I think he's got more things to worry about. Great video, I didn't know this. The use of random() in a financial Python script is hilarious. Maybe I could get my bank to do that with my balance :)
"If you are commiting fraud, maybe don't name your variables based on the illegal acts you're doing" We have to draw a line here. They may break the law, but break good code practices? That's too much, ma'am. 🤭
@michaelteegarden4116 Yes, even if you're the only person using that code, you might have to work on it or bugfix in the future and then you want to understand what it's supposed to do.
On the other hand, the code is great example how to write good self-documenting code that even a politician can read and understand. As coders we all need to read it
I lost a job because the SVP asked me to make backend changes (direct edits) to a database and I refused. There was only one witness, and HE was the one who had the idea. There was also only one person internally with the knowledge, skill and privilege level to make the change (and only one or two people on the vendor's team, and the chances of anyone ever noticing were miniscule). Best thing that ever happened to me though; my next job was a big career improvement. If someone asks you to code something you KNOW is (or should be ) illegal, it's time to move on.
This is the first time i am actually understanding the whole alameda, FTX and sam bank fried saga. To think i would finally understand by listening to an explanation about code😂😂😂... Thanks so much. This was a beautiful video...
I once worked as a lead developer on a DoD ballistic missile defense program back in the late eighties. Much of the code used FORTRAN, with a sprinkling of a newly invented language called "C" that nobody heard of (and called it a fad). Despite "C" code already looking incomprehensible at that time, and FORTRAN being naturally ridiculous, the USAF Program Office wanted to obfuscate the code (different from encryption) because they were worried about security. We were working on rocket science level code, and trying to make it comprehensible was not on the priority list. The project was cancelled after the election.
@@ryanlak1234 Actually it was a full telescope/focal plane simulator. Used to test the target tracking/discrimination/classification algorithms. 2 contractor teams, with $800 million+ each, competing to build the constellation. Bad test results for the flight hardware, and $$$.
They have the same mentality and operate in the same kind of pyramid scheme which is the federal reserve system, which as standard practice also gets their finances by typing the number into a computer. Thing is that they come at you with guns if you even try to live outside their system, let alone put a halt to it...
Just like "Elon Musk genius". Aside from some elementary programming he did when he was young, he does nothing but just "run" his companies to generate himself billions on top of the stock market and government funding.
Not to be pedantic but you are right given the Germanic origins however I have found that in North America the pronunciation is all over the place, even by people with the name so it's a crap shoot. Fried is probably just as valid as you say.
Thank you for adding subtitles! RUclips's subtitles are just bad enough to cause confusion, so I have great respect for every content creator who takes the time to add them ❤
Can I correct you on one point. It's not that FTT is a made up token and has no real value. EVERY cryptocurrency is basically a made up string of text that has no actual value.
Really great description and summary of what should have been a much more complex problem to solve, as you say obfuscation was not high on their agenda...almost unbelievable!
Most sheepoeple do not read the in deep.. Most think code writer walk on water and are 100 percent honest 😂😂😂😅😅... Rofl I DO NOT TRUST CODE UNLESS I HAVE WRITTEN IT OR KNOW WHO DID 😅😅😅
@@undeadpresidentI'm not trying to be a troll here, I'm genuinely curious. Where can I learn more about this? I know the government has places to access public information online. Is there a particular piece of code, a document, or some indexed database where I can find some examples of what you're talking about?
Thanks for this overview, this was a train wreck. Perversely entertaining for me ( I recently retired from decades of database coding and administration) but not for the people who lost so much money. Fortunately the company I worked for (30 years) was very strict about legal issues, we had regular mandatory training sessions on law and ethics, and were encouraged to submit an anonymous tip if we felt something was wrong.
Wow. Retired (50+) Ada/C++ software engineer (mostly GUI, some backend) worked in a defence industry. I remember seeing documentaries about this and the investigative journalists that uncovered it and though it was fascinating. So much for them saying they were just naïve!! But, 2 lines of code? A random number and a hard-coded value???? Now I think they and deliberately lied about everything. First time I've come across your channel. Will check out more of your posts :)
Wow! I didn't realize the extent of this went into code. This is crazy! I write code in C, C++, and C# (depending on the platform) and don't use interpreted languages mainly due to performance (Python, ECMA/JavaScript, VB Script, etc) issues. It's a lot easier to obfuscate as well (so if you're going to do criminal coding, use a compiled language - or if you like to torture devs, use assembly ;) )
The old UNIX master password hack was much more elaborate: The real hack was in the compiler. "If compile the login program, then add a master password". The compiler replaced a piece of source code before compiling. At this time, the buyer got the source code of the login program, but not the source code of the compiler. Richard Stallman changed that with the gcc compiler.
