebulas will not be the last, but it is a crucial step to the next generation of blockchain innovation! Without doubt, I see the true potential of blockchain technology, and, if you ask me, Nebulas is an amazing short, medium and long term project, and I’m excited about the future!
To quote a Nebulas founder, "Ask not what blockchain can do for you, ask what you can do for blockchain..." - Hitters Xu

## References

i: Pg 41 – 6.2
ii: Pg 24 – Last bullet point
iii: Pg 34 - 5.3.1
iv: Pg 35 – 3.3.3
v: Pg 34 – 5.3.1
vi: Visit https://gifto.io/ for more info – Watch the video for an example of what Nebulas will do.
vii: Pg30 – 4.2
viii: Pg 27 – 3.3.2
ix: Pg 26 – Paragraph2
x: Many locations – There are many parts of the white paper that talk about anti-cheating in different capacities.
xi: Pg 26 – 3.3.1
xii: Many locations – There are many parts of the white paper that talk about voting in different capacities.
xiii: Visit https://decred.org/ for more information. For full disclosure, I do own DCR and stake them.
xiv: Pg 45 – 7.1
xv: Pg 45 – 7.2
xvii: Visit https://www.theqrl.org for more information. And yes, for full disclosure, I like this project as well, and have invested post ICO.
xviii: Pg 47 - 8
xix: Pg 46 – 7.3

##### Ether Thief Remains Mystery Year After $55 Million Digital Heist Ether Thief Remains Mystery Year After$55 Million Digital Heist 2017-06-13 08:00:18.224 GMT
By Matthew Leising (Bloomberg Markets) -- Summer colds are the worst, and Emin Gün Sirer had caught a wicked bug from his 1-year-old son. So it was with watering eyes and a stuffy nose that the associate professor of computer science at Cornell found himself working from his sickbed on Monday, June 13, 2016. Gün—everyone calls him Gün—couldn’t tear himself away from his laptop. He had another type of bug in his sights, a flaw in a line of computer code he feared put $250 million at risk of being stolen. It wasn’t just any code. It was the guts of the newest breakthrough in software design related to blockchain, the novel combination of decentralized computing and cryptography that gave life to the virtual currency bitcoin in 2009. Since then, the promise of blockchain to transform industries from finance to health care has captured imaginations in corporate boardrooms and governments alike. Yet what the Turkish-born professor was exploring that Monday was the next leap forward from bitcoin, what’s known as the ethereum blockchain. Rather than moving bitcoin from one user to another, the ethereum blockchain hosts fully functioning computer programs called smart contracts—essentially agreements that enforce themselves by means of code rather than courts. That means they can automate the life cycle of bond payments, say, or ensure that pharmaceutical companies can authenticate the sources of their drugs. Yet smart contracts are also new and mostly untested. Like all software, they are only as reliable as their coding—and Gün was pretty sure he’d found a big problem. In an email sent to one of his graduate students, Philip Daian, at 7:30 p.m., Gün noted that the smart contract he was looking at might have a problem—on line 666. (They say the devil is in the details.) Gün feared the bug could allow a hacker to make unlimited ATM-like withdrawals from the millions, even if the attacker, who’d have needed to be an investor, had only$10 in his account. This staggering amount of money lived inside a program called a decentralized autonomous organization, or DAO. Dreamed up less than a year earlier and governed by a smart contract, the DAO was intended to democratize how ethereum projects are funded. Thousands of dreamers and schemers and developers who populate the cutting edge of computer science, most of them young, had invested in the DAO. This was real money, a quarter of a billion dollars, their money, meant to build a better version of the world, and every cent was at risk. Gün, who wears his dark hair short and looks a decade younger than his 45 years, had already been tracking and publicizing flaws in the DAO’s design. A few weeks earlier, on May 27, along with two colleagues, he’d urged investors to stop buying into the DAO until security issues could be fixed. It had been too late, however, and the program went live the next day. Smart contracts such as the DAO are built to be entirely reliant on their code once released on the ethereum blockchain. That meant the DAO code couldn’t be fixed. Other blockchain experts—including Peter Vessenes, co-founder of the Bitcoin Foundation—had also pointed out security flaws in the smart contract, but Gün appears to be the first to pinpoint the flaw that put the money in jeopardy. The problem was the code was so new that no one knew what to ­expect—or even if there was actually a problem in the first place. Gün had his doubts, too. This wasn’t even his job. He does this for fun. Daian didn’t think they’d found anything either. Over email, he said, “We might be up the creek ;).” Later, when Gün pointed to the error in line 666, Daian replied, “Don’t think so.” Gün says, “We don’t sound the alarm bell every time we find a bug that seems suspicious.” Instead, he went to bed to try to kill his cold—the one bug he knew to be real. “I was too miserable to sort it out,” he says. Four days later, Christoph Jentzsch lay on the floor of his home office, taking deep breaths, trying not to panic. It was Friday morning, and software developers all over the Western world were waking up to the news that the DAO, which Jentzsch had created, was being attacked. Gün had been right. Jentzsch, who has dark hair and a perpetual five o’clock shadow, lives with his family in the Mittweida region of Germany, a rural spot not far from the Czech border. Mornings in the Jentzsch household are a whirlwind as he and his wife get their five children—age 2 to 9—fed and off to school. Yet today, after his brother Simon woke him with a call that the DAO was being hacked, Jentzsch had to ignore his familial duties. “You’ve got the kids,” he told his wife. “I have an emergency.”
