BitClout uploaded user keys to a public server

The BitClout platform has been criticized on Twitter after it was revealed that it uploads user keys to its server on every API request.

Walking keys

This practice gives every BitClout employee the potential to withdraw any amount from the platform at any time, including absolutely all the money available on it.

About this fact reported in a tweet from James Prestwich, founder of blockchain company Summa. He ended his post with outspoken criticism of BitClout founder Nadir Al-Naji:

“@Nadertheory and his team are too incompetent to develop a browser-based crypto wallet. Therefore, they decided to do without him … ”, – summed up Prestwich.

He added just below: “They’re laying out the keys so the API can sign everything for you. It is very kind of them to take care of your money without telling you anything. “

These Twitter posts attracted other critics of the project as well. For example, one user noted that this can be compared to a situation when a company takes credit cards from customers and they begin to be transferred around the office without restrictions.

Prestwich recommended that all users by default consider their seed phrases compromised and transfer funds to new addresses using the new mnemonic phrases.

What BitClout?

BitClout is a Bitcoin-like blockchain. The project has its own BTDX cryptocurrency and a social platform that works in the same direction as Hive or Steem.

It allows users to speculate on celebrities by buying and selling personalized coins that are linked to celebrities and their real Twitter profiles. BTDX coins can only be purchased with bitcoins.

Not the first time

It should be noted that this is not the first time the BitClout platform has been involved in a scandal. In March, the editorial staff of BeInCrypto already reported that this NFT marketplace was caught in copyright infringement.

The social network’s monetization of famous personalities without their consent seemed to some legally controversial point. As a result, the company has already received an official warning from the law firm Anderson Kill PC, representing Brandon Curtis, developer of the Radar Relay decentralized exchange.

Lawyers for Anderson Kill PC threatened BitClout with a full-fledged litigation, and Curtis himself on Twitter called the activities of the marketplace “unethical” and “flagrantly illegal.”

Another media personality outraged by the actions of BitClout was the Prime Minister of Singapore Lee Hsien Loong.


All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website.


Karice Dabule

Read Previous

Ledger and Shopify filed class action lawsuit over data breach

Read Next

Everyone who comes in here: in 70% of cases, spammers call from unknown numbers