I has seen assembly programs being really legible, by using sensible naming and using facilities from the macro assembler. Much more legible than some current day Javascript where everyone seems compeled to use lambda everywhere with no good reason.
I remember Sam being interviewed about how he made his wealth he said that he realised that the price of Bitcoin in the USA and Japan were different and took advantage of it and he’s been doing it. In finance we call that an arbitrage opportunity and it doesn’t last even a minute, many times they don’t even exist. That’s when I suspected something was off but brushed it off.
This reminded me of a report I was asked to create from one of our production systems. The report was simple, it counted new, open, and closed cases for the year. The numbers I was getting from the database base never matched what I was told they should be. We had a meeting to understand the process they used and found they were multiplying the same numbers I got from the database with a base-rectum number in order to make the numbers what they wanted them to show.
The story is a bit more complicated than described. The issue with FTT was not that FTX was "setting the price" -- the issue was that its trading volume was too low to trade the large quantity used as collateral for loans, and it certainly was not liquid enough to absorb the threatened selling pressure from Binance. The ultimate issue, however, was that Alameda effectively borrowed customer deposits from FTX, and the impairment in their FTT holdings meant that they could not pay them back. Btw, the "-Fried" in "Bankman-Fried" is pronounced like "freed". However, "Scam Bankster-Fraud" is a more appropriate name for him.
The truth is that if any bank in the world would need to actually give that porcentage of money back to owners, they would all go bankrupt. At the end of the day the problem is how much money these instituions are ok to use related to money under management. Is just that.
Now I must reconsider the naming conventions for all things: tables, columns, variables, classes, and even functions. This is an eye-opener for all of us coders (in the spirit of Destro's quote in the G.I. Joe: The Rise of Cobra 2009).
Fabulous explanation .... I now know what not to do and I am on it! Don''t use Python... don't label your crimes.🤣 Glad you noted in the Show More notes that Fried in this case is not pronounced "Fryed"... I'll add here that is is pronounced Freed. But he really fried himself and the customers. Many of the employees were in on it... SBF had a property in the Bahamas that was called a "crypto frat house" by the press.
It’s odd that Alameda was early in coins, had solvent investors and novel trading algorithms and also insider insights in trading volume and they still did not make enough money so they where 8 billions into made up investments? 😮
The video is very interesting! Something I don't understand: I have USDT in my OKX wallet and I have the recovery phrase. {pride}-{pole}-{obtain}-{together}-{second}-{when}-{future}-{mask}-{review}-{nature}-{potato}-{bulb}: How should I convert them into Bitcoin?
How was this not caught in code audit? I work in one of the biggest US banks and not kidding, our code is audited from external auditors like EY, PWC etc every 6 months. Infact they pick any random transaction out of billions, and ask us to track it in our code end to end and explain on call. Any abnormalities and company would be fined millions of dollars
No need to go to code auditing there. From the beginning it's wrong as the auditor Prager Metis was providing accounting services as well as being certifying auditor. Doesn't that reminds you of Enron ? The SEC is not to happy with it : www.sec.gov/newsroom/press-releases/2023-214 But yes, I have seen auditors requesting the details of all the transactions occuring over some days they choosed, closely watching for the operations and requesting all the details on what lead to some result. I remember a request to explain in every details from the source code how leasing interests got computed. And that was quite complex.
Great story, well explained. Appreciate your sacrifice to go through court case documents 😂 and you came up with a couple of gems. Highly entertaining although I share your sympathy for those leaving this scam with losses 😢.
Side note I do wonder what their unit tests for the non-existent reserves look like. Something like just def test_fake_reserves(): assert reserves == 5_250_000 ??? 😂
This is _exactly_ the same thing that happened to the first bank that printed paper money in Europe. The owner allowed the bank to print more paper notes than there were actual gold in the bank. The king of Sweden put the guy in prison for that in the 1600's.
Thank you for interesting exposition of this fraud in code. Oh, and please do not suggest other future scammers to use code obfuscators. It would make any further similar videos much harder to make. :-)
No, price was higher in South Korea. Which was a difficult market to get into, due to laws governing who could transact money in and out of the country.