This is the story of one of the largest digital heists in history. And while you may have heard last year that hackers breached Swift, the bank-to-bank messaging system, and stole $81 million from Bangladesh’s central bank, the DAO attack is in a different category altogether. It played out in front of anyone who cared to watch and couldn’t be stopped. Just as the global WannaCry ransomware attack in May laid bare weaknesses in computer operating systems, the DAO hack exposed the early frailties of smart-contract security and left many in the community shaken because they hadn’t found the bug in time. The aftermath would eventually pit good hackers against bad ones—the white hats vs. the black hats—in the strange and futuristic- sounding DAO Wars. The roots of the DAO belong to an idea Jentzsch borrowed from another internet-fueled phenomenon: crowdfunding. The 32- year-old Jentzsch, a theoretical physicist by training, and a few colleagues started Slock.it in 2015. As they considered how to fund the company, Jentzsch approached it as many had—sell a digital currency, effectively a token, to raise cash. But why should each new startup have to program its own initial coin offering? Jentzsch wondered. What if one huge fund ruled them all? He introduced his idea to the world at DevCon 1 in London in November 2015. “What is the blockchain way of creating a company?” Jentzsch asked his audience. “Of course, it has to be a DAO.” It would work like this: Ether, a virtual currency like bitcoin, would be used to fund and develop applications on the ethereum blockchain—things such as making a music app similar to iTunes or a ride-sharing service along the lines of Uber. Investors would buy DAO tokens with their ether; the tokens would allow them to vote to fund projects they liked. If the app they backed made money, the token holder shared in the profit. In the six months he spent creating the DAO, Jentzsch thought it would raise$5 million. From April 30 to May 28, the DAO crowdfunding pulled in $150 million. That’s when ether traded just below$12. As the price of ether rose in the following weeks to $20.75 the day before the attack, so too did the value of the DAO, putting a$250 million target on this thing Jentzsch had unknowingly brought into the world with a fatal, original sin. “Our hope was it would be the center of a decentralized sharing economy,” says Jentzsch, who now regrets not capping the amount raised. “For such a big experiment, it was way too early.” In the weeks after the attack, Jentzsch and the rest of the ethereum community would come to grips with their own crisis that, writ small, echoed the bank bailouts and government rescues of 2008. “It became too big to fail,” he says. But why would anyone invest in the DAO in the first place? It has something to do with the strain of digital libertarianism at the heart of the ethereum community, much like the set of beliefs that led to the birth of bitcoin. Think of bitcoin as the first global currency whose use can’t be stopped by governments or corporations; on top of that, bitcoin is almost impossible to hack. Ethereum, then, is another level beyond. It’s an uncensorable global computer. As amazing and unprecedented as that is, it’s also a bit terrifying. Brought to life, the DAO ended up staggering off the table and turning on the community that wanted it so badly. Accustomed to working into the night to stay in touch with colleagues in North America, Jentzsch blows off steam by jogging or kayaking on the nearby Zschopau River. Yet on that Friday morning, he had the more pressing task of pulling himself up off the floor and dealing with the attack. “I went into emergency mode: Don’t try to save the DAO,” he says. “No, it’s over.”
It was far from over. Several hours later and half a world away from the Jentzsch household in Mittweida, Alex Van de Sande was waking up in his apartment in the Copacabana neighborhood of Rio de Janeiro. The baby-faced ethereum developer had been born in the small fishing village of Santa Cruz Cabrália in the Bahia region of Brazil and moved with his parents to Rio when he was about 3 years old. These days he’s known as “avsa” on Reddit and Twitter. After reaching for his phone to see why it was blowing up with Skype messages, he turned to his wife and said, “Remember when I was telling you about that huge unhackable pile of money?” She nodded. “It’s been hacked,” he told her. His first thought was to get his DAO tokens out. He owned about 100,000 of them, valued at about $15,000 at the time. He’s the lead designer of the Ethereum Wallet app, a program that allows him and anyone else to interact with the blockchain. Van de Sande scrambled to log in to it, but his password didn’t work. It was glitching, and as he worked to fix it, his panic subsided. He realized he shouldn’t be bailing on the DAO but trying to save it. And to do that, he needed Griff. Griff Green, who’s worked variously as a massage therapist in Los Angeles and a community organizer in Seattle, is one of only a handful of people in the world who holds a master’s degree in digital currencies. He got it online, natch, from the University of Nicosia. A self-described “dreamer,” the 32-year- old is the closest thing Ethereumville has to a mayor. Green knows everybody; in fact, he’d been the first to relay word of the attack to Simon, Jentzsch’s brother and a co-founder of Slock.it. Green had been working for Slock.it for about six months by then and woke up that morning in the house belonging to Jentzsch’s mom in Mittweida. Jentzsch is one of nine children, so his mother had a spare bedroom where she could put Green up for a few days. Using his extensive contacts, Green started identifying as many people as he could who were interacting with the DAO—going so far as to ask strangers to send pictures or scans of their IDs—in an attempt to sort friend from foe. And then something strange happened: The attack stopped working. In the six hours since the attack began, the thief had managed to steal 30 percent of the DAO’s 12 million ether—which that day equaled about$55 million. “We don’t even understand why the guy had stopped,” says Van de Sande. Now Green raced to protect the remaining 70 percent of the DAO the attacker hadn’t stolen. Once Van de Sande got in touch with Green in Germany, along with two or three others, the foundation was laid for what would become known as the Robin Hood group—white hat hackers who’d devise a bold good-guy plan to drain the remaining DAO. To save the DAO, they’d have to steal the remaining ether, then give it back to its rightful owners. And yet as they scrambled that Friday, qualms emerged within the group. “What does it even mean to hack something?” Van de Sande asks. No one knew if what they were about to do was legal. Also, wouldn’t their hack look just as bad as the theft they were trying to stop? Then there were the practical issues. “Who pushes the button?” he remembers wondering. Doing so would initiate their counterattack and alert the community. “Someone has to push the button.” The price of ether the night before the attack had hit an all-time high of just above $20. News of the hack sent it tumbling to$15 by the end of Friday, wiping out almost a half- billion dollars in market value. At that price, the DAO still held $125 million, and the Robin Hood group worried the attack would resume. They might be the only line of defense if it did, so Van de Sande agreed to use his DAO tokens to fuel their counterattack, thereby becoming a public face of the group. At this point, it might help to think of the DAO as the spacecraft in Alien after Ripley initiates the self-destruct sequence. To flee, she’s forced to use an escape pod. DAO investors had to initiate a similar sequence to deploy escape pods that would allow them to get their ether out of the DAO. The code that dictated the escape