Wow... that looks to me like they're injecting their affiliate code to some URLs which the user would have to type in manually, like "binance.com", "coinbase.com/join", or "trezor.io/product/trezor-one-metallic". That's affiliate fraud -- Brave is not responsible for referring the user to those URLs, so it's inappropriate for them to claim credit for the referral. I'd be shocked if the parties involved didn't terminate Brave's affiliate account upon discovering this.
He says "We are a Binance affiliate, we refer users via the opt-in trading widget on the new tab page, but autocomplete should not add any code."
Charitable interpretation: It is possible that he told the development team to add the affiliate code on the new tab page, and someone in the development team decided to add it to the autocomplete code as well, without him realising. I've certainly seen it happen when developers are told to do X and then they decide "oh since we are doing X we should do Y too". It isn't even always a bad thing, but sure sometimes it is.
Of course, the charitable interpretation could be wrong. Maybe he is actually being deceitful here. But, I prefer to assume the best of people rather than the worst.
Interesting as I didn’t realize Brave did all their development out in the open like this.
“ Similar to top site suggestions, we'd like to add Crypto Widgets and Binance related suggestions based on what a user types in the URL bar. This is mostly an experiment to see if it's useful. It could be expanded in the future to involve BAT or even be used if the user has Brave ads turned on.”
(1) CEO tells CTO to do something nefarious. CTO does what he's told. CEO gets caught out. Publicly, CEO spins it as an innocent mistake.
(2) CEO tells CTO to do something more innocent. CTO decides to do something more nefarious instead (maybe entirely intentionally, maybe simply by misunderstanding the ask.) Either way, the doing something more nefarious wasn't intentional by the CEO.
Which of the above two possibilities is true? I don't know. But I don't think you know either.
Two possibilities now since your last hypothesis was proven wrong with a simple git blame?
But sure, maybe the CTO/co-founder went rouge, lol.
What's the difference at that point? Both are leaders/founders of the company.
Either way, I don't want to use a browser that either someone is implementing affiliate links in the omnibar because they were stupid, or because they want $$$$.
The traffic and 99% of the browser code isn't theirs, why do they deserve affiliate money?
Btw there's a difference between being charitable and being naïve. It's obvious this was intentional.
What really happened was the CEO and the CTO sat down with these crypto companies and sketched this deal out to the T.
They hijacked the search terms "btc", "ltc", "bnb", etc. and herded users to those sites for a fee.
Could you imagine your scenario though? The CEO just woke up and was like WHOA where'd all this money come from, so the CTO says well I accidently added too many affiliate links, but the CEO was like ehhh keep it like that for a few months until people make a big deal about it, then I'll act surprised and remove it.
The commit creates a new class "SuggestedSitesProvider" which looks like a generic system for detecting pageloads and automatically inserting affiliate IDs. So perhaps this is a nascent revenue stream for Brave that will be applied to more sites than Binance in the future.
https://twitter.com/BrendanEich/status/1269313200127795201