Krippenreiter Profile picture
Nov 25, 2022 11 tweets 7 min read Read on X
[1/11] "Token Allowances" sind integraler Bestandteil einer jeden #DeFi Applikation (Swap/#DEX), da mit der erteilten Freigabe, in deinem Namen Coins & Tokens, bis zu einer bestimmten Obergrenze hin, ausgegeben werden können.

Eine Anleitung und das Security 1 x 1 in einem 🧵
[2/11] Zuallererst muss man verstehen, dass eine "Allowance" keine Private-Keys klaut.

Vergleichbar mit einer Vollmacht (Allowance), ermächtigt (Approve TX) eine Person (Wallet) eine dApp als Bevollmächtigter (SmartC.) wirksam zu handeln & erhält dafür die Vertretungsmacht V o l l m a c h t Source: h...
[3/11] Eine Eigenschaft dieser Vertretungsmacht ist es im Namen des Wallet-Inhabers die vollständige Kontrolle der "approve(ten)" #Tokens zu übernehmen, um diese im Sinne des Smart Contracts zu #swapen/#traden, zu #staken oder zu #delegieren.

⚠️ Klingt gefährlich? Ist es auch 😅 ALLOWANCE bit2me ACADEMY So...
[4/11] Grundsätzlich werden die "Approves" meist mit der Obergrenze "Unlimited" signiert. Erteile ich dem SmartC. nun die #Allowance eine unlimit. Anzahl von $WSGB zu verwalten, möchte aber eig. nur 1000 $WSGB in den SmartC. legen, könnte ein Exploit die $WSGB vollst. leer räumen Don't let him steal your So...
[5/11] Dazu kommt, dass die #Allowance nicht auto. "#revoked" wird & im Hintergrund ein "vergessenes" Sicherheitsrisiko darstellen kann, wenn diese nicht limitiert o. besser gleich ganz widerrufen wird.

Die einzige Abhilfe für $SGB war es sonst, die Wallet gleich ganz aufzugeben
[6/11] Eine dieser "aufgegebenen #Wallets" werde ich nun mithilfe von @ftso_eu wiederbeleben ❤️🥳

Dabei handelt es sich um eine Allowance für einen SmartC. im @flrfinance Ökosystem, welcher "theoretisch" in der Lage wäre meine $CAND Tokens, im Falle eines Exploits, zu stehlen. Source: https://flr.finance/
[7/11] Schritt 1⃣ — $SGB Wallet mit MM verbinden Source: @krippenreiter
[8/11] Schritt 2⃣ — evmallowance.com öffnen EVMALLOWANCE Source: https:...
[9/11] Schritt 3⃣ — Eine Error Meldung bei Vivaldi und Brave erhalten 😥 Ooopsi! Source: https://evm...
[10/11] Schritt 4⃣ — Neu probieren mit Chrome, nicht aufgeben und die Allowance revoken (Auf 0 limitieren) Source: @krippenreiter MM
[11/11] Schritt 5⃣ — @ftso_eu bei Twitter folgen und sich bedanken 🥳❤️
(Optional) Schritt 6⃣ — @krippenreiter folgen 😉 Source: https://ftso.eu/

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Krippenreiter

Krippenreiter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @krippenreiter

Dec 14
[1/🧵] Roughly 68% of all nodes have already upgraded to the latest version of the XRP Ledger server software.

However I bet you have no idea about all the new features that have been introduced, right? 🧐

Here's everything you need to know, short & simple. 👇 Source: https://xrpscan.com/validators
[2/16] — 1⃣ Background —

Nodes upgrading to the latest rippled version 2.3.0 are not automatically forced to vote "Yeas" on any new amendment.

It's up to each validator in the governance process of the XRP Ledger by voting on proposed amendments that get introduced. Source: https://xrplwin.com/nodes
[3/16] — 2⃣ Background —

The reason why some new features are "special" and proposed as an amendment is because they change or affect transaction processing on the XRP Ledger.

Since the XRPL is decentralized you need validators (>80%) to agree on these drastic changes first. Source: https://xrpl.org/docs/concepts/networks-and-servers/amendments
Read 17 tweets
Dec 7
[1/🧵] XRP Ledger Crashcourse for Beginners!

The XRPL ecosystem is very unique from what many newcomers are used to, which begs the question, “WHAT THE HECK IS EVEN GOING ON HERE?”