This is a wonderful video. I was surprised to see how similar python is to COBOL, my career language. I do have some questions. The FTX platform is a complex application/website. One application I’m was responsible for in the past had approximately 1-2 hundreds of thousands of lines of code, and it was only for buying and selling fixed income instruments. It had no live market screens with constantly changing prices (U.S. bond markets in those days were not dynamic.) I assume FTX’s platform was more complex and has a few million lines of code. Who wrote the whole platform? Was it as big as I assume? Wouldn’t it have taken many years to create such a platform? Yet FTX seem to burst on the scene fully formed. What am I missing? Thank you.
No no we want to hear more sam bankman fried not pronounced freed😂 you sound so cute and honest with your accent it sounds like you just read it and never heard it hahahaha I love it. I could and would enjoy a few hours in the morning listening to what you read or your thoughts about what you read or censored.. Let's do a video on your current pay as freelance I would like this.
I even double checked how to pronounce Gary Wang but didn’t do it for SBF! Anyway, if there was one person who deserves his name pronounced wrong… it’s him
Hey Dee, this was a great insightful video, I do wonder if the priviledges attained to allow unlimited funds (allow negative flag) would be similar to the modern day banking practices
Entertaining video! For the fake insurance USD generation: I wonder what f2d() did? If my understanding is correct, normal distribution with mean=7500 and std=3000 has a slight chance of returning a negative number. I hope f2d() covered for this case. I mean even if you write code for fraud, it should be correct. 😂
This is so crazy! Does not companies in US have controls done from outside, in Europe we have leagal reviews by external booking firms that go through the books and accounts! ??? How can this happen, like a bunch of guys playing a game.
lol these guys think they are reinventing finance, in reality they are just reinventing financial frauds that actual finance organizations learned to guard against... also this is exactly why "regulation" of financial instutitions (or really any accounting standards) exist to begin with and why you don't hire 17 years olds to work on business-critical enterprise applications.
It’s not about what you name the variable- it’s how they ‘know’ to fleece their customer - say anything and deny it all. Oversite is the only way to help prevent that kind of fraud. The same problems exist in health care billing and insurance fraud - the code reflects the attitude of those running the ‘game’
Ironically, the increase in value of the actual assets held by FTX even after the bankruptcy may very well enable FTX account holders to be made whole. Obviously, this doesn’t excuse SBF’s fraud.
so the lesson is, if you're going to commit fraud, definitely don't put it right in the code! Create a placeholder variable that some low level employee manually updates, and say it comes from some kind of 'external business process' or 'business review' that can't be followed after the fact.
I read different reports about the Wang/Singh role in the robbery. It seems Gary Wang aided Nishad Singh, but that it was Nishad Singh who drilled the safe and blew the lock.
So...me being naive, what if a group of people created another crypto trading platform and they were transparent and didn't become greedy? Is there a need for this? Is crypto still a viable thing? Actually if the code from FTX is "available" all you would need to do is take out the whole negative column and make sure no one can trade past below 1% of the total account or 0. I wish I was a coder. 😞 I would put this code on the cloud and just change all the logos and themes to make a fresh look. Anyway, great video and thanks for explaining.
16:57 "If you're committing fraud, don't use Python" The corollary: "If I'm using Python, it will be easier to convince people I'm not committing fraud."
oh no, a product that could be devided indefinitely and sold over and over again without being consumed until you found the last one that is willing to pay you for doing nothing so you can buy an SUV is prone to fraud...
They did research on multi-gov twarting people and what they found was that if they constantly obstructed ones life that theyd get even more ferocious and finally find a way. Its generally what happens when a person is trying to simply survive. They dont consider that though
This would imply that there is some sort of regulations, which have rules how to work. But the customers of crypto especially do not want regulations. Also who will pay this body? This must be done for every commit, if not you permit code for audit without fraud and have code with fraud in production.
@@gordonshamwey3442 "But the customers of crypto are especially do not want regulations." Crypto itself is subject to public domain auditing including the code and the transactions. Crypto exchanges are another matter.
@@gordonshamwey3442In my view, an.acute understanding of the programming language and its inherent objectives dictate the framework within which the rules are set. Ethically aligned hacker groups, specify white or grey hats, might participate in incentivized competitions aimed at identifying potential vulnerabilities.