pods’ behavior is where the bug lived, so to steal the remaining DAO funds the Robin Hood group would have to be in a pod to exploit the flaw—and because of the way Jentzsch wrote the DAO, they had only a short window of time and just a few pods to choose from. A few minutes before launching the attack, Van de Sande joked on the group’s Skype chat, “Let’s go rob a bank!” No one laughed. “Not everyone really appreciated the humor,” he says. In his Copacabana apartment, Van de Sande readied to push the button on his laptop. Then, suddenly, he lost his internet connection. His router was down. “I was like, What the f--- is going on here?” he says. He had less than 30 minutes left to execute the Robin Hood hack. He frantically called NET, his Brazilian internet service provider, but couldn’t get past the automated customer ­service experience. He says the robotic voice told him, “We see there’s an internet issue in your neighborhood.” The irony was not lost on him: Here he was trying to steal millions of dollars from a robot but was being waylaid by another robot. “Then we missed,” he says. The window closed. He went from the high of feeling like they were about to come to the rescue of the vulnerable DAO to the crushing low of having their international connection severed by NET’s breakdown. He took his dog, Sapic—named after the one in Pedro Almodóvar’s All About My Mother—for a walk, then crawled into bed, defeated. The next morning was Saturday, and Van de Sande tried to reconvene the Robin Hood group to infiltrate ­another escape pod. But folks were busy and couldn’t get together. “We felt like the worst hackers in history,” Van de Sande says. “We were foiled by bad internet and family commitments.” Who, exactly, were they at war with? No one really knows, but there are some clues. One address the attacker used is 0xF35e2cC8E6523d683eD44870f5B7c C785051a77D. Got that? Like everything else in a blockchain, a user’s address is an anonymous string of characters. But every address leaves behind a history on the blockchain that’s open for examination. Not that it makes sense to 99.9 percent of humankind, but Green gets it. To pull off his heist, the attacker needed to create a contract that would interact with the DAO. He did so on June 15 and deployed it in the early morning hours two days later, according to Green. Once activated, the attack contract started sending about$4,000 worth of ether through the attacker’s account every three or four minutes to drain the DAO. But where did the original money to fund the attack come from? To interact with the ethereum blockchain, every contract must be funded by an amount of ether. This attack contract was funded by two addresses, but tracing it further back becomes tricky. That’s because the second address used an exchange called ShapeShift to send 52 ether into its account on June 14. ShapeShift doesn’t collect any information on its users and says it turns one virtual currency, such as bitcoin, into another, like ether, in less than 10 seconds. While there are valid reasons for using ShapeShift, it’s also a great way to launder digital assets and ­cover your tracks. After the attack contract stopped working, the thief needed to deploy it again, says Green. He tried but failed, and after a few more transactions, the hack whimpered to an end. (One possible reason the attack stopped, Green says, is that the hacker’s tokens became corrupted, which means he had no way to exploit the bug.) We know this limited amount of one-sided information from the blockchain’s public record. Digital asset exchanges see both sides. An internal investigation by one such exchange concluded that the DAO attacker was likely part of a group, not a lone wolf, based in Switzerland, according to an executive there who wouldn’t speak on the record or allow the company’s name to be used. ­Exchanges are in the unique position of being able to analyze the trading activity of their customers because they know who they are, even if they’re anonymous on the blockchain. The executive says the exchange shared the analysis with the Boston office of the FBI, though there’s been no further contact since October of last year. Cornell’s Gün says he also spoke to the Boston office of the FBI—and to agents in the New York office and to the New York State Attorney General’s Office. “It’s very difficult to coordinate an attack of this kind without leaving breadcrumbs behind,” Gün says. He encouraged the FBI to look at the ethereum testnet, where programmers can run their code in a safe environment to work out kinks. The attacker wouldn’t just launch such a complicated hack without testing it, Gün says he told federal officials, and the feds might be able to get clues to his identity there. Gün says he also pointed them to addresses linked to the attacker, such as the one described above, that were listed by his grad student Daian on his blog. (The FBI declined to comment.) “I’m absolutely amazed. Why has no one traced this back and found out who did it?” asks Stephan Tual, the third co-founder of Slock.it. “It still bugs me to this day, because what that person has done is incredibly unethical.”
On Tuesday, four days after the initial attack, the hacker returned and somehow resumed the heist. The Robin Hood group had feared this moment would come and was ready. Early Sunday morning they’d finally managed to convene online and successfully infiltrate an escape pod, but had held off their counterattack. Now they had no choice. One strike against the group was their distance from one another—one in Rio, others scattered about Europe. (Some of the group’s members didn’t want to be identified for this story.) It was important that they coordinate their activities because, like in Charlie’s Angels, they all had different specialties: Green the community organizer, Van de Sande the public face, others who wrote the Robin Hood group attack contracts. So Van de Sande needed to be walked through the step-by-step hacking process they were about to unleash, because that wasn’t his area of expertise. “I’ll be honest, I was excited,” Green says. “This is the craziest thing that’s ever happened to me. This is the craziest thing that’s almost ever happened to anyone.” Whether it was legal remains an unanswered question. “You literally have cyber ninjas warring on the blockchain,” says Vessenes, the programming expert. “What they’re doing is almost certainly illegal, but they’re claiming it’s for the greater good.” And now it was Van de Sande’s job to let the community know that the Robin Hood group counterattack was benign. He took to Twitter, where he wrote “DAO IS BEING SECURELY DRAINED. DO NOT PANIC.” A nod to the classic Hitchhiker’s Guide to the Galaxy, his plea to not panic was met with all the snark and real-life concern Twitter can handle. “NOTHING SAYS DO NOT PANIC LIKE ALL CAPS,” one user responded. “#RealLife is more exciting than

# MrRobot !!” tweeted another. Yet as the Robin Hood group attack

gained steam, they noticed something strange and worrisome—the attacker was with them in every escape pod. “We escaped the mother ship, but now we’re alone in space with the alien we were trying to escape,” says Van de Sande. This was a big problem. Because of how Jentzsch wrote his code, the Robin Hood group would have to wait several weeks before they could secure the ether they recovered. Yet if the attacker was in that escape pod with the group, he could just follow them—what’s known as a stalking attack. If the hacker stalked the Robin Hood group, the ether wasn’t really safe after all. “The game only ends when one of these parties doesn’t show up to fight,” Van de Sande says. This, in essence, is the heart of the DAO Wars, the never-ending battle that would have to be waged to keep the recovered ether safe. If only there were a way to reverse the theft once and for all.
