Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements
Merits 9 from 3 users
Re: [ANN] Whirlwind.money | ⚡No Fee⚡ | Ultimate Privacy | Anonymity Mining 12% APR🔥
by
whirlwindmoney
on 12/05/2023, 16:01:50 UTC
⭐ Merited by LoyceV (4) ,LeGaulois (3) ,dkbit98 (2)
We received an unfortunate support inquiry and after discussing with the user in question we asked for his permission to post on bitcointalk and let the community decide how this matter should be resolved. He agreed as long as we do not reveal his transaction so here we are.

We are posting this in the ANN thread because we can't stress enough how important it is to find a general consensus on what should happen in this situation since it could have long-lasting implications for the future and we want to treat everyone fairly and show full transparency.

We will respect the community's decision, whatever it will be. To be clear we are not accusing anyone of ill intentions, we will lay out the facts and we kindly ask everyone to voice out their opinion.

The user contacted us and this is the information given to us:
1. He didn't save the Note Private Key
2. He didn't save the Note Public Address
3. He didn't save the Letter of Guarantee
4. He doesen't remember the exact donation % used
5. He can sign a message from the address used to deposit on Whirlwind


From our point of view the situation looks like this:
The user signing a message from the deposit address is definitely helpful, but that by itself doesen't prove anything other than the fact that indeed he made a deposit

As said before our databases (backend + 3 signers) only hold the Notes Public Addresses and their respective balances. We do not store any timestamps, information about deposits/pay to note/withdraws. We used this approach to keep Notes private even if a database breach happens at some point.

In this specific situation this is a huge problem because we ourselves have no way of linking a deposit to a Note, so unless we receive the Letter of Guarantee it's just a guessing game at best and we need to trust the user's word as we have nothing else to work with. We also have no way of verifying if the Note balance was partially or completely spent already because we do not know which one it is.

We checked the databases and there is more than 1 Note with a very similar balance, we calculated using what the user recalled was his donation % used and the numbers do not match exactly. This indicates that either he doesen't remember the % correctly or we are lied to, again there is no way for us to verify. In fact another possibility is that he spent his Note already, and none of the ones we see in the database are his.

The system is built in such a way that our manual intervention shouldn't ever be needed unless the user himself makes a mistake. Considering that at some point we will decentralize the service and there will be more signers manual intervention will only become harder to do so we need to agree on some sort of 'standard procedure'. It's important to mention that if the user ever finds his private key he will be able to withdraw without issues, the funds will remain on the multi-sig. (provided we don't identify the Note, delete it from the database and do a manual refund)

For us this is a lose-lose situation no matter what we choose to do since 'solving' it in any way would imply that we are not abiding by our own rules which are clearly states everywhere.(save your private key or you lose access to your funds, and in order to contact support you need to provide the LoG).

We have the following options, if anyone sees a better solution please let us know:
1. Refund him from our reserve and risk setting a dangerous precedent while also risking taking the hit ourselves in case we were lied to. (The Note would remain valid because we wouldn't know which one to delete)

2. Temporarily disable all Notes with similar balances and wait for the other Note holders to contact us to reenable them. If after some time 1 Note remains unchanged and we didn't receive any inquiries about it we would assume it belongs to this users and refund him. We would still risk taking the hit ourselves because the remaining Note holder may just not pay attention to the situation and not inquire about it only until after we've refunded. This is another dangerous precedent which we would like to avoid at all costs.

3. Treat Whirlwind as a network and respect the rules, in this case we will not be able to help in any way and the user would lose access to his funds assuming it's true that indeed he lost the private key


Regardless of what the outcome will be this should serve as an important lesson for everyone to never deposit before making sure you saved your Note Private Key. If you have access to it you won't encounter any issues.

Looking forward to your opinions.