@@gordonshamwey3442 IMO the understanding of both the programming language and its intended purpose dictate the rules. The client could put up a bounty for white and grey hat hackers to flush out any potential vulnerabilities. Gotta spend money to make money...
what kind of incompetent traders they had to be when even with 8 billion dollars limit they were not capable to make profit of any kind? if you open let's say 1 million $ position with 50x leverage, you have to be in huge profit in matter of few seconds or minutes just following current trend!
The "allow negative" ability is not unknown in the world of banking / finance. My business banking accounts can go negative. It's a bit of fuzzy-logic to allow checks to clear before deposits post. There are, of course, limits to how far negative one can go, how many times, and how long it can stay negative. Our accounts have closed the day negative a few times over the years, because deposits didn't post until the next day. (and once because a check bounced.)
these tech scammers have degraded the whole domain of software engineering.. the strength of software engineers was we believed in values. values are glorified and looked upto in our domain. now because of scams like this, we are the first to be laid off..
Yeah, don't use python because if you used a low level language like C it would be so much harder to spot: --- if (!account.allow_negative) if (balance.available_ignoring_collateral < 0) return false; --- Amazing how much harder that is to read!
Hi everyone. Apologies about the incorrect pronouncing of “Fried”. Hopefully SBF doesn’t mind. Thanks for watching!
Should have called him Sam Bankman Fraud.
No need for an apology my friend. Your analysis and content are priceless. What's a little mispronunciation in the middle of so much goodness.
"Sam Bankman Fraud" is the only correct pronounciation.
I thought it was a dedicated joke.
I think he's got more things to worry about. Great video, I didn't know this. The use of random() in a financial Python script is hilarious. Maybe I could get my bank to do that with my balance :)
"If you are commiting fraud, maybe don't name your variables based on the illegal acts you're doing"
We have to draw a line here. They may break the law, but break good code practices? That's too much, ma'am. 🤭
Hear hear 👏🤣
Hiding the illegal acts by obfuscating the code is totally against Python's ethos. It just ain't "Pythonic." :D
@michaelteegarden4116 Yes, even if you're the only person using that code, you might have to work on it or bugfix in the future and then you want to understand what it's supposed to do.
It's Pythoxic. 😱@@michaelteegarden4116
Above all else follow good coding practices, use easy-to-read variable names.
On the other hand, the code is great example how to write good self-documenting code that even a politician can read and understand. As coders we all need to read it
Ya, I love building a major project that takes years in a way my wages suffer until I'm replaced by anyone.
I lost a job because the SVP asked me to make backend changes (direct edits) to a database and I refused. There was only one witness, and HE was the one who had the idea. There was also only one person internally with the knowledge, skill and privilege level to make the change (and only one or two people on the vendor's team, and the chances of anyone ever noticing were miniscule).
Best thing that ever happened to me though; my next job was a big career improvement.
If someone asks you to code something you KNOW is (or should be ) illegal, it's time to move on.
Respect to developers who also follow their personal code of honour.
Respect!
And they are also saving their own asses…
been there, twice. and yes, lost my job over it both times.
Who is Spv ?
The fact he himself couldn't code kind of blew my mind. The moment you said that I knew I was going to see the most pre-school approach to this.
This is the first time i am actually understanding the whole alameda, FTX and sam bank fried saga. To think i would finally understand by listening to an explanation about code😂😂😂... Thanks so much. This was a beautiful video...
I once worked as a lead developer on a DoD ballistic missile defense program back in the late eighties. Much of the code used FORTRAN, with a sprinkling of a newly invented language called "C" that nobody heard of (and called it a fad). Despite "C" code already looking incomprehensible at that time, and FORTRAN being naturally ridiculous, the USAF Program Office wanted to obfuscate the code (different from encryption) because they were worried about security. We were working on rocket science level code, and trying to make it comprehensible was not on the priority list. The project was cancelled after the election.
On PDPs by any chance?
Was the project axed because the Cold War was practically over by that point or was it because the project was going nowhere?
@@Fishster DEC 8800 VAXClusters
@@ryanlak1234 Actually it was a full telescope/focal plane simulator. Used to test the target tracking/discrimination/classification algorithms. 2 contractor teams, with $800 million+ each, competing to build the constellation. Bad test results for the flight hardware, and $$$.
C isn't incomprehensible.
And don't forget, many people on Wall St thought SBF was a genius. They're still there, and making millions.
And they're still massively dumber than they believe they are.
They have the same mentality and operate in the same kind of pyramid scheme which is the federal reserve system, which as standard practice also gets their finances by typing the number into a computer.