It’s been about a year since the DAO attack, enough time to take stock of what went wrong. Van de Sande is eager to move on. “It was really just a blip,” he says. “We are ready to move past it and leave the DAO story behind us.” Green, who’s organizing an ethereum conference at this summer’s Burning Man festival in the Nevada desert, has kept a sense of humor about it. “The Robin Hood group was just a s--- show,” he says with a laugh. “I hope the movie portrays it better than it actually was.” As for the bug itself, apparently many smart people looked at the code before Gün but missed one major flaw. The order of commands in the code allowed DAO token holders to withdraw any profit they’d made from their investments. It reads “withdrawRewardFor(msg.sender)” and adds, almost improbably, a note to anyone reading the code that says, “be nice, and get his rewards.” That’s line 667—let’s call it “The Neighbor of the Beast Bug.” If the withdraw line had come after these lines:
totalSupply -= balances[msg.sender]; balances[msg.sender] = 0; paidOut[msg.sender] = 0; return true;
the attack wouldn’t have been possible, Jentzsch says. But if the code had been in the correct order, the reward parameter wouldn’t have worked. As for the note, this line of code was meant to allow investors to withdraw any profit—“Reward”—their investments had earned. Instead it became one of the biggest backdoors in hacking history. It would have been better to not pay rewards during the split function from the DAO, what we’ve been referring to here as the escape pods, according to Jentzsch. Another decision he made when he had no idea of the bug shows how quirky and unforgiving code can be. “If the capital ‘T’ in line 666 had been a small ‘t,’ that would also have prevented the hack,” he says. Jentzsch has many regrets but insists no one was aware of the specific problems in lines 666-667 (other observers had pointed to flaws in other lines, just not here). Had more people looked, “it would have made no difference at all,” he says. “If you don’t know what to look for in a security audit, you won’t find it.” Even Gün, who had it in his grasp, let it go. “I still missed it,” he says. Green’s emotions are still raw related to Gün. “I actually got really pissed at him about this,” Green says. “He started bragging about how he found the bug.” He adds that it was “very irresponsible of him to not tell anyone of his inkling.” Still, Green “respects the hell out of Gün” and says they’ve since made amends. Asked to recount that night last June as he lay sick in bed, Gün says, “I came away from this thinking there’s potentially an issue.” But he’d consulted Daian, his grad student (“whom I trust”). Daian had said it’s “not exploitable.” Gün says that had he been certain of the danger, “I would have told people.” In a blog post that explained the mechanics of the DAO heist Daian published the night of the attack, he gave a shoutout to his professor in the acknowledgments. “Gün, we were so damn close—sorry it wasn’t quite enough this time :),” Daian wrote. As for the attacker (whoever he or she or they are) and the ethereum classic booty, Gün says, “Great, wonderful, he should cash out.” The hard fork proved it wasn’t just the DAO that needed to be fixed, but the ethereum blockchain itself. He says: “The fault lies somewhere on the system side as well.” But the fear that smart contracts are too clever by half and that by extension so is the ethereum blockchain itself—prevalent in the days following the DAO attack—has dissipated. At least that’s the market’s verdict, judging by the price of ether. After the attack, it traded from $10 to$12 for about nine months. Then in March it took off; it’s valued at $341.19 as of June 12. (That would have valued the DAO at$4.1 billion, but let’s not even go there.) Ethereum classic has risen as well, and it now trades for $18.71. Both versions of ether remain viable, in other words. The thief holds one; the revisionists, the other. Going forward, the choice is really: Whom would you rather believe? Since the hard fork, the attacker ended up making off with his ethereum classic. That means he got away with about$67.4 million, assuming the stash hasn’t been sold. Not too shabby, 0xF35e2cC8E6523d683eD44870f5B7cC785051a77D.
Leising covers market structure at Bloomberg News in New York.
To contact the author of this story: Matthew Leising inNew York at [email protected] To contact the editor responsible for this story: Joel Weber at [email protected]

##### Transcript of George Webb Video Series Part 304 "Hillary's Leakers, Hackers, and Henchmen" [@Georgwebb / #HRCRatline]

• >>>CONT
• And the thing about Mike Flynn everybody knows Mike Flynn recommended Robyn Gritz
• And she got this blood chit Africa--for all of her work with Boko Haram
• And all the--the Somali al Qaeda as well
• But it goes all the way back to 2005 where Stanley McChrystal--General McChrystal gave her a commendation
• And was gonna put her in to a position
• She was working with DIA
• She was working with General Flynn in Army Intelligence
• And that's when the Andy McCabe SES guy came in
• And this the other thing is it's almost like the elders at the Mormon Church or at the Navy Masonic Temple
• She described this one meeting, snd she says the little tells where was an all-hands meeting, and all the SES guys were lined up in the front
• And then it was almost like Church--there was five pews that were empty
• Was almost like this no-man's land between the SES and the rest of the FBI-DOJ
• And I thought that was telling
• So takeaways really from here are looking at those key points those key moments in time, where the credit or the plume or the feather in the cap was taken away
• And that started the person that was a fork in the road sort of
• And it creates a downward cast to the to the career trajectory, where a lot of those people that got those plums0--or feathers in the cap or whatever you want to call them--ended up being special agents in charge in different cities
• And going on to become...
• And she was telling me she was--Andy McCabe was trying to get the next promotion, and he needed two inspections, and I guess that's a very detailed thing that a procedural thing, and Robin did both of those procedurals for inspections for Andy McCabe to allow him to advance
• So to be kind of knifed in the back, shivved in the back later on its kind of hurtful
• So so that's my takeaway here is to tell these stories not so much insider stories
• There's a lot that they're going on tonight let me tell you between the two women in law enforcement
• And three hours of it
• My job is really to bring out the two or three things that are the key learnings for us for us out here
• She says hundred Robin says hundreds of women call her now
• And she's sort of an icon now, for women who are not not injured or not wanting to play on as victims
• But more talking about the strength of women in law enforcement
• And want the ball to move forward
• They want the men to be better managers
• And know how to work with women, and not feel like they feel threatened where they have to destroy them
• And that was the auntie McCabe mistake, where he saw Robin as a target, and then just put all the resources
• (And I this feels) ...put all the resources into destroying her
• So that's my takeaway tonight is to walk
• And really what we need to do is kind of reinstate Robyn Gritz
• And I would like to reinstate Task Force as well
• Just walk back to that time of Stanley McChrystal, write that piece of paper out, and then walk her career forward
• Where would it have gone? And then just reinstate her
• There's a lot and with Task Force is the same way
• There's a lot of California state police chiefs that are retired that slipped on a doughnut that are on a hundred and seventy five percent disability
• And not begging--and we love the folks in Milwaukee for doing the free surgery
• But--Task Force says no--they're her insurance has been pulled
• So with three fused discs after a parolee attacked her
• So I think these are the things where we can learn
• Just walk it back and then walk it forward like it should have been
• And to create a sort of
• I said what's the one word I would choose and I said "reinstatement"
• The one word the healing word of the night is "reinstatement"
