1/ EVM PROXY HACKERS ARE BACK ON MORE CHAINS

If you are a smart contract developer and deploying upgrade proxy contracts, you are at risk.

This is even if you're deploying on chains without MEV, like @base

A thread

👇👇👇 @base 2/ Some weeks ago, the Ethereum security researchers @VennBuild, @dedaub, @pcaversaccio and others discovered "a proxy initialisation poisoning campaign."

There were millions of dollars of value at risk.

https://x.com/deeberiroz/status/1943041785476894996

The solution to "multisig confirmation hack" problem is human-readable transactions.

You need to have a trusted user interface i.e. your hardware wallet to be able to decode and tell you want the transaction is doing, instead of hashes, domains and other crap.

Some advanced blockchains built correctly ground up like @radixdlt have this feature already today. Also most Cosmos transactions are quite human readable.

docs.radixdlt.com/docs/manifest The work needed to bring this to Ethereum could have been done with less than 1%, or $10M, what was lost today in Bybit hack.

1/ THE RAILS OF FINANCIAL SYSTEM

"Rails" is the software that moves money from one account to another. Rails matter because it is what blockchain seeks to improve, and is blockchains' ultimate source of value-add.

Why are current rails inefficient? Read the thread.

👇👇👇 2/ We have a history of accounting; then, we have a history of financial systems: transfers between different people/companies.

Computers did not always exist for the latter. It was not until the 1950s and 1960s that IBM mainframes started to be used in financial systems.

1/ LONG THREAD ON @telegram AND DUROV'S ARREST IN FRANCE

- What does this mean
- Why is this happening
- What is going to happen next

👇👇👇 @telegram 2/ I have been studying digital rights, privacy and freedom of information since I was in the university, many many years ago. Sadly, the news was expected.

This arrest is about bow an arbitrary government with your platform.

DENMARK TO ABOUT TO BAN BITCOIN WALLETS

We have finally reached this point.

In the latest DeFi guidance of Danish FSA, the regulator goes too far: The guidance tries to capture everything in crypto regulation, including your Bitcoin wallet, using "interface" argument. DFSA says that interface providers must be regulated, including mobile app developers. You do not need to think about it too hard to realised that everything is an interface: your computer, your web browser, your Bitcoin wallet, Uniswap website and so on.

This is against the spirit and guidance MiCA. The "interfaces and frontends" must be regulated comes from the FAFT lobbying "how to squeeze crypto out of existence" - which in turn was directly from Gensler and co. While the intentions of DFSA might be good, this kind of overregulation does not help anyone. Trying to force everyone to be a regulated intermediate in a peer-to-peer world sounds cool, but you might as well be honest with your talking points and say "In reality we want to ban all cryptocurrencies, we are just sneaky about it" because this is the outcome.

What this means is that no one can offer Bitcoin wallets, DEX interfaces or anything that touches a token to Danish anymore because they would need to be regulated in Denmark.

dfsa.dk/Media/63854909… 2/ Banning peer-to-peer or "unhosted wallets" was earlier proposed by some far-left and far-right MEPs during the preparation of MiCA.

There are clear political forces in the EU that want to copy the Chinese model.

https://x.com/moo9000/status/1491386097527844866

1/ ANNOUNCING 1.0

The next step of #DeFi: From highly profitable trades to highly profitable automated trading strategies.

For a long read, read the announcement blog post from the link. Otherwise, stay for a thread.



👇👇👇TRADINGSTRATEGY.AI
tradingstrategy.ai/blog/the-best-… 2/ The grind of two years is over: We have been working with Trading Strategy for a while, and finally, the first openly accessible version is out.

1/ ON WHY EVERY BITCOIN L2 ECOSYSTEM WILL BE A FAILURE

The daddy coin wants to do something but faces a moral dilemma. Why will it be difficult to build a functional Bitcoin L2 ecosystem?

A thread

👇👇👇 2/ ⚠️ First of all, there are no Bitcoin layer twos. Only **sidechains**. Any Bitcoin L2 marketed as L2 is a false statement.

For details please see my previous thread on this topic:

https://twitter.com/moo9000/status/1764585784823201858

1/ SOLANA: SAFER THAN ETHEREUM

Memecoin mania happened on Solana. To the same extent, it can never happen on any EVM chain.

Let's examine Solana's SPL tokens and why they offer a better user and developer experience than ERC-20 and how is this related.

A short thread.

👇👇👇 2/ What if I told you, tokens can be done better?

1/ THE BITCOIN DEFI AND WHY DID NOT GET IT YET

Why all the current Bitcoin L2s are 💩

A short thread and on trust assumptions

👇👇👇 2/ Bitcoin has existed 15 years. But even for a Bitcoin maxi, it's quite a stretch to say Bitcoin is technology-wise doing much compared to alternative blockchains.

