Fledgling web browserÂ Brave, which doubles as an ecosystem for rewarding content creators with its native cryptocurrency, has drawn heavy criticism for the way it intends to combat fraudsters looking to exploit its platform for profit.
Riccardo Spagni, spiritual leader ofÂ privacy-focused cryptocurrency Monero, says those in charge of Brave may have inadvertently afforded themselves power to âstealâ unclaimed Basic Attention Tokens (BAT), Braveâs internal ERC-20 token.
Oh wow â this is amazing, I just read up on the clawback. The BAT ToS letâs them steal âunclaimedâ tokens after 90 days, but they can also use âSybil attack investigationâ and KYC/AML excuses to prevent you from claiming your coins for 90 days. Theyâre basically the mafia.
â Riccardo Spagni (@fluffypony) November 22, 2018
Spagni also accused Brave devs of using complicated Know-Your-Customer and Anti-Money-Laundering (KYC/AML) regulations as excuses for affording themselves the ability to keep BAT intended for content creators within the ecosystem arbitrarily.
To find the truth, Hard Fork spoke with lead Brave co-founder and former Mozilla CEO, Brendan Eich, to step us through what powers the teamÂ actually has right now, and why they might be necessary.
But first â this is what Brave does
Brave is a new browser which encourages users to reward their favorite content creators (like YouTubers) by anonymously sending BAT tips to those publishers.
Devs built Brave (and BAT) with the intent to lessen impact of the internetâs growing reliance on ad-blocking software, which cuts off critical ad-revenue streams to creators. Brave users are able to send tokens to content creators âdirectlyâ from within the Brave browser.
The idea is, if a browser-integrated tipping solution exists, both revenue and quality of user experience would both dramatically increase.
There are two ways for users to get BAT into the Brave browser to reward publishers. They can purchase BAT from a cryptocurrency exchange and send it to an internal wallet managed by the Brave browser, or they can take part in monthly funding campaigns to receive free BAT for tipping.
These free BAT tokens come from a special pool, called the User Growth Pool (UGP). Every month, Brave distributes grants from the UGP to encourage people to browse the web with Brave and send tokens to the sites and channels they visit.
OK, so whatâs the problem?
The controversy centers on the way Brave is said to handle instances of fraud. As there is real profit at stake (BAT is actively traded on exchanges), special considerations must be made to ensure the tokens distributed by tippers end up with legitimate content producers.
For example, Eich told Hard Fork âhundreds to thousands of fraudulent usersâ (many of them bots) are currently receiving grants. When they do, they immediately forward the funds to YouTube accounts with âtwo videos having only a hundred views (or far fewer) each,â an obvious case of fraudsters posing as content creators to steal revenue.
While that is true, this argument is about language in Braveâs terms of service agreement, which has been claimed opens avenues for Brave admins to steal âunclaimedâ tokens after 90-days of inactivity.
Further, other related anti-fraud procedures are said to prevent users from claiming BAT donations for a different 90-day period, implying BAT could be permanently confiscated from users if they are âdeemedâ to be fraudulent.
Eich says this is simply not the case.
âThe only person who can move BAT from a wallet is the person who has that walletâs key. If weâre talking about BAT that you own, Brave doesnât have the key,â Eich told Hard Fork. âThereâs nothing we can do to touch your BAT. BAT in a wallet you control cannot be âconfiscated.â KYC has nothing to do with this fact, and in any event, user-provided wallet KYC is not yet implemented.â
Itâs worth mentioning here that major cryptocurrency broker Coinbase recently added BAT to its list of supported cryptocurrencies, amplifying the need for Brave to install appropriate KYC/AML regulations.
Eich says the controversial parts of Braveâs policy simply describe what happens when BAT is distributed by Braveâs integrated wallet, and have absolutely no bearing on what Brave admins can do with purchased BAT that has been imported to the browser by a user.
If a user claims BAT, but doesnât hand it out within three months (90 days), it is reintroduced to the UGP, ready for the next month. This removes the problem of having BAT locked out of circulation by users who suddenly stop using the platform for an extended period of time.