• And oh by the way Robyn Gritz is about $19,500 • I'd like to see her at twenty thousand dollars by the end of tonight just • So there's no pressure whatsoever on her financially • And then hopefully this weekend • There's some big things coming by the way next week we hear • Big things • Day 170.1 Chrystal and Flynn Recommended Gritz For Key Post in 2005, SES Knocked It Down - YouTube • It's day 170 for those folks who weren't following yesterday we had a chance Task Force an ID to meet Robyn Gritz last night • And she was a counterterrorism agent within the FBI for a number of years • I think about two decades • And she briefed a lot of presidents and--we went through her career • And she kind of was knocked down by a Andy McCabe unfortunately as they started competing for positions • And he started moving up through the ladder • And I've kind of used Richard the third as the Andy McCabe character • And this this woman here was as sort of the Margaret of Anjou--if you will • Lots of historical analogies that you can you can pull • But what was really great is meeting both love having Robin meet with with Task Force--Task Force to talk about law enforcement • And then kind of when you get in the way, what happens? • Especially kind of in a male-dominated area • So there's a long conversation about three and a half hours • But what I took away from it, I left on me post last night • But the last thing I said so you can see can read that • But the last thing I said was to get Robin over 20 thousand dollars • I PROMISed I would and we'd get her over that • I really think this should be around 500,000 of her to mount a legal challenge • And it's more important than just writing the wrongs of Robyn Gritz--as far as what happened to her career • She really was on the fast track all the way back in 2005 with General Stanley McChrystal, way before Mike Flynn • She was working with Mike Flynn at that time • But this was really it she was kind of on the fast track • And her appointment in 2005--and I think this is so important to go back to that date • To a person was put in the job where the crystal • And Flynn did not know who the nominee was they had both nominated her for this job • And she was yanked out of this in McCabe kind of SES guy was was put in the position • And that goes all the way back 13 years to that critical juncture, where she was kind of on the fast track to be maybe the head of a DIA or something like that • So I think this is really important history to share--that really • She briefed so many different presidents on some of the most sensitive kidnappings and bombings...in our in our nation's history • And I think Trump would do well to sit with her just just to review those situations if nothing else, from the perspective of the FBI • And then the other thing I think this is [[Director Freeh]] a Louis Freeh • Get back to the get back to the historical roots • And values of the FBI • I think that's the other thing that Robyn Grits could briefed the president on • So I really want to get away from this idea of Robyn Gritz as the victim...and get more toward the idea of Roby Gritz as the expert there's a great deal of expertise that she could lend at Trump • And Trump is only gonna get this insight or SES old boys club • It's not even old boys club is kind of a new new boys club--billionaire boys club perspective of the FBI • And this I believe Trump really has this opportunity in a briefing • It's really get the old FBI, the old ethics, the Louie Freeh ethics of the FBI the Kallstrom type ethics of the FBI • So anyway looking down here on the donations • There's always some--glad-hander grandstander that always wants to be number one, this idiot George Webb or George Sweiggert • So I'm thinking about doing that that dope • So anyway that is this morning's update • Day 170.2 Trump Sanctions Deripaska. Firtash and Pinchuk Next? - YouTube • It's Day 170 • And this is part two • And the big news story obviously is the Treasury Department's sanctioning the different Russian individuals as well as entities • And they're seven Russians, including Oleg Deripaska you remember Oleg Deripaska the pasta that comes out of your salad with the derringer that Deripaska • You've also got 12 Russian companies and then 17 senior Russian officials • And these officials usually are just kind of fillers • And its really the companies and the Russians that are really interesting • Now, you'll notice that we've done a lot of work on a like Deripaska • So I created a playlist for him • And then also with Russian companies you'll see three or four different Russian companies like VTB Bank and others that I've focused on • And that I put out on Twitter as well this morning's for background on who these people actually are • What we're going to continue doing is continue identifying more Russians more of Hillary's Russians • Christopher Steele's Russians, Andy McCabe's Russians that they work with • And these are just organized crime figures they were FSB agents they became organized crime figures • And basically they've been running different types of Kompromat • So we'll be focusing on Russians like the VeroPharm deal with Abbott Laboratories here in Chicago with Rahm Emanuel • And our famous basketball-owning Russian oligarch basketball-team-owning Russian oligarch in New Jersey Mr. Pinchuk • We'll be looking at the pinch-Bears the famous crowdsource a crowd strike a hacking team that potentially just got exiled or expelled by Trump • So the are the pinch Bears associated with Pinchuk? • Was that associated with getting the VeroPharm deal through and other Russian drug company deals through other Russian weapons deals through we're gonna look at that we're going to look at Firtash we're gonna look at other oligarchs like Katsyv and we're gonna look at Friedman • So all those names will be coming • And our objective here is to add to the list of people on the US sanctions • Take out all of Hillary's and Christopher Steele's and Andy McCabe's Russians: that's the key • Now, the other thing that could help is bring people to the White House that can luminate Trump's knowledge of anemic Apes Andy McCabe's tactics • And also informed public policy on terrorism counterterrorism somebody like a Robyn Gritz being invited to the White House is what we recommend • We still have a hostage in Iran this • A lot of these dealings with the Russians were for the Iran deal we have Anthony Weiner's trusted staff negotiating these deals on Blackberries • We have the different Gmail accounts from the State Department negotiating these deals with Iran • Now, we have people shooting people from Iran at YouTube • And now, we still have a hostage there in Iran • Was Robyn Gritz shuffled off the Robert Levinson deal because she was making too close--she was getting too close to family--she's making too much progress? • We really don't know the answer to that • But we think that President Trump would do well to get an insider who's been on the case since 2007, has years of experience with negotiating with the Iranians, to the White House to get an outside the bubble perspective on the Russian Iranian situation • I'm not going to transcribe the live videos--they are too long and I can barely keep up with the short ones • Day 171.1 Why Be A DHS Expert If You Ignore the Awans? - YouTube • It's day 171 • And just to be sure I checked into the plum book • And made sure my brother wasn't in there, and he wasn't • So the plum book if you don't remember is a listing of jobs available in the public sector • These are civil servants jobs, starting at the presidential appointees, down to Senate confirmation, to just presidential appointees without senate confirmation, and then of course the all ubiquitous SES a Senior Executive Service, which is sort of a sort of a union if you will, at the top executive levels inside the Government • What I'd like to do sometimes is take these names or different keywords and go through the plum book • And just show people the number of occurrences • And I realize this is kind of the hard work of research • And maybe not particularly interesting for all the catfights on Twitter etc catfights on YouTube • But it is kind of the stuff that makes or breaks hypotheses and kind of moving the ball forward • So anyway if you remember before I just took the occurrence of the word homeland • And I saw 39 occurrences over here 39 occurrences in the plum book • And my theory here is that the DHS or the Department of Homeland Security is sort of used as a wedge or a funnel for the DoD to kind of insert people into a kind of a national control mechanism--a