Algorand Wallet Terms of Service

Fab · April 4, 2021, 2:55pm

Hi,

I joined the Algorand community recently and I came across a disturbing detail on r/AlgorandOfficial (see below or here).

From what i understood, with the possibility to terminate access to the use of the Services of Algorand Wallet, at the sole discretion of the Algorand Foundation, at any time and for any reason, with or without notice to the users, the entire protocol should be compromised!

Is there anyone from Algorand Foundation or the community who can comment on this?

-------reddit post-------

janus94523

The Terms of Service state specifically:

“Right to Terminate. We may terminate your access to and use of the Services, at our sole discretion, at any time and for any reason, with or without notice to you.”

This centralization of the wallet creates a mechanism where the ENTIRE PROTOCOL is COMPROMISED. Below is the explanation and outline of the attack vector to compromise the entire proof of stake mechanism of Algorand.

Based on the referenced Terms of Service, if the Algorand Foundation or other entity has the ability to revoke access to The Official wallet, they have or will have:

The ability to affect consensus through revocation of wallets( example: a legitimate high value wallet is revoked in order to increase the value of another high value wallet to be selected as a block proposer);
The ability to affect the self selection of lottery winners designed to validate the protocol by revoking access of those wallets. If the wallets can have “access to services terminated”, those wallets, no matter how large or small the value of the wallet is, will not be able to be self selected using VRF, between the period of revocation and re-establishing access through alternate means (another wallet) and as such lose the ability to self select as a validator if the block;
The ability to affect selection of Block Producers by revoking access of large wallets (example: revoke access to wallets larger than mine so that my wallet is the largest and as a result more likely to be selected as a block producer). It has been stated that the greater the value of a wallet, then the greater chances of that wallet being selected to be a block proposer. If all wallets with a value greater than mine were disabled/revoked then my chances of being selected as a block proposer increase and in some instances increase exponentially. This same tactic can be used against validators as the means to revoke an account are completely arbitrary;
By having the ability to revoke access to any wallet, at any time, without reason, cause, or consequence, the bad actor then has the ability to affect rewards, as any number of wallets can be revoked for any reason thereby increasing the opportunity for bad actor wallets to revive awards. By way of example, all wallets in China could be revoked and because of this the likeliness of rewards per bad actor wallet increase due to the exclusion of wallets that were revoked;
The ability to affect the entire chain subverting the Algorand algorithm as wallets with amounts greater than bad actor wallets could be revoked. Further, if all wallets except for those wallets that permit bad actors to control the largest wallets to the 30% threshold of wallets, bad actor wallets could be used then to wait until random selection (probability which increases by exclusion of wallets) of bad actor wallets occurred, at which time a “false” block is proposed, which is then validated by the population of bad actor validator who were selected as a result of the revocation of access of legitimate wallets (non-bad actor wallets). As the chances of bad actor selection increase the bad actors not only now have the largest stake(s) and ability to revoke any wallet they see fit without question or consequence. Once the action has been completed, access is restored and no record of the revocation exists and block finality has been achieved.

The argument that members of the Algorand team or foundation would not act like this is a false assumption as it assumes the Algorand team would always act with 100% honesty, 100% of the time. The protocol itself does not make this assumption therefore why should participants using the Algorand protocol?

There is no means of recourse as transactions are almost immediately final (4 seconds) and your rights to action and suit are literally waived in the other terms in the Terms of Service.

If the Terms of Service are in fact correct and true, and if the Algorand team has the capability to revoke access to a wallet at their discretion, they can effectively “break” the protocol.

The design of the protocol becomes the weapon and the attack vector is the governance chain. X wallets are revoked, bad actor wallets gain more stake, bad actors are more frequently selected as block proposers and validator, bad actor block proposer and bad actor block validators send out false messages, false messages are relayed, finality is established, blockchain is compromised.

There is no publicly available record to audit wallets that have been revoked, the time period of revocation, or the period for which the wallets have been revoked. There is no visibility to determine if the wallets were reinstated or the time period when reinstatement began or ended. This would allow the attack to occur and be corrected without notice to network users.