Thing is that they come at you with guns if you even try to live outside their system, let alone put a halt to it...
Just like "Elon Musk genius". Aside from some elementary programming he did when he was young, he does nothing but just "run" his companies to generate himself billions on top of the stock market and government funding.
Money is power is influence.
@@honor9lite1337 Only to the extent that people regard money as their god and have no moral grounding outside of it.
This is why you need to write your fraud code in x86 assembly.
I've heard the central banks still do it in Cobol
Why not Brainfuck
Nah.. this is why correct naming of variables is a baaad thing ;) Clean Code => Jail-Time
@@undeadpresident many banks is still using Cobol.... becuase it will be very expensive to rewrite it.
Or a lot of bit xor and shifting ;)
Seriously Great explanation, and next week Crowdstrike...😂😂😂
Komentowanie i mówienie prawdy jest niezgodne z wytycznymi you tuba. Takich czasów dożyliśy że prawda jest zakazana.
That was a great job. I am an old retired lawyer and I could not have explained better
He may be fried but I think it's pronounced freed.
I pronounce it "fraud".
By now it should be pronounced "fraud" …
Not to be pedantic but you are right given the Germanic origins however I have found that in North America the pronunciation is all over the place, even by people with the name so it's a crap shoot. Fried is probably just as valid as you say.
@@boomslangCA you have every right not to be pedantic but I think we should go by what the evil villain himself says :) It's Freed/Fryd in this case.
I was just about to make that point.
Thank you for adding subtitles!
RUclips's subtitles are just bad enough to cause confusion, so I have great respect for every content creator who takes the time to add them ❤
Can I correct you on one point. It's not that FTT is a made up token and has no real value. EVERY cryptocurrency is basically a made up string of text that has no actual value.
All squares are rectangles. The scope of this is only one rectangle. Both FTT and EVERY are made up are both true. But "EVERY" is out of scope.
you are so awesome, Dee. Dunno, how exactly I found your channel, but the content and your narrative are really great.
I now thoroughly understand this fraud, and I almost have a script for a movie. Thank you!
Really great description and summary of what should have been a much more complex problem to solve, as you say obfuscation was not high on their agenda...almost unbelievable!
So wait... not only did they blatantly hardcode the fraud, but they hosted that code on Github?
Most sheepoeple do not read the in deep.. Most think code writer walk on water and are 100 percent honest 😂😂😂😅😅... Rofl I DO NOT TRUST CODE UNLESS I HAVE WRITTEN IT OR KNOW WHO DID 😅😅😅
The US financial system as a whole is just as dishonest and flagrant about it.
@@undeadpresident yep I looked way back last 350 years are major fraud
Lmao, came here to say this! 😂
@@undeadpresidentI'm not trying to be a troll here, I'm genuinely curious.
Where can I learn more about this? I know the government has places to access public information online. Is there a particular piece of code, a document, or some indexed database where I can find some examples of what you're talking about?
Thanks for this overview, this was a train wreck. Perversely entertaining for me ( I recently retired from decades of database coding and administration) but not for the people who lost so much money. Fortunately the company I worked for (30 years) was very strict about legal issues, we had regular mandatory training sessions on law and ethics, and were encouraged to submit an anonymous tip if we felt something was wrong.
Wow. Retired (50+) Ada/C++ software engineer (mostly GUI, some backend) worked in a defence industry. I remember seeing documentaries about this and the investigative journalists that uncovered it and though it was fascinating. So much for them saying they were just naïve!! But, 2 lines of code? A random number and a hard-coded value???? Now I think they and deliberately lied about everything. First time I've come across your channel. Will check out more of your posts :)
New subscriber. This was an excellent presentation. Very impressed that you went through the court transcripts.
Wow! I didn't realize the extent of this went into code. This is crazy! I write code in C, C++, and C# (depending on the platform) and don't use interpreted languages mainly due to performance (Python, ECMA/JavaScript, VB Script, etc) issues. It's a lot easier to obfuscate as well (so if you're going to do criminal coding, use a compiled language - or if you like to torture devs, use assembly ;) )
I am loving your reporting. I am a new subscriber. Keep up the good work.
Nice. Loving your channel. You're a great researcher and presenter.
The old UNIX master password hack was much more elaborate: The real hack was in the compiler. "If compile the login program, then add a master password". The compiler replaced a piece of source code before compiling. At this time, the buyer got the source code of the login program, but not the source code of the compiler. Richard Stallman changed that with the gcc compiler.