U.S. control mechanism • So the same techniques used overseas to gain control of kind of a an undercurrent or or a party or a union like the SEIU let's say • And then you would take over that labor union like let's say Poland way back when when Poland was being overthrown, you would use that Union to do all your communications protect your communications until the time of overthrow • Is that the same thing the DoD is doing in the United States with SES? Is sort of theory • So if you don't remember Lisa Monaco would just go down a list here this is really the first occurrence • She's really kind of brought up as a--a young, hard-charging young female attorney as a DHS expert • And then if you remember the kind of the PR shots in the White House • Here's Lisa Monica of course Susan Rice and Samantha power they all sit on the couch together all day like that and go through their papers • So these are kind of glamour shots obviously this is not a very realistic working situation here in the White House • So and I understand a certain amount of this this is a this is good PR... • She's from the University of Chicago and then got a pedigree at at Harvard • So moving along in the plum book • She's not even Senior Executive Services you can see over here she is--just presidential appointee • So we'll go quickly through the different appointees in Homeland Security • And most of the folks are not listed there this--kind of a Ditto kind of thing career incumbent they're Korean come • But they're--they're ditto there and then career incumbent • Again, this Thomas F Atkins interesting • So I just what I do on these is I drill down on two or three just to get a feel for people to get a feel rather than just end the discussion, and not do any more detail detailed research on the SES books • So here's Thomas Atkin--was once the former acting secretary of defense • I don't know if that is when who who was the Secretary of Defense he was acting for • But he's got his own group now, he's left in 2012 • I'm trying to think of what shake-up happened inside me Department of Defense at that time • Senator from Nebraska I believe was the Senator then became the Secretary of Defense • But anyway he's got a new company now, he's broken away from the...or else he's joined this other group • Here he is the assistant secretary of defense here cyber strategy...and then Homeland Security • And then of course the obligatory time at Raytheon--gotta know where those cruise missiles are at all times • Then of course a visiting fellow here at the Homeland Security Institute and here we go back to the Coast Guard • And this seems to be the Coast Guard seems to be that kind of a key inflection point for kind of entering people into DHS • Seems to be quite a bit of emphasis there • Border security and so forth Operations Group • And the my only question is--I look at all these different resumes, and I see all these add all this expertise • But the simplest questions that can't be answered in Washington • About what's going back and forth on Imran Awan's server? • What are the terabytes going back and forth Imran Awan's server? • A lot of this emphasis starts on FEMA I noticed there's a similar emphasis with the Army with FEMA on some of these resumes • So he kind of comes up the ranks for FEMA here • So I'll just quickly go back here, look at some other resumes • Vacant • Career incumbent • Vacant • Matthew Gula that's the GS position • So Jeh Johnson of course we all know • Mayorkas was kind of the guy who was kind of drummed out of the service because of dirty dealings • And Erin Walls she's GS so we won't talk about her • And again, when he gets to the ES positions • Again, you see there's just a lot of vacancies • And again, John Roth was the Inspector General of Homeland Security for another career incumbent • Just not a lot of data • The only one person really would get any data as the Coast Guard guy • And is that because that I don't know Americans have an affinity for the Coast Guard? • Here's John Roth we still don't have an Inspector General for Homeland Security • Again, that's another position, yet another Inspector General position, that's not filled with the Trump administration • I don't know if that's by design or on purpose but • Again, here are the whistleblower protection Ombudsman vacant vacant • So you've seen really there's only one here • Again, Ditto • Only one position we've seen • So far in the ES • Again, vacant of who actually runs these things and • Now, here this is a million homeland security • So those are all the occurrences of the word Homeland Security • And my takeaway would be we need to know these names • And we need much more scrutiny on if you're going to be in Homeland Security if you're gonna be an expert you're gonna be the assistant secretary of defense you're gonna have all this border security, and all this knowledge, and all these consultancies, all these groups, all this expertise, you have to apply it to the most pressing need in the country right, now, which is the Awans • Terabytes to Pakistan • Hundreds of suspicious payments • Thousands of suspicious logins • If you don't apply your expertise to the most pressing problems, what good is the expertise • Day 171.2. Introducing UpWhistle and Rich Seng - YouTube • It's day 171 • And i'm here with the founder of giggety this is rich hello saying how you doing yeah how you doing to everyone like many of you I've been following George from--day 50 or • So really been impressed with how media is changing because we can • Now, take control of the narrative • And we're no longer trapped into the mainstream media • And riches rich is not satisfied with just having a first name of rich • And he has filmed people who's saying • And he did get rich that way as the founder • And CEO herein • And I don't know how rich you are now • But I'm penny not uppity giggity-giggity I figured no no diggin what we did yeah giggity is a live streaming company we would go to music venues • And comedy clubs how to use you this morning YouTube could have used you • And we installed the cameras • And microphones permanently • So that event you no longer had to like--do anything • But just spend one minute scheduling to start time • And end time on a broad kind of like a newsroom yeah • And then--is it going to be free or pay-per-view if it's a pay-per-view how much does each artist receive • So we're like buddy guys legends we're at second city in IO • And venues in Los Angeles • And in Boston • But still were 40 or 50 of these venues about 40 yeah and--we were allowing people who could not attend a rock show or a comedy show to just pull up the live stream • And then get then get money for all the artists to watch run if your patreon that's perfect yeah yeah • But it wasn't like a donation it was more like you had to pay five bucks for the pay-per-view ticket oh • So it's more than just a donation on the month • Now, you see the Flatiron Building behind us do they call this area of the Flatiron well this is areas Wicker Park • And it's mainly like an old Polish neighborhood *--they built all these old buildings just fix this Roby hotel over the Robie Hotel your startup have your meetings on the second floor of the Roby great great breakfast there too we didn't actually eat there we just look well we had some bagels yes courtesy of giggity yeah • So I always make offers to make myself rich • But I try to I try to make it look like it's a team effort because that's what I do right and • So what I talked to you about was up whistle • Now, here's my idea of up whistle is--how you upload stuff--people upload stuff right yeah yeah wouldn't it be great wouldn't it be great if whistleblowers had a way of up whistling if you had like some like oh here's Imran leaving with the Bitcoin--with the leg up like this leaving Rayburn if you're Andrew McCabe with like a change of conscience in a lumination of your conscience yeah Rahm Emanuel • And you're--going into the back of the cabs--getting the drop from from Podesta would it be great if you could up whistle yeah well you put up your your leak theoretically • And then the crowd would go • there's something here that the main guru you could vote it you could own it you cannot vote it • And vet it • And then--what I found out--what I found out I had this great idea of up whistle I had this out domain name • And guess who had the domain before me yeah I happened to scoop up the name right before