Topic: BTC Lend LLC, btclend.com btclendtalk.org (Read 933 times)

My BTC Lend LLC, www.btclend.org Experience:

The company BTC Lend LLC organized in Delaware file # 5650922
CEO Carmelo Millian
Registered MSB via FinCEN: 31000064289192 for Money transmitter and Other.
BTCLend provides Peer 2 Peer, bankless, virtual currency loans and related services. Through their web platform www.btclend.org. The company holds customer deposits, loans virtual currencies to its users, allows its users to loan virtual currencies to each other, as well as other virtual currency related services.

Loans/Registration/Payments
I had a few problems with registration, and then some issues with my documents being approved for the account and lending verification. Carmelo generally took care of them but it was sort of a pain to get my account verified to a high enough level in order to have a decent reputation to start out.

A reputation loan is a non-collateralized loan given from BTC Lend or one of its users to another of its users. Reputation loans use a scoring model or algorithm based on a user's reputation score. The score is based on things such as identification provided, previous history, and presence in the community as well as other factors.

I had my first reputation loan funded Jan 24 for 0.15 BTC. It doesn't seem to stand out as having any issues. I paid the loan back a few days later to build my reputation score. I had to link my coinbase account every time I wanted to make a transaction, and disable coinbase two factor authentication (2FA) for the transaction then enable it again or it wouldn't go through.

My second reputation loan was for for 0.95 BTC I made the First payment of 0.34754167 BTC a couple of days early, it never registered on my account then showed late and resulted in my reputation score going down.

I made the next payment this time on the day it was due. Also showed as late, resulting in losing more reputation score through no fault of my own. I had to email BTCLend CEO Carmelo Millian directly with all of the payment information and it took several emails for him to fix the issue with my account and reputation/profile.

Then I made a larger loan request for 2 BTC (~$500 USD). It was funded and again I needed to manually authorize the coinbase API, disable Coinbase 2FA, make the withdraw, re-enable 2FA. I made my payments on time etc. eventually decided that I didn't want to deal with the payment system anymore, so I paid off my loan off entirely early just to be done.

Staking
Paycoin, symbol XPY, is a virtual currency created based off of the Peercoin source code. While the original virtual currency Bitcoin is based of Proof-of-Work which requires vast computational power to generate new coins Peercoin and paycoin are based on Proof-of-Stake which requires a user to have stake or an investment in the coin in order to generate new coins. Staking is the systematic process of generating new coins. BTCLend began offering a "staking wallet" or "staking service" for Paycoin.

In the meantime as the XPY staking wallet launched I moved the bulk (at that time) of my XPY holdings to BTCLend to stake. I had very few if any issues technically speaking during that time.

As time went on and I saw ideas like LendCoin (LCN), a virtual currency with a guaranteed $1 floor value, come and go watching how BTCLend grew I became more and more uncomfortable that they were good stewards of my deposits.

On May 20 I submitted a ticket requesting that my XPY be unlocked and that my account be deleted. I looked for any TOS I could find and the one I found had no mention of unlocking the staked XPY or any mention of penalty.

After 6 days of no response I emailed BTCLend CEO Carmelo Millian directly, asking for a resolution. He then informed me that he could unlock my coins, for a 20% penalty.

I still can't afford to take a 300 XPY hit, so I decided I'll just deal with it until July when they unlock anyways.

Little did I know the Coinbase API was still actually active on my account, somehow it managed to work perfectly in the end.

On May 29 I woke up to a couple of emails from coinbase that I wasn't exactly expecting:

"On May 29, 2015 you purchased 4.0000 BTC for $958.01 USD from *Bankname* - Bank *****last4.
Those bitcoins are now available in your My Wallet account!"

Followed Shortly By:

"You just sent 4.0000 BTC (worth $946.00 USD) to 1JYprFYWXWsJ2c3YFAztoX5WHoPwJQh6s3.
Attached message:
Funded by Transfer with ID: 556883126c32f9273100009b"

I immediately contacted Coinbase about my account being compromised. Given that I had 2FA my initial reaction was one of confusion and great concern. I then followed up with my bank to let them know that there was a purchase coming that was fraudulent as a result of my coinbase account being compromised.

As I calmed down over the next few minutes I started working through how the 2fa could have been bypassed. My phone had no new texts with Authy requests for new devices, as I looked at my Coinbase account further and checked the API access to my account there was that lone entry from BTCLend. The one that never worked to begin with, active with full access to my coinbase account.

After disabling it I then again contacted Coinbase and let them know I was fairly certain I knew how it happened (they had emailed me in the meantime asking if I knew about BTCLend). They also mentioned that since this was an API I authorized I was basically out of luck. I also know that if I initiated a fraud dispute with my bank over this I would lose my coinbase account. Not something I'm exactly keen on.

I then contacted Carmelo. And let him know that my personal bank account had been hit for $1,000 dollars. On BTCLendtalk a thread had been created https://btclendtalk.org/topic/251/coinbase-hacked where a user had mentioned himself and another person had the same 4 btc taken from their coinbase via the API.