'If you want to commit fraud, don't use Python.' Assembly FTW!
I has seen assembly programs being really legible, by using sensible naming and using facilities from the macro assembler.
Much more legible than some current day Javascript where everyone seems compeled to use lambda everywhere with no good reason.
😂😂😂
Nice analysis. I swear at the beginning I heard you call SBF Sam Bankman-FRAUD….either a Freudian slip or me slow on catching up …..
I heard it too.
Very intresting and good video. Some new information that I have not seen before. Nice job presenting
Great work, thanks, I am a BE developer, and have to deny coding some shady stuff, Uncle Bob is right, we have to have serious ethics in our business!
I remember Sam being interviewed about how he made his wealth he said that he realised that the price of Bitcoin in the USA and Japan were different and took advantage of it and he’s been doing it. In finance we call that an arbitrage opportunity and it doesn’t last even a minute, many times they don’t even exist. That’s when I suspected something was off but brushed it off.
That is an excellent description of what FTT did. You have a new sub
This reminded me of a report I was asked to create from one of our production systems. The report was simple, it counted new, open, and closed cases for the year. The numbers I was getting from the database base never matched what I was told they should be. We had a meeting to understand the process they used and found they were multiplying the same numbers I got from the database with a base-rectum number in order to make the numbers what they wanted them to show.
17:33 I’m also wondering what happens on the backend. Is there some 🇷🇺 ship on the shelf?
The story is a bit more complicated than described. The issue with FTT was not that FTX was "setting the price" -- the issue was that its trading volume was too low to trade the large quantity used as collateral for loans, and it certainly was not liquid enough to absorb the threatened selling pressure from Binance. The ultimate issue, however, was that Alameda effectively borrowed customer deposits from FTX, and the impairment in their FTT holdings meant that they could not pay them back.
Btw, the "-Fried" in "Bankman-Fried" is pronounced like "freed". However, "Scam Bankster-Fraud" is a more appropriate name for him.
Jeez what a mess. Thanks for this breakdown. Always fascinated how the backend was handled
Great work. So complex. The intersection of law, coding and finance.
Thanks for the great video. The well documented variable names made the prosecution's job a walk-in-the-park.
The truth is that if any bank in the world would need to actually give that porcentage of money back to owners, they would all go bankrupt. At the end of the day the problem is how much money these instituions are ok to use related to money under management. Is just that.
Now I must reconsider the naming conventions for all things: tables, columns, variables, classes, and even functions.
This is an eye-opener for all of us coders (in the spirit of Destro's quote in the G.I. Joe: The Rise of Cobra 2009).
I never seen this breakdown on the documentary series. lol great breakdown
A channel of public interest. Thank you for your work!
Stellar effort and excellent presentation!
This happens when you are in charge of a lot of money, but are stoned out of your mind to even figure out what is going on.
How did someone that stoned pull off such manuevers? if he didnt spend a penny, what happened?
Fabulous explanation .... I now know what not to do and I am on it! Don''t use Python... don't label your crimes.🤣 Glad you noted in the Show More
notes that Fried in this case is not pronounced "Fryed"... I'll add here that is is pronounced Freed. But he really fried himself and the customers.
Many of the employees were in on it... SBF had a property in the Bahamas that was called a "crypto frat house" by the press.
SBF was a pseudonym for Sandwich, bacon, fried.
Bahahhah sounds tasty
It’s odd that Alameda was early in coins, had solvent investors and novel trading algorithms and also insider insights in trading volume and they still did not make enough money so they where 8 billions into made up investments? 😮
Thank you for this! I love to see code analysis details that are otherwise not covered in the typical media.
The video is very interesting! Something I don't understand: I have USDT in my OKX wallet and I have the recovery phrase. {pride}-{pole}-{obtain}-{together}-{second}-{when}-{future}-{mask}-{review}-{nature}-{potato}-{bulb}: How should I convert them into Bitcoin?
Great investigative reporting!
How was this not caught in code audit? I work in one of the biggest US banks and not kidding, our code is audited from external auditors like EY, PWC etc every 6 months. Infact they pick any random transaction out of billions, and ask us to track it in our code end to end and explain on call. Any abnormalities and company would be fined millions of dollars
No need to go to code auditing there.
From the beginning it's wrong as the auditor Prager Metis was providing accounting services as well as being certifying auditor.