George • So I own up whistle calm • But it's going to be something for like like one of the things I've watched Infowars like Alex Jones used to infuriate me because there's • So many good stories like yours that just never got hit upon • So I'm like what if there was up whistle where people could people could bet those RLC SSDs convention this weekend people could vet the idea • And then then Alex Jones • And all of these like independent alternative news wired networks they would just have the cream the cream a story this the cream idea would just be right there for • So it's better than up voting it's up whistling because what you're doing is you're working you're going on to a crowdsource sites you're getting a lot of data you're you're finding some kind of stuff it's kind of like our Trello board only it's up whistle for everybody • Now, the world cannot vote that on the Trello board base yeah yeah yeah • So basically--if you are an insider • And you have that illumination of conscience well you're like--this is hurting society civilization this needs to get out well let's just say somebody said here's the address of mis department yeah could you go by • And fill me in todepart yes you could you could just--hop on your bicycle you get on the bus you can yeah well maybe we'll do that see if this guy's really--how did you let me talk you out of • So much stock in our first meeting yes I think I think they're going for you rob we're here in Winter Park at he's just a faker • let's let's put you to the test let's see if we can find we're gonna give we're gonna be like a scavenger we're gonna give you its on California talent we're gonna give it a walk yeah we're gonna see if you can find the Mis Department we're all the FBI phone calls remember Hawkins member Andre Hawkins making all those phone calls that's what that that metadata I just told the story that metadata when I share it with two people from the DNC at I won't say what place in Washington DC they said no no no there's two letters there's two joint funding letters I'm like oh there's another joint funding letter thank you • And then Donna Brazile came out with a prequel about three days later admitting to the second joint funding agreement to sweep the NGP Van data sweep the money to Brooklyn • let's go let's go • Day 171.3 MIS Department For the DNC. - YouTube • It's day 171 • And here we are at the MIS Department for the DNC and so it's a public address right? • So we're the public address it was I first found it once MIS was in the news and everything your news yeah it was on Facebook • And I'm like oh my gosh this is like it's on California Avenue I'm just six blocks away • So I just rode my bicycle here, and the building is right here yeah and • So this antenna behind us is the 14th precinct to here in Logan park? • Logan Square Logan Square • So this is kind of the new gentrified was Wrigleyville • And then it was Wicker Park.. all right with the park and • Now, yeah it's constantly like moving Northwest from from downtown area • But yeah yeah • And it's real complicated you think I mean this is the location • It's obviously a business address according to the DNC yeah • And how many times do you think Adrienne Hawkins would have called? • Wait history maybe six nine nine nine times • And the Calls came here and they didn't answer the phone! Answer the damn phone yeah! • So anyway there it is this is the famous location this is what I noticed the I did like OJ Simpson driving the white Bronco • There's a there's a guilty demeanor here • Like a guilty conscience that you see whatever they're just security yeah I don't think the choppers live here anymore • well they must get some blood buzz here if you go they have cameras • And they moved the camera • So oh it used to be in behind the window on the second floor • the no loitering no trespassing 14th district police call 9-1-1 • Let's let's keep moving then we certainly don't want I just was trying to get my donations back • And I was wondering if I could put a slip in, like a night slip saying hey could I have my could you un-exfiltrate--is that a word? • Can you un-exfiltrate my terabytes from Pakistan my NGP Van data all the--all the personal information that they scraped with the Facebook profiles • Now, let's see Trump got what 27 thousand Facebook profiles and Cambridge analytica gave Hillary what like 4 million or 40 million? • yeah I know I up the AGP ban hold all that oh I don't know I don't know how many Hillary got • But I know Cambridge analytic I think Facebook just announced that it's like not 70 million • 70 million Ok we're up to 70 million profiles here yeah • So and then but Trump did get 20,000 • So let's like call him on the carpet for that right • And get Bob Mueller Bob highly-enriched Mueller • So here we are in beautiful Logan Square we're gonna try to cross the street without dying • So I guess you think the Chopras--I don't think the choppers still live here • Well do you think Oprah's was just a cover like Chalupa where's Chopra's like Chalupa? • Yeah they're going to great lengths to conceal their identity, it seems • Like yeah I mean I think everybody said oh we love Chopra's I think they said • Willa who sounds really smart to everybody trust well that Chopra guy right yeah • What's his name Chopra the Chalupa how was it--it was the Alexander Chalupa for the Ukrainian girls okay • But I think they thought: well if we have the Chopra's running the Mis Department yeah they'll seem like a bunch of smart trustworthy people yeah • Not the Awans, the ones that get arrested for coming in from Montreal and PAK ISI • So there you have it well we'd like to upwhistle this suppose we wanted to upwhistle this right upwhistle is is not up yet--we're just • Now, kind of like brainstorming we're gonna race home anima • But what if we had all the pictures of the inspectors general yeah right listed all 73 • And you could up whistle if you remember the house you'd have Theresa Graphenstine's pictures search house • So first of all you'd know who your Inspector General is right • You would then, so if you had if you were like you were saying for example in the Department of Energy--and suppose you were a relative or you knew something that was going on suppose you were there • And you knew that Imran was beating someone in the house... • So yeah yeah we would have to build something where you could perhaps anonymously put up a tip or a flare or something • So if anybody knows a good there was lithium and then a couple of other kind of like Facebook in Facebook type of things where anybody can post anything--you can post video you can post whatever yeah right • {{ 911: It's called 4chan 8chan. You're reinventing Q }} • And then you upload it you know • So you can upload your your hit • And then or your your your your allegation perhaps--suppose your lavoy finicum face Emily you could upload your family him being--shot yeah your grievance right right • And then and then you're just saying • community let's drill down on this let's let's test this idea let's see if it's true or not let's put forth the supporting evidence • And if it's true then we have righteous wrath--we then have a right to then demand justice or demand a wider investigation from our elected officials • And man I tell you what will populate the hell out of that house that house up whistle with the Theresa Grafenstine our Trello board whooo! will go right in there • Well thanks this has been great we'll have probably maybe one more secret up whistle meeting that you'll be a part of if you stay tuned • Day 171.4. Dough-Nation UpHustle On UpWhistle Stock - YouTube • Rahm I'll get you the bitcoins soon we're gonna try to get it in the basmati • The basmati barge the basmati barge hasn't come along just yet • But will we're gonna try to get we're gonna put it in some Lobster Thermidor ice • Oh wait oh we're on we're live uh hey • So upwhistle--already you remember donation • But not donation • But dough space nation---they should do ugh nation the guy who did the shoes that guy who did taskforces shoes • Dough Nation was trying to sell me upwhistle shares. • He said hey I got a friends and families round: tier one to your level get in on the mezzanine get in • << video cuts. It's probably a good thing>>> • Day 171.5. Leaving Clinton Station For Loop Capital With Rahm Bitcoin - YouTube • Day 171 here we are in the loop • Not Loop Capital, we're just on the regular L loop • They don't say loop capital, so that's not my train • But anyway talking about upwhistle, we're looking at 73 different inspectors general • One way more important than all the other ones, which is the Intelligence community Inspector General • But we're looking at upwhistling 73 different inspectors general • We're gonna start with a house of course getting that position refilled • We're going to start with the IC community Wayne Stone • He needs to go out • But then Department of Energy--the IC community is probably the most important • But having a place in where people can upwhistle all the documents • Hey here's an interesting thing: Imran stabbed this girl • That's interesting here's the police report just up whistling documents like we did on the Trello board • But for all three inspectors general • If I saw for instance a problem with the track here I would want to just take a quick picture it's at Clinton • You don't want this train to derail • But you don't want to wait forever you want to react immediately • You want to take advantage of the Intelligence of a crowd • Day 171.6. With Robyn Gritz Vs Bromwich Let's Get Robyn Over$23K - YouTube
