A blockchain developer who claims to have reverse-engineered the source code of Brazil’s pilot central bank digital currency (CBDC) has discovered functions in the code that would allow a central authority to freeze funds or reduce balances.
He has since argued, however, that there might be situations that such functions could be beneficial.
On July 6, the source code of the digital Brazilian real pilot project was posted on GitHub portal by Brazil’s central bank. It was explained at the time that the pilot project is intended for use only in a test environment and that the “presented architecture” may be subject to additional changes.
Pedro Magalhães — a blockchain developer and founder of tech consulting firm Iora Labs — later that day claimed to have been able to “reverse engineer” the open source code of Banco Central do Brazil’s digital real, revealing functions in the code.
The functions included freezing and unfreezing accounts, increasing and decreasing balances, moving currency from one address to another, and creating or burning digital real from a specific address.
6/ These resources can be executed by any entity that receives proper permissions from the controlling entity of the new system — i.e. the Central Bank.— Vini Barbosa (@vinibarbosabr) July 10, 2023
Among the changes authorities could potentially make using these functions are, for example: pic.twitter.com/AT5v1rOQbK
Magalhães told Cointelegraph that Brazil’s central bank would “probably” maintain these functions for secured loans and other financial operations based on decentralized finance (DeFi) protocols.
The problem, Magalhães explained, is that the code lacks specificity about the circumstances under which the tokens can be frozen and, above all, who holds the power to execute them:
“One thing is to agree with an operation and execute a DeFi operation that involves different blockchains; another completely different thing is an institution having the ability to freeze the balance on its initiative, and that’s precisely how they’ve developed the smart contracts.”
These aspects should always be exposed in the smart contracts publicly and discussed with the population, which hasn’t been done yet,” he added.
Many in the cryptocurrency community have raised concerns that a CBDC has the potential to infringe on their financial freedom and encroach on their privacy.
11/ One of the purposes of publishing the pilot, as written in the project's so-called “Onboarding Kit”, is to receive feedback — leaving all documentation subject to evolution or changes. And that's exactly what developer Pedro Magalhães did: he provided feedback.— Vini Barbosa (@vinibarbosabr) July 10, 2023
He explained that taxes would be more easily traceable, enabling the public to inspect which resources tax funds are allocated to, in addition to inspecting purchases made by the state on-chain and strengthening transparency in parliamentary amendments.
In July 2022, Fabio Araujo, an economist at the Brazilian central bank, explained that the digital real has the potential to halt bank runs and looks to provide entrepreneurs with a more safe and reliable environment to innovate.
The digital real pilot is reportedly running on Hyperledger Besu — a privately operated Ethereum Virtual Machine (EVM)-compatible blockchain.
Because it isn’t permissionless like the Bitcoin or Ethereum mainnets, users will need the central bank’s approval to become a node, Magalhães stated on July 7.
Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.