Here's everything you need to know packed into one single thread. 👇 Source: https://ripple.com/xrp/
[2/21] — Outline —
🔸 Who is Who?
🔸 XRP Ledger Consensus Protocol
🔸 XRP the Cryptocurrency
🔸 Servers & UNL
🔸 Ledgers
🔸 Payments
🔸 Tokens
🔸 Decentralized Exchange
🔸 Smart Contracts
🔸 Compliance Source: https://www.gagan.pl/crypto/xrpl-funkcja-sprawdzania-na-horyzoncie/
[3/21] — Who is Who? —

The ecosystem broken down to the basics:
🔸 XRP — The Coin
🔸 XRPL — Layer-1 Blockchain
🔸 XRPL Labs — Organization in The Netherlands
🔸 XRPLF — Non-Profit Association in France
🔸 Ripple — For-Profit Company in USA Source: https://ripple.com/
Read 22 tweets
Nov 16
[1/🧵] The bull run is here and you're new to XRP and the XRP Ledger and don't know where to start? 🤨

Here's a comprehensive list of websites and the essentials you NEED to know to get started and get the hang of the ecosystem!

Follow me as I go! 👇 Source: https://xrpl.org
[2/23] — Outline —
🔸 Introduction
🔸 The "Core"
🔸 Explorers
🔸 Wallets
🔸 Services
🔸 DeFi Source: https://www.gagan.pl/crypto/xrpl-funkcja-sprawdzania-na-horyzoncie/
[3/23] — 1⃣ Introduction —

The XRPL is a decentralized, immutable, censorship-resistant, permissionless DLT that offers several native Layer-1 functions such as AMM, orderbook & tokenization.

The XRPL is NOT Ripple, as Ripple didn't exist when the XRPL was originally released. Source: https://xrpl.org
Read 24 tweets
Oct 8
[🧵] Most people lose money to the XRPL-AMM! 😢

The reasons vary, but typical beginner's mistakes are the main reason for drastic (im)permanent losses. (pun intended)

If you are an XRPL-AMM beginner, there are exactly 10 golden rules that I think most people should follow 👇 Source: @krippenreiter
[2/15] — TL;DR —

If you don't like pretty pictures, but would rather have someone explain the details to you, you can find my video version of this thread here. 👇

[3/15] — 1⃣ Golden Rule — Source: @krippenreiter
Read 16 tweets
Sep 12
[1/🧵] The institutional financial future will be completely on-chain, HOWEVER...

It will be trust-based, gated, and fully compliant with:
🔸 KYC—AML—CTF—APF—OFAC

How do you stay compliant on the decentralized and permissionless XRP Ledger that's neutral to its users? 👇 Source: @krippenreiter
[2/18] — Regulatory Compliance —

Institutions who want to work with Ripple to use their tech stack must be careful not to get into trouble while using blockchain technology.

For this, Ripple has pledged NOT to:
🔸 Launder money
🔸 Finance terrorism
🔸 Evade sanctions Source: https://www.mentu.com.py/blog/1807/implementando-el-compliance
[3/18] — KYC —

For institutions who wish to directly use the XRP Ledger, it's critical to always "[K]now [Y]our [C]ustomer".

Just as when you set up a bank account, an institution will not accept complete anonymity or even pseudonymity and will ask for your identity. Source: https://www.investopedia.com/terms/k/knowyourclient.asp
Read 19 tweets
May 21
[1/🧵] Did you know that there is scientific research on the optimal fees for geometric mean market makers (G3M), one of which is the XRPL-AMM?

💡 We are doing it all wrong, and here's everything you need to know to revive the AMM. 👇 Source: @krippenreiter
[2/20] — Basics —

First of all, among every complaint about the XRPL-AMM, trading fees are something over which we have power.

The voting mechanism of the design passes control to the top eight largest LP-Token holders in each pool, allowing them to regulate trading fees. Source: https://xpmarket.com/amm/pool/USDC-rcEGREd8NmkKRE8GE424sksyt1tJVFZwu/XRP/voting
[3/20] — Facts —

Fees
🔸 Charged for swapping
🔸 Range: 0% - 1%
🔸 Smallest reasonable value: 0.001%

Weight
🔸 Percentage ownership of a pool
🔸 Range: 0% - 100%
🔸 Smallest reasonable value: 0.001%

↪️ The trading fee comes from the weighted mean of the largest 8 active votes Source: https://xpmarket.com/amm/pool/USDC-rcEGREd8NmkKRE8GE424sksyt1tJVFZwu/XRP/voting
Read 21 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(