FTX "insurance fund" calculated by multiplying trading volume by random number

Yes. This should be an instrumental price of evidence in proving that FTX leadership was not “tragically incompetent” but rather willfully and knowingly defrauded its customers.

i think when you are trying to prove a company is lying about having a zillion dollars of insurance, it helps if you can kind of pull the curtain down and show everyone the number 'zillion' was made up by someone throwing a pair of dice, not by someone counting a pile of zillions of dollar bills.

Well, yes, the issue is it was fake. But they compounded their fraud by publicly asserting a value of the fund, and the fact they implemented it as a random number shows malicious intent. Sometimes you can wave around incompetence etc as a mitigating factor, but this is clearly intentional deception and this proves it clearly and beyond a doubt.

I always imagine large scale financial fraud as something requiring a great amount of financial expertise. Seeing this code snippet is surreal.

I'd guess numpy has been used for lots of fraudulent accounting! Congratulations, I guess?

"light"?

> Protip. If you are committing fraud in the future. Use a compiled language, do not use offsite version control and UPLOAD ONLY THE BINARY.

Until you get prosecuted and legally required to turn over the source code, as it happened here.

It's always weird when people try to give advice on how to commit crimes here, but it's even weirder when the advice is horrible.

The bytecode of the binary could also be used to prove it was a random number generator, right?

And thus we arrive at yet another use for the venerable FCIB[1].

[1] https://devblogs.microsoft.com/oldnewthing/20171114-00/?p=97...

Put the fraudy bit in a config file and don't commit your config.

There are, however, some type annotations.

I am sorry we didn't serve your interests

np.random itself with that configuration can go negative with a probability of 0.62% as can be derived with scipy.stats.norm(loc = 7500, scale = 3000).cdf(0) or by looping a million times and counting the negative numbers.

Maybe the f2d function filters negative values but it sounds like a simple float-to-double conversion.

I'm not sure whether it was intentional, but, contrary to the headline, this random value was used to update the fund size daily as shown in the rest of the code. So, a single day for which the fund actually decreases wouldn't matter much. It might even be beneficial to make it look more real.

The function doesn't calculate the insurance fund amount directly, it only applies a change to the insurance fund (line 28), based on last day's trading volume. Presumably this function gets run every day, so the size of the insurance fund would be the sum of this process repeated multiple times. The chances of that going to negative would be astronomically low.

Since it's a normal distribution with a mean of 7500, and a standard deviation of 3000 multiplied by daily volume—it would only cause a negative change less than 1% of the time. This "PublicInsuranceFund" truly embodies their culture of "number go up".

This is obviously just speculation, but there probably wasn't a whole lot of thought put into it by the coder. The goal was "produce a fluctuating number based on daily trading volume so that it looks like we have a real insurance fund". The randomness is simply there to help make the fraudulent representation less obvious. The fact that the number can (very rarely) go negative is just another example of the fly-by-the-seat-of-your-pants thinking pervasive at FTX.

I'd imagine that the person writing it thought the function generates numbers 7500 +/- 3000 and not anything outside this range.

No they don't. The defense attorneys likely know it better actually (I know one). But if the guy who wrote it actually walks a prosecutor through it, it isn't that complicated

One advantage of source code control systems is you know who to send to prison.

That screenshot is already a diff view, which means this is already from either a commit or a PR.

They've been discussing who wrote which git commits in the trial.

When you tell your customers that a particular number corresponds to something real (e.g. the amount of money in the insurance fund that protects their assets) but you know the number was actually chosen randomly with no connection to that allegedly real thing, that's called "lying", or in the business world "fraud", and you can go to jail for it.

Strictly speaking the problem isn’t that it’s random, the problem is that it’s a lie. The fact it’s random proves that the number isn’t real.

The RNG is used to give some variance to the number without accidentally making a pattern (which humans making up numbers tend to do). Literally using a RNG in code that’s meant to produce a value based on real world data is blatant and hard to defend if true.

If you claim it's a fund to mitigate risk you probably should actually put money into said fund and not just pull some number out of your code.

So technically it's not the randomness that's the issue, and a constant or manually updated fake amount would be as bad, but to me as a layman but it seems like they use a random number to imply a sophisticated risk management system.

The problem is that the reason it is random is to mislead. If it were a static number then it would be obvious it was faked. The value is designed to look like it is pulled from a fund whose balance is determined by market conditions. But viewing the code, there is no fund to get the balance from, only a call out to random().

It’s like putting pillows under your blanket so someone thinks you’re in bed. Once they find the pillows you aren’t going to get away with “oh I thought I was allowed to be out all night.”

...and this is how this code gets written.

When a software engineer writes code because the code makes sense or solves the problem, without interrogating the problem or how it applies to the real world, there can be real and significant consequences. We trust far too much of our lives to tech to ignore these issues when we're on the side of writing the code.

Agreed — isn’t the problem that nothing was actually being set aside for the insurance fund, not that the amount being set aside was based on a random number?