1/ SOMEONE JUST LOST $5M in an ERC-20 phishing transaction using so-called increaseAllowance() method.

ERC20 phishing scams netted $50M/m to the bad guys, mostly using permit(), increaseAllowance(), approve().

What are these methods and why do people keep losing money?

👇👇👇 2/ This is a story where common sense is not on a driver's seat, or not even on a navigator's seat.

It's a story where good-meaning fools caused the creation of wallet drainer cybercrime industry, causing hundreds of millions of losses.

STARS ARENA HACK AND ITS IMPLICATION TO AVALANCHE

The new darling of Avalanche got hacked twice on two subsequent days, for $3.5M. Avalanche ecosystem and its investors are rushing to make the project whole.

Why did this happen, and what can we learn from this?

👇👇👇 BACKGROUND

Let's lay down facts and see what we have on the on-chain drama plate this week.

👇👇👇

REAL-WORLD ASSETS - DO THEY EXIST ON-CHAIN YET?

Maybe. Due to popular requests and feedback from happy Twitter users, we have made a spreadsheet where you can start tracking Real World Asset Revolution ™

docs.google.com/spreadsheets/d… 2/ Thank you for the earlier useful input for

@rwa_xyz
@STOmarket
@k06a
@erichwasserman
@Web3iam
@0xWeisss
@constantine_rm
@PharoahMon1
@RyanHawkos

1/ A SCAM YOU SIGNED YOURSELF

Crypto wallet signature and approval scams are rampant.

Why does this happen?

What actions can a community take to prevent these scams?

Is this universal: is it specific to Ethereum's design, are other blockchains safer? 2/ There are two kinds of problematic transfers in the financial world: authorised and unauthorised. In this Twitter thread, we focus on authorised transfers - i.e. the account owner signs the transfer himself.

1/ WHAT EUROPEAN CENTRAL BANK HAS IN MIND FOR THEIR #CBDC PILOT?

I read through the onboarding package.

TL;DR: ECB copies #bitcoin and makes a centralised version of it.

👇👇👇 2/ First the sources: the information is available on ECB site. More information in this good post by by @Finextra

finextra.com/pressarticle/9…

1/ SO YOU WANT TO BE A SMART CONTRACT AUDITOR?

Here is a list of resources to get started. For #ethereum, #solana, #cosmos, #near or any ecosystem.

👇👇👇 2/ In a smart contract security audit, or "smart contract audit" for short, usually a third party reads through the code written by the project smart contract developers and they look out for security vulnerabilities.

More on the background here:

ethereum.stackexchange.com/questions/1380…

1/ ELON THE GREAT LEADER, SAVIOR OF TWITTER

Let's fire all incompetent donut eaters and turn the company around.

What could go wrong?

Here is a thread on Twitter restructuring, from the management and leadership theory perspective.

👇👇👇 2/ I studied industrial engineering and management at uni. It was mostly fluffy studies, but there were some gems in our courses.

The best bits were related to company management and leadership. A lot of course material was case studies.

1/ ERC-20, THE ORIGINAL SIN

Why #Ethereum blockchain wallets and tokens are unsaveable mess and why other blockchains will eventually take over?

A short dive into the broken token standard that cannot be fixed.

👇👇👇 2/ Today we have two announcements related to the ERC-20 token standard, from @coinbase and @Uniswap

1/ Energy crisis is global.

Maybe we finally star to see some true demand flex:

Here are some countries: 2/ USA

https://twitter.com/DonMiami3/status/1562281541652430849

1/ 🌪️ TEMPEST IN A TEAPOT 🌪️

...or Tornado Cash on the #ethereum chain?

Unpredecent events unfolding... is it about the mastermind criminals, North Korean spies, privacy keyboard warriors or ignorant fools?

Have your ☕ ready. Let's go for a long thread!

🌪️ 🌪️ 🌪️ 2/ TornadoCash is the most famous smart contract-based privacy transaction tool othe #ethereum blockchain using so-called shielded transactions (more about the model later).

1/ DID YOUR #SOLANA WALLET JUST GET HACKED?

Or should I say sloped.

If not yet... then you might be the next!

A quick thread on the security of blockchain applications and how to watch out for rotten products out there.

👇👇👇 2/ Everything in cryptocurrencies is based on the principle of "trust, but verify".

If something is not open and auditable by third parties, it is not crypto by a definition.

1/ WILL COSMOS TAKE A LEAD IN THE BLOCKCHAIN RALLY?

A dive into the @cosmos ecosystem.

I had the pleasure to participate in HackAtom Seoul 2022 hackathon last weekend.

Here is what I learned and you can learn from this Twitter thread as well.

👇👇👇 2/ I'd like to thank HackAtom organisers @buidl_asia, @kryptoseoul, @ekang426 and others for the massive successful events.