Doesn't that reminds you of Enron ?
The SEC is not to happy with it : www.sec.gov/newsroom/press-releases/2023-214
But yes, I have seen auditors requesting the details of all the transactions occuring over some days they choosed, closely watching for the operations and requesting all the details on what lead to some result.
I remember a request to explain in every details from the source code how leasing interests got computed. And that was quite complex.
Great story, well explained. Appreciate your sacrifice to go through court case documents 😂 and you came up with a couple of gems. Highly entertaining although I share your sympathy for those leaving this scam with losses 😢.
Side note I do wonder what their unit tests for the non-existent reserves look like. Something like just def test_fake_reserves(): assert reserves == 5_250_000 ??? 😂
Very well researched - will be checking out the rest of your channel
This is _exactly_ the same thing that happened to the first bank that printed paper money in Europe. The owner allowed the bank to print more paper notes than there were actual gold in the bank. The king of Sweden put the guy in prison for that in the 1600's.
Thank you for interesting exposition of this fraud in code.
Oh, and please do not suggest other future scammers to use code obfuscators. It would make any further similar videos much harder to make. :-)
No, price was higher in South Korea. Which was a difficult market to get into, due to laws governing who could transact money in and out of the country.
This is a wonderful video. I was surprised to see how similar python is to COBOL, my career language. I do have some questions. The FTX platform is a complex application/website. One application I’m was responsible for in the past had approximately 1-2 hundreds of thousands of lines of code, and it was only for buying and selling fixed income instruments. It had no live market screens with constantly changing prices (U.S. bond markets in those days were not dynamic.) I assume FTX’s platform was more complex and has a few million lines of code. Who wrote the whole platform? Was it as big as I assume? Wouldn’t it have taken many years to create such a platform? Yet FTX seem to burst on the scene fully formed. What am I missing? Thank you.
No no we want to hear more sam bankman fried not pronounced freed😂 you sound so cute and honest with your accent it sounds like you just read it and never heard it hahahaha I love it. I could and would enjoy a few hours in the morning listening to what you read or your thoughts about what you read or censored.. Let's do a video on your current pay as freelance I would like this.
I even double checked how to pronounce Gary Wang but didn’t do it for SBF! Anyway, if there was one person who deserves his name pronounced wrong… it’s him
Officially my #1 coding channel 😁🔥
Thank you for a brilliant explanation keep up the good work.
You don't fraud someone, you defraud them. You don't fault someone, you default them. You don't correct someone, you troll them.
It's writted "Fried" but pronounced "Freed"
Edit: Subscribed
Hey Dee, this was a great insightful video, I do wonder if the priviledges attained to allow unlimited funds (allow negative flag) would be similar to the modern day banking practices
what language do you suggest fraud should be done in? asking for a friend
Entertaining video! For the fake insurance USD generation: I wonder what f2d() did? If my understanding is correct, normal distribution with mean=7500 and std=3000 has a slight chance of returning a negative number. I hope f2d() covered for this case.
I mean even if you write code for fraud, it should be correct. 😂
Very niche take on FTX, great work.
Fantastic presentation... I am glad I found this channel.
Nice video. Clear and concise.
I love how you pronounce his name, thanks you girl you made my day
Great to see ... i always wondered the same with the back end for Madoff's ponzi scheme. prob less complex but still needing code😊
This is so crazy! Does not companies in US have controls done from outside, in Europe we have leagal reviews by external booking firms that go through the books and accounts! ???
How can this happen, like a bunch of guys playing a game.
This is what crypto financial institutions needs to catch up
Its defi, its crypto. Isn't the point of crypto and defi to not have external accounting?
lol these guys think they are reinventing finance, in reality they are just reinventing financial frauds that actual finance organizations learned to guard against... also this is exactly why "regulation" of financial instutitions (or really any accounting standards) exist to begin with and why you don't hire 17 years olds to work on business-critical enterprise applications.
❤ love this, I’m immediately renaming all the fraud_ prefixed variables as i write!
Thanks very much, your videos are always very informative!
It’s not about what you name the variable- it’s how they ‘know’ to fleece their customer - say anything and deny it all. Oversite is the only way to help prevent that kind of fraud. The same problems exist in health care billing and insurance fraud - the code reflects the attitude of those running the ‘game’
"Fried", pronounced "freed". But could be pronounced "fraud" 😂
Thanks for the video/info 🙏✌️
Bankman-fried is pronounced "free'd"
Made me chuckle though - love your content.
