Team Lunar/BitGreen campaign for awareness/pump, FUDcasting of PIVX, and how various Cryptomedia outlets don’t fact check before publishing “news”

The following will be my (best) attempt to chronicle the timeline of what I observed that occurring between Han/Team Lunar, Bitgreen, various crypto outlets and media sources, and PIVX.

August 10th, 2019

  • Han | TeamLunar enters PIVX Discord supposedly seeking some help from developers (PIVX) in the PIVX bug bounty channel.
  • He doesn’t receive a response from a dev there (which, isn’t abnormal given the time frame in which he was “waiting” for some response).
  • Less than two hours later, he sends a message to two PIVX developers about “his client’s issue”
  • 10 hours later he’s communicating with a member of PIVX about his “issue” — apparently hoping for some “quick fix?” Not sure why you’d communicate with a non-dev especially about a patch, but, that’s cool!

Now, at this point, we don’t know WHO Han’s (Team Lunar’s) client is. But, he’s trying to find some solution (in theory) — A quick fix even — as one of his clients is having an issue with their network (presumably a PIVX fork).

Enter some common sense:

  1. A PIVX developer works for PIVX and the PIVX codebase. Not some clone, fork, or fork of a fork of PIVX
  2. Countless forks/clones come to PIVX (daily) with problems, issues, as a result of their OWN doing (nothing to do with PIVX or it’s codebase). Remember, once you fork from PIVX, that’s your stuff and you have assumed responsibility for your repos and own codebase.
  3. It’s been <12 hours without a response from a PIVX dev. Again, PIVX devs work on priorities of PIVX first. Any assistance with clones, forks, etc…is out of the kindness of their hearts.
  4. Quick fixes in Crypto…Cringe…. Did you really say that? In no way shape or form is a quick patch advisable. LET ALONE putting a patch from one project into another. Remember, PIVX devs work on PIVX codebase. UNLESS your very own fork/clone is absolutely identical to the current PIVX codebase, ANY patch you then quickly “slap into” your own repo….you are taking on a HUGE risk of missing something, editing out some commit, and/or otherwise opening up your repo to other unknown risks. Implementing ANY change to one’s codebase should go through significant testing and QA to ensure compatibility and the ongoing security/stability of your network.

August 12th, 2019

Now we are < 24/36 hours from when Han (Team Lunar) came into PIVX. Suddenly, an article is published and then repeated with updates about:

  • A vulnerability in PIVX
  • 200+ Forks of PIVX being attacked
  • PIVX devs keeping this attack hidden for months
  • Even more assumptions and wild accusations.

What we LEARNED from this article, however, is a key player to this:

Enter Bitgreen.

Han’s (Team Lunar) writeup seems to praise Bitgreen as calling to light a recurrence of a bug and goes on attempting to smear PIVX saying they hadn’t fixed a bug they said they had, kept it secret, and it’s terrible because they didn’t tell anyone about it.

Unpacking this inflammatory first paragraph of the article:

  • The “issue” that BITG was experiencing was something altogether different from what Yoon was attempting to show possibly going on in PIVX. Apparently, the “issue” going on in BITG was based on presumably the BITG developers having removed a very important consensus check (a missing nTime check). This has nothing to do with PIVX nor a possible “exploit” PIVX may have suffered;
  • See here in the bitgreen github:
  • (
  • Removing this nTime check can be VERY catastrophic and can lead to hyperinflation and eventual chain death. This is presumably why BitGreen experienced a crippled rewards system of several chains including Bitgreen.

— — —

Ok, so lets pause here for ONE second and recap.

  • Han (Team Lunar) comes into PIVX seeking a quick fix for one of his/their clients.
  • Han (Team Lunar) doesn’t get the answers (and or quick fix) they want.
  • Han (Team Lunar) publishes a defamatory article online with mis-stated facts, outright lies, and apparent praise of a project “Bitgreen” (a PIVX fork).
  • Didn’t Han (team Lunar) say one of his client’s projects needed some quick fix because their chain had stalled/stopped?
  • Didn’t Bitgreen (quoted in this article) state their chain had stopped along with others ( presumably, other forks of Bitgreen — thus, forks of a fork of PIVX)?

Does this mean that Bitgreen is indeed Han (Team Lunars) Client? Who knows what the connection is between the two. It doesn’t really matter in the end. What does is the misrepresentation of facts and falsehood published in the article.