• It's day 171 this is part six I think something like that maybe seven
• So here with Robyn Gritz as you can see wave hi Robyn
• And her are talking quite a bit with Bernie bridges--that's Bernie bridges
• What we really would like to do is get Robin she's only a hundred
• And forty bucks short of twenty three thousand
• And really what we're trying to do here is to compare real grassroots fundraising, versus this Bromwich, which I call broom-which
• Bromwich is the all Inspector General for Bill Clinton in the DOJ
• And he's got a PR firm now
• And he--he's been in all these high-profile cases DOE
• And did the BP oil cleanup...and Andy McCabe
• He's now representing any McCabe at this PR fake PR \$500,000 go fund me that Andy McCabe has for his legal fund
• So I just like to show everyone what real grassroots fundraising looks like
• And if you could spend a little time today, give Robyn Gritz some love
• I'm still the top contributor one thousand sixteen dollars if anybody wants to beat that I'll go higher
• Day 171.8. Gritz Gofundme Part Two - YouTube
• It's day 171 we're here at the Robyn Gritz fundraiser
• You see a lot more people are here a lot more people are learning about Robyn Gritz and all the different things she did while being an FBI agent
• She's talking to Task Force here [Music] [Applause]
• One of the things I've learned I've learned so much
• But there's a file there's a Gritz file
• And I would put this out to all the internet people are being spanked here while I'm talking
• There's a Gritz file yet that Robyn gave to Grassley--Robyn Gritz gave this file to Grassley
• It was all the pain it was all the press clippings of all the terrorism cases that she worked--it's the Gritz file
• And it literally reads like 20 different cases in our modern American history
• And what I want to do over the next couple of days
• And I would love for Jason and crowds aren't the truth Crowdsource the Truth or Emerald Robinson at One American network to do this more professionally that I can
• But just tell the story of all the cases that Robyn Gritz has worked
• Who knew that she worked the 20th hijacker case?
• One she worked the 20th hijacker case
• Two she worked the Sabina case--the Iranian journalist, the beautiful beauty queen Iranian journalist, Sabina
• And got her extracted from Tehran, from her kidnapping
• Who knew she saved a plane of 300 people
• Who knew how many different mob disruptions of commercial airlines there were
• Who knew there was a thousand people in a planned bombing in India that she subverted and disrupted
• This is Robyn Griz story the Robyn Gritz story is
• So much more than you know
• It's not just the only woman to have the courage were the only agents and the courage to go against Andy McCabe
• She's not just the Robert Levinson negotiator
• She's not just the captain Phillips--Navy SEALs three Somalis pirates zero--that's not--that's just a very small segment of the hundreds of cases, the hundreds of cases that Robyn Gritz has done
• It's my job to crowdsource the outline
• I want Robyn to write a book
• General Flynn has told her write a book
• Tony Schafer has said, well we want to get her to touch with Tony Schafer at McCulloch who's Tony Schafer's lawyer
• We want to crowdsource the outline we want to crowdsource the first chapter
• We want to crowdsource the third chapter the 2nd chapter
• We want her to get a book deal
• We want her to get a movie deal
• This is a true American Hero--it doesn't matter if she is a woman or a man
• Robyn Gritz has stopped--has stopped the one one man in history and of our country to perform a Sedition--to perform a sedition in our country
• Andy McCabe
• She was a one agent who stopped that
• Day 171.8 Gritz File Will Reveal A Hidden History of America - YouTube
• OK it's day 177
• And this is part 8
• And it's pretty late into the evening
• And we are here near the Rosemont mall not far from the O'Hare Airport just over here where Rahm is collecting Bitcoin on the are from Imran and friends
• But I had a chance to spend about eight or nine...gosh it's been a long time with Robyn Gritz
• And what I've learned is I don't know anything about the extent and the breadth and depth that Robyn Gritz had in terms of our national history
• I mean we she she starts out in New Jersey with the Blind Sheikh
• 9/11 happens
• She is involved in flight 77 that goes into the Pentagon
• We have the anthrax case with Tom Daschle, not too long after that
• Of course we have the Robert Levinson case after that
• There's a couple of other plane interdictions or bombing interdictions that I need to bring out
• The Saphira journalist--the beautiful Iranian journalists I think she was like Miss North Dakota
• And extricated her from kidnapping--that story
• There's just so many stories that have been buried
• And--everyone says well--just let it go no I'm not gonna let it go I'm gonna throw it up on the wall and say hey these were all things that Robyn Gritz did as a great agent--
• Everybody says oh--Maersk--Captain Roberts was a great thing--the only agents to stand up to Andy McCabe
• It's very cold, so I'm sorry I'm chattering a little bit 8 Everyone wants to say all these--11s...she was very close on Levinson she was doing something on Uranium One
• John Solomon was talking to her, Sarah Carter was talking to her
• She was very close on something with Uranium One I don't know if Robert Levinson or someone
• But there were agents agents on her team as a Supervisory Special Agent that were abducted or not abducted, but they were withheld or held in UAE
• And I believe as I've said before the UAE is the conduit to Iran
• Were their reactors sold from Lawrence Livermore labs to the Iran?
• Where their secret centrifuge farms with Jeffrey Sterling, selling the big washing machine type centrifuges, and then the smaller microwave type centrifuges
• We really don't know, but a lot of pieces could come together if Robyn would get out there on a like a crowdsource of truth or a one American network
• And do the long-form interview
• And really put out--the pieces
• And what I really want her to do is kind of crowdsource the outline crowdsource the outline of all these--
• She she really has just been involved in all these different cases in our American history it's just amazing
• And she presented a file which I call the "Gritz file" to Senator Grassley which just case after case after case after case of--newspaper clippings of things that she'd been involved in
• And I think it's really up to people like Crowdsource the Truth or I can do it--whoever to really--cover the whole panoply of the full flight of the arrow as I like this to call it of Robyn Gritz's impact on American history
• I mean it's it's it's quite amazing--named a case--xx xx hijacker case one in case to just being one Sapphira being another case
• All these cases are just like been sublimated, and they they need to be brought to the fore
• And the other piece is Andy McCabe's co-opting of the credit before these cases also needs to be brought out
• And I think when the American people see this the this hidden history the rewrite is going to occur very quickly of what actually happened in the last 20 years
• And this cabal this self-congratulatory, self self-rewarding, self-dealing cabal will be exposed at the FBI