Your identities at risk – Originally, the cryptocurrencies were based on concepts of pseudonym and privacy. However, in parallel with democratization, the use of identity checks is more and more frequent. A situation that can be critical for privacy in the event of publication of the data.
Tokensoft et son Soft DAO
Tokensoft is a launchpad-like platform hosted on Ethereum. This makes it possible to organize pre-sales of tokens before the launch of crypto projects.
On August 31, the Tokensoft project decided to evolve by announcing the creation of a DAO titled The Soft DAO. The objective of this DAO is to help nascent crypto projects to structure themselves.
“We believe The Soft DAO can provide the appropriate, equitable, and decentralized community coordination infrastructure to help catalyze decentralized self-sustaining growth without the pitfalls and inefficiencies of traditional organizations. »
Like any DAO, The Soft DAO has its own governance token: the SOFT. Subsequently, The Soft DAO teams announced that the token would be launched via a community airdrop.
“We are happy to announce that we have started account registrations for “The Soft Drop”. An airdrop of $SOFT tokens as part of the DAO community initiative. The allowance is intended to reward loyal supporters as well as active members of the community. »
However, to avoid the sybil attacksThe Soft DAO a mis en place un identity verification system.
As a reminder, a sybil attack aims to create several identities within a system. These are commonly used in the context of airdrop, so that a user can benefit from the allocation several times.
>> Are you looking for a duly regulated crypto platform? Sign up on Binance (commercial link) <<
Tokensoft discloses user information
However, on November 12, this story took a very surprising turn. Indeed, we learned thanks to the alert launched by @cryptogle on Twitter that the teams of Tokensoft had exposed the personal information of more than 5,000 users.
“TokensoftInc has just released the KYC content of around 5,000 users – full names, wallet addresses and IRL addresses – because they believe they are ‘bad actors’ trying to take advantage of the airdrop. . »
Thus, the teams released the personal information of thousands of users, voluntarily. A maneuver that is sorely lacking in ethics and respect for its users.
That they decide not to distribute the airdrop to these users because their detection system has highlighted an attempted sybil attack is one thing. However, publishing personal data to “punish” users is another.
In addition, this maneuver may prove to be totally illegal in a good number of countries, as our Internet user has pointed out.
“I don’t know where they are based, but doxing is illegal in many places, as is leaking personal customer information – it’s not only dirty, but potentially dangerous for victims and leaders alike. project themselves. »
“A file error”
After a long silence, Tokensoft teams have finally brought more explanations to the case.
Thus, it would seem that the wrong file was posted on Discord of the project. Indeed, Tokensoft initially wanted to publish a file presenting only the Ethereum addresses excluded from the airdrop.
« Yesterday we were informed that information had been posted in error on Tokensoft’s social media channels. We take all necessary steps to ensure that the technical error is resolved. We understand that Tokensoft customers and users entrust us with sensitive information and we take this responsibility very seriously. This event did not meet Tokensoft’s standards and we have made staffing and operational changes to meet Tokensoft’s privacy standards with the care and consideration we and our customers expect. We will soon contact all the members concerned. »
Anyway, the damage is done and the information has already had to be saved in many places. These will likely end up in databases intended for phishing attacks.
A situation that we would have done without, especially in this dark period for cryptocurrencies. In effect, the ecosystem is shaken by the fall of FTX and the various revelations related to the case.
Whether you are a fan of DeFi, Bitcoin or one of the cryptocurrencies that populate the market, it is essential that you have an account on Binance, the major player in the trading ecosystem (commercial link)