Centralization is clearly apparent as a central authority can revoke any wallet and manipulate rewards, block proposer and block validator selection thereby corrupting the VRF (selection is not random if you can exclude any number of wallets, at any time, for any reason).

Finality is created by a bad actor block proposer and bad actor block validators through exclusion.

I thought the idea was to have a decentralized blockchain? How about we dump the terms of service and allow any user to use the network. After all, Silvio did state it was unlikely that 30% of the population are bad actors and the protocol is designed to avoid such having this type of control in the wallet allows manipulation of the protocol and warrants change, immediately.

tsachi · April 4, 2021, 3:14pm

Hi @Fab ,

I think that you’re overthinking here.
The terms of services are defined for the wallet application only. The actual account, as well as the consensus algorithm, is completly decoupled from the wallet and managed by the nodes on the network. As such, the network can be completly functional with or without the wallet.

The official wallet is truly provided by Algorand inc., but it’s not the only wallet out there. Feel free to use a third party wallet, or - none. ( i.e. you can always have a node running and use it as a wallet, which is what the algorand developers used prior to the official algorand wallet implementation )

ian · April 4, 2021, 3:25pm

Hi Fab,

Did you have a specific question about the Terms of Service? Tsachi is correct in his explanation that the Algorand Wallet is simply a UI that lets you interact with the blockchain. The app itself has no direct access or special permissions to the Algorand protocol, Algorand’s consensus mechanism, or anything like that.

If you created an application, it would have the exact same permissions as the Algorand Wallet. I’m not sure I completely understand the argument that the Algorand blockchain can be compromised by the Algorand Wallet. If it helps, I can tell you that we’re currently working on publishing our Algorand Wallet codebase so that you can verify that what we’re saying is true.

Ian

Fab · April 4, 2021, 5:17pm

Thank you for your feedback and @tsachi for your comment.

Basically, from what I understood, the Right to Terminates in The Terms of Service suggest that the access to the wallet can be revoke unilaterally by Algorand Inc which could influence the consensus mechanism.

But I understand now that it couldn’t happen, since as @tsachi has suggested, the account and the consensus algorithm are decoupled from the wallet and managed by the nodes on the network.

Thank you for the clarity and maybe, it will be great to add that information in The Terms of Service as well? Also, how one can retrieve his account if the right to terminate is used by Algorand Wallet?

It could be useful to anyone who expresses the same doubt.

ian · April 4, 2021, 6:53pm

Even if Apple or Google decided today to remove the Algorand Wallet from the app/play stores (respectively), as long as you have your 25-word recovery passphrase (or your private key if you have it in that format), you’ll always be able to recover your Algorand account, regardless of the app. As Tsachi mentioned, you can even just use our CLI (goal) or SDKs if there were no apps that you trusted.

Hisahide · June 25, 2021, 9:46pm

Hi, for the 25-word recovery phrase in algorand wallet, how many different combinations of this word are there?

Is it possible to recover and access another person’s wallet by accident?

I am concerned about the above possibility and would like to ask you about the probability of this happening. Please explain if there is any reason why the possibility is infinitely zero.

scholtz · June 25, 2021, 10:11pm

There is 2048 words… 2048^24 (25th is checksum) is 2,96e+79

Supercomputeres can check something like 1e+15 addresses per day so there is no chance your account can be hacked…

Only way how the account can be hacked is the wrong random function when you generated the wallet… And if this happens it would be really bad not just for algo, but also for many other cryptocurrencies…

At the moment as far as I know, the random nuber is taken from the OS, so if there is issue, it will be probably msft fault

Topic		Replies	Views
Governance exception in this period only because of MyAlgo hack Governance	1	489	March 9, 2023
Algorand governance General	3	429	October 7, 2021
What stops Algorand transaction fees from becoming too high? General	5	962	July 26, 2020
Some Questions About Algorand	5	1180	September 7, 2019
Trust Wallet not allowing Algorand spend General	8	2609	August 8, 2021

Algorand Wallet Terms of Service

Related topics