Single Sanctioned Transaction Can Freeze Entire DeFi Protocol
Wondering about this technical constraint I heard on @bitsandbips this week: @austincampbell on Ethereum. If you want permissionless settlement + real world assets, can you not have complex DeFi stacking on top? One sanctioned transaction freezes a pool, you brick the whole protocol. 🤨
Durable Nonces Are Intentional Feature, Not a Bug
SOLANA FOUNDER JUST SAID IT OUT LOUD: “durable nonces observed on chain” ⚠️ Not a bug… it’s a permanent feature of how on-chain authority works. Every system has this invisible attack surface. ~ @omeragoldberg https://t.co/1jXnOLapcr
Token Prices Reflect Past Exploits, Not True Value
“what is the legitimate price of a token?” 👀 That single question keeps getting crypto into chaos During the Mango Market attack era, this same debate popped up again — manipulation vs “fair pricing” In DeFi, price is just the last exploited equilibrium ~...
Fake Collateral Added, Enabling Oracle Manipulation on Drift
💥 DRIFT EXPLOIT BREAKDOWN 💥 “They added CVT as a new collateral asset on the Drift Protocol” That single move changed everything. Whitelist a fake asset → use it as collateral → start manipulating the oracle + market feed. Game over waiting to happen. ~...
Infinite-Parameter CVT Token Flagged as Dangerous Weapon
🚨 “this is not a Why would that flag that this coin could be so dangerous” 🚨 That’s the red flag moment no one acted on. They created a CVT token with wild parameters—infinite everything. On paper it looked broken. In reality? It...
Second Cosignature
2-of-5 in ONE second tells you everything 🚨 “Immediately signed by a second cosigner one second after it was created” That kind of speed is just wild. The admin key was already exposed. ~ @omeragoldberg https://t.co/DpFazTNV4V
Old Multi‑Sig Signer Omitted Themselves, Triggering Drift Confusion
The most confusing detail in the Drift hack… until it clicks 😬 “a signer from the old multi-sig… created it but then… did not add themselves to the new role” That reads like compromised access during migration. ~ @omeragoldberg https://t.co/DpFazTNV4V
Attackers Exploit April Fool’s Uncertainty to Launch Confusion
They allegedly waited for APRIL 1st 🤡 “some of the speculation was that they waited until April Fool’s Day” Confusion as a weapon. When nobody knows if it’s a joke… attackers already moved. ~ @omeragoldberg https://t.co/DpFazTNV4V
Speed and UX Can't Replace Security Audits
Even “hyperliquid” systems have centralized spots ⚠️ Teams make trade-offs for UX and speed. But that doesn’t excuse skipping security audits. ~ @omeragoldberg https://t.co/DpFazTNV4V
Admin Keys Threaten DeFi; Implement Circuit Breakers
“Admin key can drain all funds. Otherwise DeFi means nothing.” ⚠️ Every protocol should have circuit breakers, timelocks, and emergency security councils. Sacrifice a bit of UX. Save billions. ~ @omeragoldberg https://t.co/DpFazTNV4V
Attackers Leveraged Signers, Oracles, Fake Tokens, Massive Pools
They didn’t just steal. They manipulated signers, touched oracles, faked tokens, and ran massive pool volumes. 💥 Next-level attack. ~ @omeragoldberg https://t.co/DpFazTNV4V
Circle Acts After Courts; Hackers Moved $300M Unchecked
Circle does blacklist addresses, but only after legal processes ⚖️ Meanwhile, hackers ran $300M through CCTP unchecked. ~ @omeragoldberg https://t.co/DpFazTNV4V
Circle Acts Only When Legally Compelled, Leaving Billions Unchecked
Circle historically only moves when legally forced ⚖️ Otherwise? Reluctant to act. That’s billions in stolen crypto left unchecked. ~ @omeragoldberg https://t.co/DpFazTNV4V
Web2 Mindset Misses the Mark in Web3
“Wasn’t paranoid enough.” 😬 Top 10 hack, billions in TVL, and the team still got caught off guard. Classic Web2 ops fail in a Web3 world. ~ @omeragoldberg https://t.co/DpFazTNV4V
Solana Hack Spreads Across 20+ Protocols, Proving Contagion
“This hack hit over 20 protocols.” 🔗 Drift wasn’t just a single platform — it spread like wildfire through the Solana ecosystem. Contagion is real. ~ @omeragoldberg https://t.co/DpFazTNV4V
Billions in TVL, Yet No Alerts for Core Team
“All of this happened without any alerts to the core team.” 🚨 Billions in TVL and no alarms. That’s the whole problem. ~ @omeragoldberg https://t.co/DpFazTNV4V
One Compromised Signer Can Collapse Massive TVL
“So much TVL… you’d want to see who’s signing is actually who you think it is.” 🔑 One compromised signer and it’s over. ~ @omeragoldberg https://t.co/DpFazTNV4V
Who Should Explain Tomorrow’s Drift Protocol Hack?
