Grin Risk Events Brainstorming
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
$
%
123
 
 
 
 
 
 
 
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAFAGAHAIAJAKALAMANAOAPAQARASATAUAVAWAX
1
@lehnberg@kargakismonkyyyjaspervdmtrompquentinlescellerIgnogpestanaCatheryneNburrrata@garyyu@hashmapYeastplumeAntiochWeighted TotalsStrategy
2
#Risk eventDescriptionImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpactChanceKnowledgeImpact * Chance
3
5Critical bug/attack that leaks privacyIt is uncovered that there is an exploit that leads to user privacy being leaked. Things like transaction amounts, IP/locations, timestamps, and other sender/recipient data. It is assumed that the exploit has been used.7638647227667467568479679745957459577667567.55.474.040.5
4
6Critical bug/attack that leaks inflationIt is uncovered that there is an exploit that makes it possible to create grins out of thin air. The existing supply does not match what is expected by the emission rate, meaning some actor(s) have taken advantage of this.7638659228668368468479459457548267579668468.14.474.035.4
5
20Intentional forkAn insurgency in the community or external parties decide to fork away, creating a "Grin Classic" / "Grin Fixed Supply" / "Grin Diamond" etc variant. Parts of mining and dev community might join them in the promise of increased riches and more glorious glory.7753854865854775853875753767947866452973964.47.779.033.8At some point, once Grin blocks are more than 10% full (average over 168hrs), then the devs need to discuss when and how to increase the block-size in order to mitigate the chance of an intentional hard for over the issue. In addition, if any developer on Grin feels that the project is heading in a direction that he/she is apposed to, we should have a clear discussion about this on the forums or meetings. All intentional hard forks triggered by outside parties should be accepted.
6
22Lack of ASIC competitionOne manufacturer gets headstart making efficient miners, floods/dominates the market, discouraging new entrants4636746676665556667726365636676655.85.754.032.8
7
7Critical bug/attack that compromises wallet fundsAn attacker is able to freeze or spend funds in wallets that are not theirs and starts reaping havoc on the blockchain. Real world example is the Parity bug.7638659127569278367466456556746267679678467.44.475.032.4
8
16Threats of 51% attackMining entity announces they have enough hash power to pull off 51% style attack, or it is calculated that they now have this power but are yet to use it.6425654536656675656477567667738168675355456.24.972.030.4
9
17Actual 51% attackOne or several 51%-style attacks occur against Grin. Real world example would be the Verge hacks.8327457228357577357477767668538169577367457.44.172.030.4
10
2Members on technocratic council infiltrated/coercedA hostile actor or authority steals the identity or coerces one or several members of the technocratic council to act on their behalf in order to control the project. Or operate undercover to gain trust and authority and then work to subvert it. Because some members are pseudonymous, it can be particularly hard to determine whether this event has occured.8468557638555655655565446778216464465555655.95.169.030.2
11
3Technocratic council breaks downA severe disagreement causes a rift in the council and half abandon the project in anger. Say there's also vacant seats and it ends up not being enough members left to build a quorum and elect new members. Relevant real world example is when the Swedish Academy had to cancel awarding this year's Nobel Prize in literature due to internal infighting.8368354737457657655676657658536265665276756.34.873.030.0
12
8Exchange is hackedThe Grin Exchange, one of the few crypto exchanges that accept Grins is hacked, leading to a large double digit percentage of all issued grins to fall in an attacker's hands. Real world example is the NEM hack on Coincheck.6644857566756575663763653877846554863663664.66.578.029.9
13
21No exponential growth in first 2 years (or even 1 year)Grin community seems to have Blitzkrieg expectations like hockey stick growth in number of users and coin price. It may not happen and as a result community will be demotivated, including developers which may lead to the project stagnation.2753754662756555556645755547748465765566554.95.971.029.0
14
13Grin is declared illegalIt becomes illegal to develop or use Grin in certain countries. Real world example is the ongoing efforts to stop 3D-printed guns.8257554768355657555555656876536466266555456.04.873.029.0
15
4Discrete logarithm problem is no longer hard, a.k.a. "Quantumaggedon"Quantum computing advances or some other breakthrough lead to a state actor or large technological conglomerate being able to compute general discrete logarithms in polynomial time. Undermining the cryptographic foundation on which Grin is based on.9418426329469289469268345559545568569349258.03.665.028.8