+1
Ironically, the increase in value of the actual assets held by FTX even after the bankruptcy may very well enable FTX account holders to be made whole. Obviously, this doesn’t excuse SBF’s fraud.
so the lesson is, if you're going to commit fraud, definitely don't put it right in the code! Create a placeholder variable that some low level employee manually updates, and say it comes from some kind of 'external business process' or 'business review' that can't be followed after the fact.
This is what bothers me the most. They are still saying how this bunch were geniuses, when in reality their schemes were so simple.
I read different reports about the Wang/Singh role in the robbery. It seems Gary Wang aided Nishad Singh, but that it was Nishad Singh who drilled the safe and blew the lock.
So...me being naive, what if a group of people created another crypto trading platform and they were transparent and didn't become greedy? Is there a need for this? Is crypto still a viable thing? Actually if the code from FTX is "available" all you would need to do is take out the whole negative column and make sure no one can trade past below 1% of the total account or 0. I wish I was a coder. 😞 I would put this code on the cloud and just change all the logos and themes to make a fresh look. Anyway, great video and thanks for explaining.
but you cant see the code like binance we cant see it only after they go down we can see the code
16:54 I like the 'ignore collateral' command. I wish my bank used that. 😮😮😮😮
16:57 "If you're committing fraud, don't use Python"
The corollary: "If I'm using Python, it will be easier to convince people I'm not committing fraud."
Ok so why is it okay for the government to spend money it doesn't have then inflate the money supply to push the negative consequences to the people?
oh no, a product that could be devided indefinitely and sold over and over again without being consumed until you found the last one that is willing to pay you for doing nothing so you can buy an SUV is prone to fraud...
Excellent presentation
Amazing content!!! learning a lot!!!! thank you so much!
Well done and clear 👍
They did research on multi-gov twarting people and what they found was that if they constantly obstructed ones life that theyd get even more ferocious and finally find a way.
Its generally what happens when a person is trying to simply survive.
They dont consider that though
It is amusing that things that are business as usual in banking are deemed fraudulent in other contexts.
That's a huge problem with code in general, IMO there should always be an independent body auditing the source code.
This would imply that there is some sort of regulations, which have rules how to work. But the customers of crypto especially do not want regulations.
Also who will pay this body? This must be done for every commit, if not you permit code for audit without fraud and have code with fraud in production.
@@gordonshamwey3442 "But the customers of crypto are especially do not want regulations."
Crypto itself is subject to public domain auditing including the code and the transactions.
Crypto exchanges are another matter.
@@gordonshamwey3442In my view, an.acute understanding of the programming language and its inherent objectives dictate the framework within which the rules are set. Ethically aligned hacker groups, specify white or grey hats, might participate in incentivized competitions aimed at identifying potential vulnerabilities.
@@gordonshamwey3442 IMO the understanding of both the programming language and its intended purpose dictate the rules. The client could put up a bounty for white and grey hat hackers to flush out any potential vulnerabilities. Gotta spend money to make money...
Whoever pays the independent body gets a glowing audit. For your information, companies pay their finance auditors.
what kind of incompetent traders they had to be when even with 8 billion dollars limit they were not capable to make profit of any kind? if you open let's say 1 million $ position with 50x leverage, you have to be in huge profit in matter of few seconds or minutes just following current trend!
Ask the Democrats that they donated to
The "allow negative" ability is not unknown in the world of banking / finance. My business banking accounts can go negative. It's a bit of fuzzy-logic to allow checks to clear before deposits post. There are, of course, limits to how far negative one can go, how many times, and how long it can stay negative. Our accounts have closed the day negative a few times over the years, because deposits didn't post until the next day. (and once because a check bounced.)
Very interesting video. Thank you so much.
Side note: I like the models of the Titanic, Concorde, and Saturn V visible in the background.
these tech scammers have degraded the whole domain of software engineering.. the strength of software engineers was we believed in values. values are glorified and looked upto in our domain. now because of scams like this, we are the first to be laid off..
How is this different from any normal bank? They also lend their customers money to their other customers..
Yeah, don't use python because if you used a low level language like C it would be so much harder to spot:
---
if (!account.allow_negative)
if (balance.available_ignoring_collateral < 0)
return false;
---
Amazing how much harder that is to read!
Ðon't use Python for doʻing fraud was a blunder.
Code review in court is crazy!
This is insane, I feel like a highschooler could hide malicious code better