🎙️ Who would you want to hear from tomorrow about the Drift Protocol hack? 👇🏻
Collaboration Shifts From Reading Code to Planning
"You used to have to be able to understand the code itself, and if you didn't have that shared mental model, you can't collaborate. But now that humans aren't writing the code, you have to shift from the code itself...
System Prompt Just Repeats “Don’t Do Illegal Things”
"The system prompt is literally just saying over and over, 'Don't do illegal things.'" 😂 -- @kaiynne https://t.co/s7Jw0sjSwI
China Probes Anthropic Models; Claude Code Reigns as Top Harness
"China did these weird attacks where they were trying to use the model to figure out what it was doing ... the value of Anthropic is based on the models, not on this harness, but everyone is using Claude Code,...
Even Sloppy Code Can Make Agents Surprisingly Effective
Re Claude Code hack: "The people who should be best at using agents are not. ... the code is so cobbled together and slop-filled — and yet it works." -- @kaiynne https://t.co/TvMSeHiXJj
Key‑compromise Attacks Demand More Work than Usual
re Drift: "As far as key compromise hacks go, they had to do more work than normal." 😂 -- @tayvano_ https://t.co/TvMSeHiXJj
Solana's Transfer Limits Vulnerable to Hacker Manipulation
"Solana has all these policies. They have a limit on how much money can be moved at any given time ... but that limit can be changed by the hacker ..." -- @tayvano_ https://t.co/s7Jw0sjSwI
US Government Trumps Code: Circle Won’t Freeze Coins
"It's not code is law, but it's only the US government is the law." -- @kaiynne on how Circle won't freeze coins https://t.co/TvMSeHiXJj
USDC Refuses Freezing Assets without US Government Request
"The problem is that USDC is just not it — they just don't ... I haven't heard a good explanation for why they're so hesitant to freeze things." -- @kaiynne @tayvano_ : They won't do it unless the US government...
Malicious Axios Dependency Silently Compromises Projects
"They'll push a dependency to Axios so that anyone who used these packages or worked on projects that had these packages in them are compromised. Then they get one person on a call and make them run that... It's silent...
Can Burning Satoshi's Coins Curb Quantum Risk?
Is burning Satoshi's coins the right path to solve [part of] the quantum threat? https://t.co/LVOy35zOxM
Quantum Threat May Reach Bitcoin Within One Block
Google now warns quantum attacks could happen within Bitcoin’s block time. Are we closer than we think? I’m speaking with Alex Pruden and Dolev Bluvstein about what this means for crypto. https://t.co/LVOy35zOxM
Elliptic Curve Crypto Underpins All Protocols—Removing It Requires Complete Rebuild
"Everything relies on elliptic curve cryptography. If you remove that foundation, you need to rebuild EVERYTHING. The issue? Most protocols use this." https://t.co/OMA9HmxIQs
Quantum Leap: 10k Atomic Qubits Threaten Crypto Security
From “millions of qubits” to ~10,000 atomic qubits. That’s a major shift. What does it mean for Bitcoin, Ethereum, and cryptography? We break it down live. https://t.co/OMA9HmxIQs
Utility‑Scale Quantum Computing Is Coming, Not Instantly
"It is becoming clear how to build a utility scale quantum computing, capable of many applications. Cryptography is just one of those. But it's highly UNLIKELY this happens overnight" - Dolev Bluvstein https://t.co/OMA9HmxIQs
Quantum Leap Brings Excitement and Cryptographic Risks
"It's clear we are crossing a moment. It's exciting. We'll be able to use quantum computers. But it's CONCERNING too, because it'll be cryptographically relevant." Dolev Bluvstein https://t.co/OMA9HmxIQs
Quantum Leap Could Accelerate Crypto's Existential Threat
