Digital Asset Research has recently come forward with a report alleging that the Tron database has several instances of code stolen from other projects on the blockchain. In particular, Ethereum seems to be one of the main providers of the ripped code, according to the research firm. An extensive article from DAR on Medium outlined that the developers from Tron disguised copied code by changing file names.
The Tron network now may face a plethora of legal and technical issues as it develops and enters the mainstream of the crypto-tech community. Moving forward, responding to these accusations is going to be essential to calming the market freak-out which will inevitably follow the release of these accusations, which are likely to be very serious for a new project.
The DAR article remarked that the project has been alleged to have violated the “GNU Lesser General Public License v3.0 regulations which helped to garner legitimacy to the project. This violation arose because the developers failed to mention that the Java-Tron client was heavily derived from Ethereum’s library, EthereumJ. The research from DAR found “several instances” of copied code, which was either copied directly, or modified slightly without citation, from Ethereum.
Intentionality and Implications
The copied code seems to be no accident, according to the DAR investigation corroborated by CCN. One DAR representative remarked that there was a deliberate attempt by developers to hide the plagiarism within their code. They went through “the hassle” of modifying function titles and changing names in order to decrease the likelihood that an observer would notice that the code was directly derived from another source, mostly Ethereum.
He believes that there will be significant legal and ethical implications from this accusation, especially if the victims of the supposed crime are made privy to the violations and are compelled to take action. But the biggest problem, he said, does not come from a legal perspective. Instead, this representative remarked that consumers should “adjust their expectations” for Tron technology following the revelation that they ripped code off of existing structures.
This is necessary because, as he expounds, the vulnerabilities which were native to the previous system cannot be avoided if the code used to create the vulnerabilities is the same on the new system. In short, the theft of code means that any problem in the original Ethereum library platform will be equally problematic on the Java-Tron client.
This could be a huge issue for the Tron mainnet release, which is supposed to happen on June 25th. Investors have been pumped for the new technology to be released on the mainnet, but researcher Lucas Nuzzi feels that they should be much more skeptical. In one tweet, he quips that the technology ought to be referred to as the “Frankenstein of crypto,” mostly because of its recycled parts.
In any case, the Tron mainnet release will require the company to promptly respond to these allegations and, if necessary, make revisions to their existing infrastructure to avoid losing investor faith and institutional interest.