To claim it demonstrated intentional fraud rather than poor UX and rewards architecture in an early beta (which was immediately fixed) is simply not credible.
The only funds flowing through the system at that stage were from Brave's own marketing budget through the form of user grants.
The concerns were about theoretical, future issues if Brave ever broke out as a mainstream browser and rewards / payment solution.
Even now, a year after the issue was fixed, it remains to be seen whether Brave's payment system draws in anything more than Brave's own distribution of tokens (through grants and ad rewards to users).
As an early adopter I'm aware of honest, thoughtful criticisms (browser monoculture with Chromium) and... this is not one of them.
I didn't just follow it closely, I directly discussed it with Brave developers here and on Twitter at the time and I've continued to have to deal with their fraud for the last year. In their issue tracker an employee specifically called out me blocking them over this[0] to justify continuing to spoof their User-Agent. I am unfortunately still involved by having to burn more volunteer developer time and effort to block them.
You claim I didn't make an honest or thoughtful criticism, but you didn't support that by disputing any of my facts or reasoning, and your only defense of Brave is that they were caught too early to successfully defraud anyone. Whether the money was taken directly from end users or indirectly from speculators in their ICO is irrelevant. They falsely represented themselves to users as site owners and they continue to evade responsibility by falsely representing themselves to site owners as different users. It is tediously prudent to want nothing at all to do with a company that does business through misrepresentation as a standard practice.
Your first criticism demands people ignore Hanlon's Razor ("never attribute to malice that which can be adequately explained by stupidity") and buy in to a most bizarre business model: that the Brave team had a plan to defraud users of donations to unverified creators.
It's hard to overstate how absurd this is as you work through the implications: it means this business model is in conflict with the obvious goal of growing the ecosystem of verified creators as quickly as possible, and assumes incredible ignorance from the Brave team about likely revenue from users unwittingly donating to unverified creators.
The reality is without creators actively pushing their supporters to donate to them via Brave's rewards system the funding flow would largely be Brave 'promoters' pushing creators to use that funding channel.
Instead of this nonsensical explanation it's easy to understand the simple and correct one: Brave had an aggressive growth marketing strategy where they imagined being able to email unverified creators with emails about how much $$$ they could collect from users who had started donating to them, and in doing so accelerate verification of creators.
The stupidity here is that they didn't properly consider that some creators would rightly object to an implication Brave Rewards was an approved donation channel for that creator, which could theoretically risk cannibalising donations that would otherwise go through other channels (that it would likely be a negligible amount doesn't make it any less unethical). Brave did the right thing in fixing it in an early public beta, which is the point of public betas.
Your second criticism about user agent spoofing depends on a fundamental lack of awareness about the whole history of user agent strings, which is basically a story of challenger browsers spoofing the user agent string of the dominant browser within an ecosystem for compatibility reasons [0].
That you attempt to assert that UA spoofing is a nefarious practice (but presumably only for Brave, not for every other browser that does this, such as Chrome for Android which presents as Safari[1]) is yet more evidence of the low credibility of these criticisms.
To claim it demonstrated intentional fraud rather than poor UX and rewards architecture in an early beta (which was immediately fixed) is simply not credible.
The only funds flowing through the system at that stage were from Brave's own marketing budget through the form of user grants.
The concerns were about theoretical, future issues if Brave ever broke out as a mainstream browser and rewards / payment solution.
Even now, a year after the issue was fixed, it remains to be seen whether Brave's payment system draws in anything more than Brave's own distribution of tokens (through grants and ad rewards to users).
As an early adopter I'm aware of honest, thoughtful criticisms (browser monoculture with Chromium) and... this is not one of them.