FTX former employee reveals insider information: How funds flowed between clients, CHO, and Alameda without being detected by audits
This raises more questions for us to explore.Source: @vydamo_
Compiled by: Guo Qianwen, ChainCatcher
I didn't intend to share all of this, but when I had the opportunity to share anonymously with @MarioNawfal, I decided to go ahead. However, Mario does not accept pay stubs/ID cards, digital IDs, email, or wallet faxes as verification, but instead wants a LinkedIn connection?
As a former FTX employee, I can talk about how funds successfully flowed between customers, CHO, and Alameda wallets without being detected by auditors. The entire hack was made possible because of the elx trapdoor that SBF implemented about 9 months ago, which also appeared in the public beta.
As the name suggests, this feature allowed Sam to use elx to send false logger information back to auditors when they queried the database through negative flux. Adding this feature was very useful for Sam; it was a very ordinary function, but he excelled at using these little things.
Logs were parsed to wallet 0x1c69, and then it triggered the transfer function of glm; this is just an example showing how to wash away 76k+10k eth through Tornado. For auditors, there was nothing unusual about the logs being sent back from the server side, and the funds on the front end appeared to be secure.
At @ftx_app, our task was to design ADD (short for Augmented Deficit Decoders) to help obfuscate and protect the codebase, which later seemed to be maliciously used to cover up the executives' misconduct.
When FTT reached 200wma, these decoders were used to allow it to rebound on LTF; with each rebound, FTT became stronger, but after HTF, it couldn't hold on, which was a sign that everything was starting to collapse. My team was deemed "unfit" to be "fired"—this was after we pointed out that this information was used to support the obfuscation trades of $FTT. The ADD we spent 4 years researching is now being used in fraud, and our will was not respected.
My main question is how Rupert managed to keep himself clean throughout the process. Sam, Gary, and Caroline have been making headlines, but the multi-signature signer Rupert Calloway (a long-time associate of SBF and a hacker from MIT, whose name is @MarioNawfal) was exposed yesterday and has not appeared in the public eye.
Rupert may never go to prison because signing multiple signatures hardly constitutes a crime; he can argue that his actions were coerced. But it is surprising how $783 million, which required four signatures, suddenly went missing, and they all seem unaware of it.
Rupert's dox wallet (thanks again to @MarioNawfal's space️) currently holds $6.6 million in eth, seemingly transferring back and forth between various addresses—what is going on?
One of them is 0x72. Coincidentally, 0x72 owns Milady#241. So, who is its owner? None other than Caroline. This raises more questions waiting to be uncovered.
