In hindsight there are many red flags. Tbh I invested some BTC in this project, but if I look back that was a stupid decision.
- Code is not published/auditable
- Only level 3 investors get the exchange code
- Virtually no information about the people behind the coin
- Ridiculous claims about 10000% profits are not unlikely. That alone of course is a big red flag.
Then a warning for everyone who created an account for the BETA version of the exchange: I have seen the exchange source code (which is crappy as hell), and your passwords are stored in plain text and can be read by the dev. If you used a password that you also use for other accounts, make sure you change the password at the other accounts (better is not to re-use passwords).Of course, the same goes for your passwords at other parts of the site: the wallet, the ICO part, etc. You cannot be sure your information is safe.
We are sorry about that, that's an early version of the code and we removed the md5()
http://php.net/manual/en/function.md5.php function to encrypt passwords for debugging purposes. We will set up a git repository in a couple of days and give access to Level 3 investors with the newer version.
We always pay bounties for people finding bugs in our code, so we are open to this kind of findings.
Well then I deserve a bounty for that. I want it in BTC please. How much is my reward?
BTW: md5() is not a way to encrypt passwords, and if you only do md5() you will still be vulnerable because a rainbow table attack is possible. Md5-ing passwords is not sufficient.