— — -

Back to the article written by Han (Team Lunar) pushing Bitgreen (and attempting to discredit PIVX).

The BITG attack has nothing to do with PIVX or the PIVX chain specifically. They (their developers) did something to their own codebase which opened up their own can of worms.

— —
Ok, so now the rest of the article.

There is indeed an abnormality going on in PIVX, but it’s not exclusive to PIVX. But before we dive into that, we ALSO need to explore the errors and falsehoods in the original Han/Team Lunar article.

The article makes claims that 87 coins minted 48 (which is wrong).

  • There are more than 87 coins in this wallet. It was over 11k when the article was written — it’s now around 9.7k
  • Main Address DHagKZ4ByFgxXe3txYysxqG5x6PvcSmwQS

Back to the issue with the staking rewards and Proof of Stake Consensus though:

What appears to be at play globally is a Proof of Stake consensus “issue” whereby it’s possible to game (through UTXO splitting) the consensus to skewing the rewards to smaller, less value inputs. Additionally, the problem over this is that it appears the “attacker” can know when their coins are going to stake in advance, which is why they do the utxo shuffle and thus the large amount of “suspicious” transactions.

So, what does this mean:

  1. No effect on the coin emission (meaning, there aren’t MORE coins being generated).
  2. No Loss of users coins (individuals wallets aren’t at risk)
  3. The “attacker” appears to be potentially able to game the network and end up with more of the rewards.

This is NOT the fake stake attack that was reported by the decentralized Systems Lab out of the University of Illinois. That was successfully mitigated back in February and this is NOT a recurrence of that attack. Thus Han’s (Team Lunars) statement was false — and stating that they’ve known about “this” specific bug is additionally misleading at best.

Shortly after Han (team lunar) published their piece they began circulating it (presumably) onto hackernoon, getting picked up (without any observable fact-checking) by:



Of course, it began to make its rounds onto r/CryptoCurrency as well, and so far the written article responses to that posting were curiously blocked by mods there.

Adding more speculation to the fire, Cointelegraph blocked its comment section shortly after individuals from PIVX began posting factual information correcting their posting

Curiously as well — the link I posted on cointelegraph linking to the PIVX writeup about the article has since disappeared, while other comments remain.

And now the kicker.

Remember Bitgreen?

Take a look at its market today…up 65% (on 2BTC of volume).

We’ll let you all decide what’s going on with Han/Team Lunar/Bitgreen/Coin Telegraph.

A few takeaways:

  1. There are PROPER ways to dialogue, discuss, report, and work through bugs, potential vulnerabilities, etc. Pushing out an article online is NOT the recommended course of action (especially as this potentially opens your and many other projects to attack vectors)
  2. It appears Han/Team Lunar succeeded in getting some awareness of Bitgreen into the crypto realms.
  3. It’s sad to see “crypto journals” push articles without proper validation of the reported facts. If indeed anyone had communicated (beyond demands, etc) with PIVX (not just the developers, who are already maxed in code work), perhaps this misinformation wouldn’t propagate through the crypto waves.
  4. It’s sad to see such restrictions, censorship, etc occurring as well (which allows a single narrative to continue) and not allow for dialogue, discussion, and presentation of facts.
  5. I’m not saying there isn’t something abnormal going on with the PIVX network. It does appear there is (which is what the DEVS have identified and found a solution for). As they (the devs have shared)
  6. At this point, we can confirm that the behavior is in fact NOT a resurgence of the “Fake Stake” attack from earlier this year, as the article claims.
  7. PIVX users funds/PIVX are NOT at risk.
  8. The network’s stability or chain trust has NOT been compromised.
  9. Investigations are still underway as to the aberrant behavior, and a more detailed findings report will be issued once investigations are concluded.
  10. We are in communication with other projects and will seek to include as many as possible as our investigations progress and report to them how to properly fix any problem(s).

As for what else is going on in PIVX:

  • The Developers already have a solution pending for this Proof Of Stake consensus skewing.
  • There is a slew of PIVX codebase updates, improvements, and enhancements coming in V4 of the PIVX codebase.
  • New Core Wallet (Built from scratch) is inbound
  • New Proof of Stake Privacy Protocol
  • New PIVXsports ambassadors including Luke (Masters Strongman) and Maighan (Olympian hopeful Female Triathlete)
  • New Light wallets (Zephyr)
  • New PIVX merchandise store
  • Launch of the PIVX Foundation
  • Cold Staking for PIVX