Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Tay 💖 Profile picture
@tayvano_
Jul 14, 2020 14 tweets 6 min read Read on X
Lol it's so much

When the Ethereum network split into two (ETC and ETH, July 2016) the networks didn't have replay protection so you would send thru these contracts that were super simple and would ensure that ONLY your ETH or ETC was sent on the intended chain.
It was especially important exchanges did this as in the first days of the network split, users who were "in the know" could send only ETH to, say, Coinbase and then withdraw that ETH but actually receive ETH & ETC and then send that ETH and separately ETC to Poloniex to profit.
It doesn't matter if the forkchain doesn't have value but the moment Polo listed ETC (about 3 days after the hard fork) ETC had value and eventually anyone who had ETH listed at the time of the fork had to credit their customers w ETC. That they may have inadvertantly given away.
(Shout-out to @ShapeShift_io who not only foresaw this as a real possibility while most were of us had the "longest chain will win" mindset BUT ALSO RELEASED A TOOL FOR USERS WITHIN DAYS SO USERS COULD SAFELY "SPLIT" THEIR ETH & ETC!!! 👏👏👏👏)
Okay but this is NOT THE CODING ERROR rekt Quadriga. Lol. #QCX

Usually exchanges handle funds like this:

1. User sends to their user deposit address (onchain)
2. Exchange sweeps to hot wallet (onchain)
3. Exchange credits users exchange acct balance (DB)
Once the fork happened, you need to split all new funds or funds you held at time of fork. For some, it's a massive undertaking.

An OG infamous account known as "The accumulator" generated a lot of interest and speculation when they split their holdings.
reddit.com/r/ethereum/com…
But QCX. Oh sweet #QCX. For the next year, even after network-level replay protection was added, they just did this:

1. User sends to use deposit addy
2. Exchange sends thru "safe split" contract to their hot wallet
3. Exchange credits user acct balance (DB)
Everything was fine until one day the TXs that were sent via this safe split contract just....didn't make it to their final destination (the #QCX hot wallet)

This is partly bc the contract was so simple it didn't account for unhappy paths. But neither did their sweeper code. Image
So for 3 days in June 2017 all user deposits were sent to the contract, the contract didn't pass them along, but users were still credited.

Until @BokkyPooBah was like "uh hey guys you know all your money is getting stuck, right?"

reddit.com/r/ethereum/com…
And QuadrigaCX was like "oh shit oops. Don't worry though, we are #1 exchange and we are Canadian therefore you can trust us when we say we'll cover the loss with our profits."

old.reddit.com/r/ethereum/com…
And so until Feb 2019, everyone trusted them and no one was like "yo where are your cold wallets?" until it was revealed that QCX top dog Gerald Gotten had died ("died") and "no one knows where the keys are" which is code for "there are no cold wallets."

And everyone was like "but Canadians are the trustworthy and nice!"

And Gerald was like "lol canadians are really good at running schemes and laundering money too and man the weather in Thailand/hell is super hot compared to Canada! 😎"

vanityfair.com/news/2019/11/t…
Then any remaining $ was spent trying to find the $ and creating a report (June 2020).

And no one was like "BITCOIN FIXES THIS" even tho AN IMMUTABLE TRANSPARENT LEDGER THAT ENSURES ACCOUNTABILITY LITERALLY FIXES THIS but #digitalgold > #DeFi, amiright?

osc.gov.on.ca/quadrigacxrepo…
The end.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Tay 💖

Tay 💖 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @tayvano_

Tay 💖 Profile picture
Oct 22
1 year.

144 OKX Accounts.

263,000 deposits.

$2,940,000,000 dollars.

Thats 700 txns / $8 million dollars EVERY DAY.

Whatever you think you know abt OKX helping human-trafficking international scam compounds launder their money, it's so much worse. 😨

justice.gov/usao-dc/media/…Image
Image
Image
Image
Image
Read 4 tweets
Tay 💖 Profile picture
Oct 18
I went through the addresses in the MilkSad list for this specific vuln to see what else was there.

There's 64 addresses in this batch.

The Chen Zhi/Lubian addresses were the only ones with real balances at the time.

Meaning: it wasn't like someone was picking and choosing. Image
For reference, the research + dataset I'm referencing here is:

milksad.info/posts/research…

git.distrust.co/milksad/data/s…

I'll break down the different activity for these addresses.
Cluster 1: the 25 addresses in the forfeiture



Pretty simplejustice.gov/usao-edny/medi…Image
Read 14 tweets
Tay 💖 Profile picture
Jul 18
This first witness in Roman's trial immediately caught my attention bc the victim was a classic Pig Butchering case.

The only issue is....uh.....those scammers don't use Tornado Cash? And they never have?

So, like, wtf?
I'm not talking out of my ass here.

My team and I have talked to thousands of these victims. We've tracked nearly a billion dollars stolen on Ethereum.

We have a dashboard for all known victims of the "Approval" variant of this scam btwn 2021-2023.

dune.com/tayvano/sha-zh…
So..why did this victim end up on the stand in the Tornado trial?

Simple question. Insane journey of an answer.

It all starts with a dude on WhatsApp/Line and a website "NTU Capital."

He makes promises. She wires $250k. The money goes *poof.*

therage.co/tornado-cash-d…
Read 25 tweets
Tay 💖 Profile picture
Feb 22
People keep calling this is the "largest crypto hack ever" but I think it might be the largest hack ever....period?
Bangladesh Bank Heist (also DPRK 🫠) was *almost* $1 billy ($951m) But....

1. There was a lil glitchy so they only got $100m out initially and then $20m was quickly recovered. Total loss ended up being ~$81m.

2. Bybit Hack is bigger than that either way

bbc.com/news/stories-5…
Carbanak thefts (2013-2015) were maybe ~$1 billy when it was all said and done. But...

1. It was a series of hacks against different banks over a couple years.

2. That's more like saying all of DPRK's crypto or SWIFT heists were a single theft.

3. Bybit Hack is bigger than that.

4. $4B-$5B (DPRK's crypto thefts) is also bigger than that.

web.archive.org/web/2015022001…
Read 8 tweets
Tay 💖 Profile picture
Jan 8
That's a lot of Single Points of Failure. 😳
Single Point of Failure: The API Image
Single Point of Failure: The Binary Image
Read 10 tweets
Tay 💖 Profile picture
Dec 28, 2024
🚨 Heads up all—some dudes have a slick, new way of dropping some nasty malware.

Feels infostealer-y on the surface but...its not.🫠

It'll really, deeply rekt you.

Pls share this w/ your friends, devs, and multisig signers. Everyone needs to be careful + stay skeptical. 🙏Image
If you get hit with this, you need to wipe your computer. Esp. if your wallets haven't been drained.

Shoot SEAL-911 a message @ and we will help you assess -> next steps.

p.s. mention 'Willo' so we can help you faster (holidays, ppl are afk, etc.)t.me/seal_911_bot
How it works / what we've seen:

Usually starts with a "recruiter" from known company e.g. Kraken, MEXC, Gemini, Meta.

Pay ranges + messaging style are attractive—even to those not actively job hunting.

Mostly via Linkedin. Also freelancer sites, job sites, tg, discord, etc.Image
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(