16
1Igno disappearsWithout prior notice Igno disappears from the project without leaving a trace, any instructions, or information. Relevant real world example is when the author of Python decided to unilaterally resign.5785534355666465763574556755516765427376465.25.273.027.2
17
19Accidental forkDue to a perfect storm of an undiscovered critical flaw and an extraordinary combination of events, the Grin blockchain accidentally forks into multiple chains where miners unknowingly mine on different chains for a long enough period of time for this to become an issue. Multiple transactions and coinbase branches risk becoming invalidated and motivated parties end up arguing about which chain is the one true right chain.4833658116754566554676764667526266466364665.05.270.026.3
18
15ASIC announcementsAn ASIC manufacturer announces a specialised ASIC for Grin PoW mining with 50-500x efficiencies. It's also assumed that there's stealth ASIC mining happening already on the network. Real world example would be Monero ASIC announcements.5434753635747385735474445475735354646565555.04.967.024.5
19
10Developers are raided / harassed / prosecutedDue to PR disaster above, political pressure builds to motivate government authorities to doxx anonymous developers and "make an example" by arresting them and issue criminal arrest warrants on other developers associated with the project. It's important to note here that it is irrelevant whether there is an actual valid legal case against the developers.8464445768557258367468555367627154388258366.63.675.024.0
20
9Criminal users lead to PR disasterA high profile event / attack occurs that is linked to Grin usage and the spotlight is turned on the project and its stance on privacy. Relevant world example is the Apple-FBI encryption dispute.7564950966763365663663663967844751862753453.66.778.023.9
21
12MPAA-style prosecution / take down noticesDue to PR disaster above, web hosting providers are asked to take down anything that hosts Grin-related material, domain names are seized, Github repo is closed, and so on. Real world example would be the attempts to shut down the Pirate Bay.6467551857447358259288258247838338278258267.23.371.023.7Lack of ASIC competition will be accepted, as the immutability of the primary PoW is central to Grin's committal to long term ASIC mining
22
11Civil suit against developersDue to wallet bug above, or the exchange hack, where the exchange had been a donor to the Grin project and the exchange had been promoted as a sponsor and recommended exchange on the project home page, a class action suit is filed against the developers holding them accountable for being part in the loss of funds. Real world example would be the controversies around the Bitgrail / Nano hack.8257344648443356257377566468536234287357356.23.370.020.2
23
24Core developers are hired by private companyLike Blockstream:Bitcoin, grin core devs are hired by a private company and the profit incentive alters the path/aims of grin in a way that does not necessarily benefit other users.3773653.06.612.019.8
24
23Lack of progress freenessAF memory requirements are so high that ASICs take multiple seconds per graph causing increasing amounts of wasted effort6525525673575553565516365333173554.24.251.017.7
25
14Losing control of Github repoAn attacker gains access to the Github repo and either takes it over completely and/or inserts malicious code stealthily. Real world examples would be the recent homebrew attack and Gentoo hack.4465352416565465664463363337736164277354364.83.672.017.0
26
18Rapid fund appreciationDue to a sudden rapid movement in Grin price the central development fund is now worth seven figures. There's heated debate in the community on how to spend it. Disagreements on the technocratic council.5643351835746455754663563465845161461373553.54.872.016.7
27
25Regulatory riskThe anonymous character of Grin could result in low adoption ratios since it is difficult to comply with legislation for the Virtual Asset Service Providers. This may affect the overall innovation of the project.
28
26Unauthorised activityMalicious code deployed into production environment by developer (bypass standard procedures).
29
27Security riskDuring a Grin event is sensitive information shared which can result in negative consequences for the development team and/or project.
30
28Hello GithubBecoming too dependant on the different projectmanagement tools (also for communication and coding) might impact the continuity of the project in a negative way
31
29
32
30
33
31
34
32
35
33
36
34
37
35
38
36
39
37
40
38
41
39
42
40
43
41
44
42
45
43
46
44
47
45
48
46
49
47
50
48
51
49
52
50
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...