Arkham shared a link to the user’s waiting list on Twitter, but due to a negligent coding method, the user’s email address was all exposed.
“Blockchain intelligence company” Arkham announced on July 10 the launch of “the world’s first on-chain intelligence trading platform”, and issued the new currency ARKM with the help of Binance’s Launchpad service.
Reactions from the Twitter virtual currency community have been mixed, with some dissatisfied with Arkham’s mission to “de-anonymize the blockchain.” The chief complaint was that many described the company’s Intel Exchange as a “whistleblower for profit” or “whistleblower-as-a-service” program and viewed Arkham as a centralized intelligence agency.
As Arkham said in the announcement, there are many positive use cases for utilizing blockchain bounty hunters as information brokers. But some experts worry that the business model followed by the Arkham trading platform is highly likely to be abused.
According to Arkham, users will be able to post information anonymously and then receive bounties for information about blockchain transactions. Once the bounty is completed, the entity paying the bounty will have exclusive access to the data for 90 days. After the initial exclusivity period ends, Arkham said it will make the data fully public.
Some other popular comments focus on whether Arkham has seriously considered it. This bounty model will make currency whales (wallets) a target for tracking.
Among other things, Arkham has been accused of exposing the email addresses of users on the company’s waiting list. User information can be accessed directly through links shared on social media.
Apparently, the web form encodes the user’s email address in simple BASE64. It’s a breeze to associate an email address with the Twitter account that shared the link. And there has been some speculation that this encoding was not an oversight, but intentional.
One Twitter user claimed that this so-called “leak” was intentional, adding that Arkham’s “whole goal is to expose (big players), and there’s no easier way to decode it than via a referral link.