Carmelo then posted, https://btclendtalk.org/topic/252/our-coinabse-api-was-compromised-solved, that there was a compromise and that no customer coins had been compromised. The full message regarding no customer funds compromised was later erased with no explanation given as to why. Despite that thread being active and 3 users (myself being one of the three) reporting that we in fact had coins compromised, and we were also BTCLend customers. It wasn't until he was told directly by others in a call that coins had been compromised and he needed to fix his post did he do so. In reality thousands of XPY were taken and over 25 BTC.

Carmelo then promised to pay me back, but not until the following Friday June 5th. In the meantime, My house payment was due June 1 and the payment had already been sent/authorized. My car payment was due June 1 and had already been sent/authorized.

As promised on June 5.

"You just received 4.0000 BTC (worth $899.44 USD) from an external bitcoin account."

By the time I was paid back BTC had lost value and the amount I was paid was worth almost $50 dollars less as the funds came directly out of my checking account.

So to say that this would be a financial problem would be putting it lightly. I had to borrow 4 BTC from a very generous friend and initiate a sell immediately on my coinbase account (after I finally got it unlocked)

***Continued in next post****

My sob story:
My wife and I live on a fairly tight budget. I'm a stay at home dad who got full-on garza'd (An alleged international con-man accused of defrauded 1,000's of virtual currencies investors of tens of millions of dollars). We live generally on the edge and the first of the month is always close as most of our payments hit around that time. Had I not been able to immediately borrow the money I would have had a late house payment, a late car payment and certainly a hit on my credit. The best part. June 5th is my anniversary so as if it did suck enough we almost had to cancel our weekend plans to take our son camping.

I have again asked that my coins be unlocked, and without penalty. I feel like it's the least they can do for my trouble. Generally my experience has been nothing but, at the very least a constant inconvenience. It's fairly apparent as time has gone by that BTCLend is playing fast and loose with not only security, but customer coins.

His initial response was to tell me that Coinbase had been hacked and that he was covering his customers because it was the right thing to do.

"Just so you know, The Coinbase hack was not only on BTCLend customers. We just went ahead and covered our customers because it’s the right thing to do. Good Luck."

I reached out to Coinbase using my existing ticket related to this incident as I hadn't heard anything regarding Coinbase being comprimised: Thje response from Coinbase support closed with this:

"The unauthorized transactions were created using only the API key which you affirmed was used for BTCLend. Whomever created these transactions required access to the API key, and at this time we have no indications that our customer’s API keys are vulnerable."

Carmelo has agreed and asked his developer to unlock my coins. I will be withdrawing all my holdings from BTCLend when they are available. I will be requesting my account be closed my data be deleted. He has now informed me that the coins are locked as collateral and asked if I still have an active loan. (I don't). One thing after another, after another.

I generally don't post often or anything of substance. I'm not really one to make public posts about individuals or companies, especially after getting GAW'd as hard as I have. I feel like it's important for me to share my experience as I've been a BTCLend user since nearly the beginning. I've experienced real loss as a result of BTCLend, the stress on my family alone over this last issue has been enough to make all of it not worth it. Knowing that others out there will continue to experience what I have bothers me enough to make people aware of what I've dealt with and the loss and headache I've endured.

Well Looky Here:

https://btclendtalk.org/topic/251/coinbase-hacked
https://archive.is/MerLI

@VCollective

Still waiting for this supposed "rogue developer" to be identified. Why would BTClend not expose this person who took control of their customer's deposits and then crazily used leaked HYperstake keys to set up Hyperstaking addresses with them instead of simply moving them to an anonymous wallet? This rogue developer is clearly insane, and the Crypto Community is at risk of this guy turning up somewhere else to make extra income for some other business through nefarious means as well. Or, Carmel Milian is lying and he and his partner Homero Garza were the ones who took customer coins and set them up with the leaked Hyperstake keys.

That is from Aleister Crowley's Law of Thelema: "Do what thou wilt shall be the whole of the Law", which was derived from fellow occultist François Rabelais' work, who wrote this rule as "fay çe que vouldras", French for "do what you will."  

Carmelo is telling you right to your face that he will do whatever he thinks he can get away with. Him and his amoral fake Christian Hypocrite Scumbag partner Homero Garza disgust me.  

"Infesh with BDZlend. *Hic* Were todal like a lejit bank and sztuffs. *Burp* Noaw we nead yur perzonel itendificashuns too soz we can like helps you bedder. U can trust Us wiffs ur perzunal infurmashuns cuzz our motto is "We do what we will". *Hic*

Paycorn btclend homero jail sec scam fraud $20

AML/KYC COMPLIANT

BTCLend is registered with FinCEN as an MSB and is committed to preventing money laundering and illegal activity. BTCLend is proactive in monitoring irregular and increased account activity.