A new quantum breakthrough may have cut the timeline dramatically. On Unchained, Alex Pruden and Dolev Bluvstein join me to discuss: ⚛️ When quantum becomes a real threat 🔐 What breaks first in crypto ⏳ Whether we’re already behind https://t.co/OMA9HmxIQs
Regulated Giants Choose Private Canton Over Permissionless Chains
"Goldman's on Canton. DTCC is on Canton. There's a reason they're moving there rather than permissionless blockchains. It would be very hard for a regulated institution with trillions of dollars to connect to a permissionless chain right now." — Jessi https://t.co/OMA9HmxIQs
Canton’s Design Claim Faces Skepticism over Regulatory Justification
"Canton is making a design choice — but claiming it's required by regulations. I'm very skeptical of that." — @TuongvyLe12 on @DEXintheCityPod https://t.co/LVOy35zOxM
Stablecoins: Permissioned Blockchains' Most Successful Use Case
"The most successful use case of blockchains, I would argue, is stablecoins — and stablecoins are a very permissioned product. That's why they've been so successful." — @_ryne_miller on @DEXintheCityPod https://t.co/OMA9HmxIQs
Operator Trust Model: Hidden Risk for Investors
"Canton's trust-in-the-operator model is presented as a feature. Every investor on the other side of a trade should be looking at it as a risk." — @TuongvyLe12 on @DEXintheCityPod https://t.co/OMA9HmygG0
Companies Embrace Prediction Markets, Outpacing Crypto Trading
"I just added prediction markets into our company policies. People are trading these constantly — even more so than crypto these days." — Jessi Brooks on @DEXintheCityPod https://t.co/OMA9HmxIQs
GCs Must Extend Insider Trading Policies to Prediction Markets
"If it wasn't already clear: if you're a GC, you should be amending your insider trading policies to cover employees' participation in prediction markets." — @TuongvyLe12 on @DEXintheCityPod https://t.co/LVOy35zOxM
Anti‑fraud Rules Will Soon Challenge Employer‑sourced Market Trades
"There's a lot of anti-fraud guidance that would give me pause if I was trading prediction markets on information I got from my employer. We're going to see this play out in cases for sure." — @_ryne_miller on @DEXintheCityPod https://t.co/LVOy35zOxM
ZK Debate: Invisible Failures vs Redundancy—Canton vs Community
ZK debate just went nuclear. “Fails invisibly” vs “just add redundancy.” Canton vs. everyone else Who’s right? https://t.co/6eQLOwwmn9
Bitcoin's Resilience Tied to STRC Strategy, Not Fundamentals
"Bitcoin has been holding up well. But just for one reason: Strategy's STRC. This is not a healthy bid." @ramahluwalia https://t.co/6eQLOwwmn9
Stop Chasing Dips; Adopt a Defensive Portfolio
People keep buying the dip of the dip. But @ramahluwalia thinks they are wrong. It's time to be defensive with your portfolio, he says. https://t.co/PMWscZMbTn
Prioritize Modest Size and Cash Reserves over Heroics
"You should stay small and have excess cash. This is not a market to be the hero." @ramahluwalia https://t.co/6eQLOwwmn9
S&P Could Drop $6,000 to Liberation Day Lows
"The downside can be around $6,000 in the S&P. That would take you to 'Liberation Day' lows." @ramahluwalia https://t.co/6eQLOwwmn9
Markets Tumble: Is War Driving Deeper Correction?
5 straight down weeks. S&P -7% YTD. Nasdaq in correction. Is this just war… or something bigger? https://t.co/PMWscZMbTn
Trump’s Exit From Iran: Potential Fallout Explored
What would happen if Trump were to say "ok, we're done. We'll leave Iran"? https://t.co/yInQSNy76L
Rising Oil Prices Strain Fragile Domestic Economy
"Oil prices are putting a lot of pressure on the 'already weakened' domestic economy" - @perkinscr97 https://t.co/6eQLOwwmn9
10‑Year Yield Breach: Will Geopolitics
If the 10Y breaks 4.5%… does geopolitics change? Or does policy get forced to change first? https://t.co/yInQSNy76L