{"id":372,"date":"2026-03-03T00:55:18","date_gmt":"2026-03-03T00:55:18","guid":{"rendered":"https:\/\/blog.vipor.net\/?p=372"},"modified":"2026-03-04T17:42:39","modified_gmt":"2026-03-04T17:42:39","slug":"initverse-ini-backdoors-blacklists-stolen-pow-pool-lockout-centralized-mining","status":"publish","type":"post","link":"https:\/\/blog.vipor.net\/tr\/initverse-ini-backdoors-blacklists-stolen-pow-pool-lockout-centralized-mining\/","title":{"rendered":"InitVerse (INI): Backdoors, Blacklists, Stolen PoW & Pool Lockout – Centralized Mining"},"content":{"rendered":"

We carried out this analysis using only publicly available node source code and on-chain data. Some of what we found is indisputable<\/strong> (e.g. code and chain state anyone can verify); other conclusions may be disputable but we believe they are well supported. We welcome anyone who wants to correct us or challenge our findings \u2014<\/em> please join our discord<\/a> and reach out.<\/p><\/blockquote><\/figure>\n\n\n

Like other pools such as K1Pool<\/a>, we\u2019re always on the lookout for new coins to support. We came across InitVerse (INI), were genuinely interested, and started digging \u2014 only to find the backdoors, blacklist, stolen algorithm, and centralized control we document below. We\u2019re publishing this so the community and exchanges can see what\u2019s in the code and on the chain.<\/p>\n\n

—<\/p>\n\n

What Is InitVerse?<\/h2>\n\n

InitVerse claims to be a decentralized PoW blockchain using their “VersaHash” algorithm. They sell ASIC miners (Pinecone INIBOX, 850 MH\/s), cloud mining hashrate (inimining.cloud), and raised 500 BTC (~$50M) from investors. INI trades on MEXC and XT.COM at ~$0.12.<\/p>\n\n

What we found after analyzing their node source code, on-chain data, and miner binary tells a very different story.<\/p>\n\n

For a recent video overview:<\/strong> Rabid Mining on YouTube<\/a> \u2014 InitVerse (INI) breakdown and Nexa2InitVerse (proof that INI uses NexaPoW and the pool blocks GPU miners).<\/p>\n\n

—<\/p>\n\n

Finding 1: VersaHash Is NexaPoW (Rebranded)<\/h2>\n\n

Their “proprietary” VersaHash algorithm is cryptographically identical to NexaPoW \u2014 same double SHA-256, same Schnorr signature (secp256k1, RFC 6979), same Schnorr+SHA256<\/code> tag, same final SHA-256. They took Nexa’s algorithm, renamed it, and called it their own. Independent proof: Nexa2InitVerse<\/a> mines INI using standard NexaPoW (Rigel) via an adapter that speaks YatesPool; the chain accepts the blocks, confirming algorithm identity. The privacy and homomorphic-computing features they market (e.g. data processing for hospitals or labs) are not present in the node code; the chain is a fork of Binance Smart Chain (itself a fork of Ethereum), with nothing meaningfully new on-chain.<\/p>\n\n

They have two whitepapers. The Technical White Paper<\/a> describes Proof of Resources (POR) with validators and an 86% \/ 10% \/ 4% block split, halving at 1 year then every 3 years \u2014 the live chain does not implement that. The one they link on their site, the INIChain Whitepaper<\/a>, matches the current narrative: PoW, VersaHash, DDA, team “mining address” for “community building and airdrops,” weekly halving \u2014 same as the tokenomics page<\/a>. So the “official” story is the INIChain whitepaper; the catch is that VersaHash in it is just NexaPoW (same algorithm, rebranded). The Technical White Paper’s POR design is unimplemented.<\/p>\n\n

—<\/p>\n\n

Finding 2: YatesPool Is Effectively the Only Pool \u2014 and They Control Who Can Produce Blocks<\/h2>\n\n

InitVerse publicly says anyone can mine with GPUs and run nodes. In practice, they control who can produce blocks and have designed the pool protocol to block GPU miners.<\/p>\n\n

Block producer whitelist.<\/strong> They maintain a whitelist of addresses that can produce blocks. As K1Pool have reported<\/a> ve Nexa2InitVerse<\/a> demonstrates: only official wallet addresses can serve as nodes, and even if someone finds a block, they can’t add it to the chain. So they define who can actually mine blocks \u2014 not just who can transact.<\/p>\n\n

YatesPool<\/strong> is the only mining pool that works for INI. When a miner connects, the pool sends a Ping that only an inibox (their ASIC) can decode. If the miner fails to respond with the correct Pong, it is disconnected. This blocks anyone from submitting shares using standard NexaPoW miners or GPU software like Rigel \u2014 even though the underlying algorithm is<\/em> NexaPoW.<\/p>\n\n

Independent researchers built Nexa2InitVerse<\/a> to prove the point: by connecting an inibox to the adapter, they can impersonate an inibox and mine INI using NexaPoW (Rigel) on the other side. The adapter decodes the Ping, responds with the correct Pong, and forwards shares. Without an inibox to spoof, GPU miners are locked out.<\/p>\n\n

Reports from others state:<\/strong> Their official GPU mining software runs at roughly one-twentieth of normal speed to appear different from NexaPoW. On their pool, GPU hashrate is capped at 10 MH\/s display unless you buy an inibox. The inibox itself is very likely a modified Dragonball Nexa ASIC miner \u2014 same algorithm, locked to their pool. So: one pool (YatesPool), a whitelist of who can produce blocks, protocol-level blocking of GPU miners, and a strong incentive to buy their hardware.<\/p>\n\n

As of March 2, 2026, we attempted connecting with a GPU and CPU per their mining guide<\/a> and could not even connect at all even using their exact example run command (and our own address). This leads us to believe they have completely disabled GPU and CPU mining<\/p>\n

—<\/p>\n\n

Finding 3: 77% of Blocks From Four Addresses<\/h2>\n\n

We scanned the last 2000 blocks. Only 6 addresses produce blocks:<\/p>\n\n