âWe make this clear to users when we offer these grants, and when showing them unspent with an expiration date in
the user interface,â Eich assured Hard Fork âWeâre not going to hold a potential grant in limbo forever waiting for it to be used.â
Eich then stated it was incorrect to assume that this grant expiration policy means Brave contains a smart contract method for âconfiscatingâ on-chain BAT from the browser wallet.
Braveâs BAT token is subject to third-party KYC
Eich specifically told Hard Fork that the free BAT distributed by UGP grants are not written to the Ethereum blockchain (confirmed) untilÂ after anti-fraud checks, andÂ before they are handed out to verified content creators.
This is important. It means that the anti-fraud checks are absolutely integral to Braveâs BAT ecosystem, as content creators are effectively cut off from receiving BAT tokens sent by anyone Brave flags as a fraudulent user.
Similarly, creators are currently unable to to receive any tips at allÂ unless they first prove ownership of their site or channel,Â as well asÂ undergo KYC checks with third-party service, Uphold Inc.
As it stands, there isÂ no time limit on how long Uphold can hold BAT destined for a creator, pending its KYC checks. Eich also assured Hard Fork that Brave has never taken tokens from a creator who has waited too long to verify themselves, claiming that any tokens bound forÂ unverified creators just sit, for up to 90 days.
âWe donât hand out free BAT when someone is trying to game this system, say by running many instances of Brave in a cloud hosting service so that they can try to claim a bunch of grants without actually using the browser,â implored Eich. âWhen people try to defraud the UGP like that, we flag those creator accounts. But itâs important to emphasize that this isnât someone using their own BAT â itâs someone fraudulently trying to claim free BAT handouts from Brave.â
Remember â the 90-day window that allows Brave to reclaim âunusedâ BAT tokens only relates to the âfreeâ tokens distributed through the monthly grants, and this is only possible as tokens are never actuallyÂ written to the blockchain until all parties meet the required KYC procedures.
âWhatever we use to judge fraud, that affects only virtual tokens. If a fraudster wants to buy BAT and send to a fraud creator account, we donât care. Uphold checks AML,â stated Eich.
Introducing a new concept: Proof-of-Browsing
The BAT platform isnât just made up of Ethereum smart contracts. It includes both in-app and server-side code that ensures browser interactions between users and creators are authentic, meant to prevent Brave from being defrauded of the free token grants it hands out each month.
Brave flags fraudulent users and confirms phony creators arenât mistakenly receiving tips with a few fraud-fighting techniques. Eich colloquially refers to these measures as âProof-of-Browsing,â a cute spin on Bitcoinâs Proof-of-Work.
â[Proof-of-Browsing] is not a consensus protocol â just a turn or phrase aptly capturing our goals,â admitted Eich. âWhile Blockchain provides means of achieving distributed integrity, it does nothing to curtail client-side fraud. We therefore observe that many applications using blockchain nevertheless must invest in fighting fraud on the edge.â
Eichâs Proof-of-Browsing involves delayed BAT token payouts, preceded by âoff-chain analysisâ of how the free grants are distributed by the platform each month, to make certain that theyâre being sent to real humans.
Hard Fork also learned Brave will be adding special technology calledÂ Secure Remote Attestation, used toÂ checkÂ people are being rewarded for using theÂ Brave browser by analyzing client-side inputs like mouse movements. After all, it canât allow bots to illegitimately farm cryptocurrency just by faking surfing the web.
To this point, Eich actually concedes these measures render Brave (and BAT) âsemi-centralized.â While not perfect, using Uphold allows Brave to pay legit creators securely by way of the Ethereum blockchain, especially if they want to receive their revenue in fiat, or a cryptocurrency other than BAT.
âWe will decentralize much of the BAT platform over time, but as our âroadmapâ describes, not all at once and up front. That is neither scalable nor anonymous on todayâs main blockchains,â stated Eich.Â âWe will be adding [peer-to-peer] options in 2019, although they are not in demand with most creators. I realize this is maximalist heresy. It is true in our experience, anyway.â
Ultimately, Eich doesnât really see the point of Brave adopting overzealous KYC/AML procedures that end with on-chain token confiscation, something he says is technically impossible.
He concluded that KYC with custody may be a good idea in some scenarios, but it is a poor match for grant-giving and ad revenue-sharing contexts, where fraud prevention is acutely needed.
Published November 23, 2018 — 16:18 UTC