NFT collector accidentally sells their rock for close to $0 instead of over $1 million

Illustration of a gray rockEtherRock #44 (attribution)
The owner of EtherRock #44 tried to list their NFT for sale for 444 ETH (almost $1.2 million), but erroneously listed it for 444 wei — the fractional unit of ETH typically used for representing transaction fees. A bot programmed to look for listings like this one, where a pricey NFT is listed for far below its average or floor price, quickly snapped up the NFT before the buyer could remove the listing. The buyer of the NFT eventually tried to flip the NFT for 234 ETH, (around $625,000). The trader wrote on Twitter, "In one click my entire net worth of ~$1 million dollars, gone".

Entrepreneurs resuscitate 20-year-old piracy powerhouse LimeWire to turn it into a totally legitimate NFT marketplace, they promise

LimeWire, the filesharing service that was enormously popular in the early 2000s for piracy, has been resuscitated — or at least the brand has. Needless to say they are probably not planning to reuse much of the 20-year-old codebase that existed before public blockchains were even in use, if they even still have it at all. The choice to create an NFT marketplace with the same branding as the service that was shut down by a federal court for rampant copyright infringement seems a bit on the nose to me, for a technology that proponents still try to claim empowers artists and actually mitigates art theft. The duo behind the project claim that they are just trying to capitalize on nostalgia for the brand, but plan to operate above-board (though they would say that, wouldn't they).

Pirate X Pirate blockchain gaming platform exploited, blames its team's "utter carelessness"

The Pirate X Pirate blockchain gaming platform was exploited, with an attacker selling of more than 9.6 million $PXP. They were able to dump the tokens into the market for a profit of around 212 BNB ($78,000). In a blog post following the incident, Pirate X Pirate wrote, "Such attack could happen due to the team's utter carelessness to launch the conversion feature despite of its vulnerability. We deeply regret bypassing the inspection that should have been done by a white hat hacker as we intended to roll out the feature long-suspended as fast as we could. We have decided to dismiss our current developer team and are currently in the process of recruiting a new team to assume the responsibilities." They also announced that they had bought back the total $PXP that were stolen, and would be undergoing an audit.

A trader ends up owing $3600 after an exchange mistakenly deposits 10 Bitcoin in their account

Something apparently went terribly wrong on the trading platform that Twitter user rifftrader was using (though they didn't say which) when 10 BTC (~$385,000) was erroneously deposited to their account. The trader, who was expecting a transfer of $24 USD for Litecoin (LTC) that they had initiated to go through, didn't initially notice that the amount was in BTC when they subsequently converted it to USD. However, when they suddenly saw hundreds of thousands of dollars in the account, they realized what had happened. Not wishing to spend money that wasn't theirs, the trader transferred it back into BTC and contacted their exchange's support email. The exchange subsequently withdrew the erroneously-deposited funds from the trader's account. However, because the trader incurred a cost converting the BTC to and from USD, only 9.8752 BTC went back to the exchange. The exchange then proceeded to demand the trader pay the difference — around $3,600 — and accused them of "trad[ing] on those funds which did not belong to you". The email demanded payment by the following day, and the exchange threatened to send the case to a debt collector the trader didn't send the money.

NFT project created and endorsed by various English footballers plunges in value, players try to quietly delete endorsements

A brown ape with rainbow eyes, a drip of snot coming from his nose, and a lollipop stick sticking out of his mouth, wears a black and red jersey and shorts and pink sneakersAKFC #5849 (attribution)
John Terry, an English football coach and former player, launched an NFT project called "Ape Kids Football Club" on February 2. Several players, including Tammy Abraham, Ashley Cole, and Jack Wilshere, all endorsed the project. The NFTs traded for around $650 shortly after the project launch, but as of March 9 were averaging a little under $75 apiece. At some point, Abraham, Cole, and Wilshere quietly deleted their endorsements of the project.

The plummeting price is not the only problem the project has faced; shortly after Terry announced the project in January, he was threatened with legal action by the Premier League, and had to remove depictions of Premier League, UEFA and FA trophies, as well as the Chelsea logo, from the NFT illustrations.

Bug in Fantasm Finance allows multiple exploiters to take more than $2.6 million

An exploiter was able to use a bug in the Fantasm Mint contract to drain more than 1,000 ETH ($2,640,000) from Fantasm Finance. Fantasm urged their users to redeem their tokens they were staking and exit from liquidity pools, but attackers were still able to drain an enormous amount of funds from the protocol. It appeared that several other attackers joined in after the first attacker used the exploit, though it's not yet clear how much money was lost in total. The primary attacker transferred 1,007 ETH to the Tornado Cash tumbling service shortly after the attack. Fantasm Finance wrote on Twitter that they planned to publish a postmortem the following day, which would include compensation options for affected users.

Crypto.com gives borrowers in some jurisdictions a week to pay back their loans

A screenshot of an email from Crypto.com. Text reads, "Dear Valued Customer, Please be informed that Lending is no longer supported in your jurisdiction. For this reason we are required to cancel your current loans. You can find more information here. Kindly take steps to repay your loans by 02:00 UTC, 15 March 2022. Outstanding loans and the associated interest will be automatically repaid from the funds in your Spot Wallet after this date. We sincerely apologise for any inconvenience caused. If you have questions or concerns, please email us at contact@crypto.com. We're here to help. Best regards, The Crypto.com Team"Email from Crypto.com (attribution)
Crypto.com sent out an unexpected email to some users, apparently primarily in the EU, announcing that "Lending is no longer supported in your jurisdiction... [and] we are required to cancel your current loans". The email stated that if a borrower was unable to repay their loans by March 15, seven days from the date the email was sent, "outstanding loans and the associated interest will be automatically repaid". This seems like a tough timeline for borrowers, whose loans are twelve months long, and given people tend to spend the cash they've borrowed on something, rather than, say, hold on to it in case they need to suddenly repay a loan with a week's notice.

Reddit users from the UK, Germany, France, and Switzerland reported receiving the email, and those countries now all appear on the 40-entry-long list of countries not permitted to use Crypto.com's lending services. One Reddit user wrote, "I have 7 days to pay a big loan, like big. If it gave us a month I could unstake and pay, but no, they give us 7 [days], I will get liquified and can't do anything for it." Other users were confused to receive the email when they didn't have any loans on the platform, as it was worded in a way that they interpreted to mean they did.

Ormeus Coin founder charged with securities fraud for misrepresenting cryptomining operations and other assets

John Barksdale, part of the sibling duo behind Ormeus Coin, was charged with conspiracy, securities fraud, and wire fraud for his role in selling the Ormeus Coin token. He allegedly falsely represented the mining assets controlled by the company, claiming a mining operation that would have been one of the largest in the world, if his representations were true. The company also claimed to have reserves of Bitcoin backing their currency, when in reality these "reserves" belonged to a completely different entity. Through these misrepresentations, which were widely published including in a Times Square billboard, Barksdale drew $70 million in investment from around 12,000 individuals. The various charges Barksdale is facing involve maximum sentences between 5 and 20 years in prison. The SEC also filed a parallel civil action against the Barksdales.

Founders of several 2017 cryptocurrency companies indicted for alleged theft of more than $40 million

Four individuals who owned and operated EmpowerCoin, ECoinPlus, and Jet-Coin were indicted on wire fraud, money laundering, and obstruction of justice charges. They allegedly "engaged in a sophisticated scheme that preyed on unsuspecting investors nationwide with false promises of guaranteed returns and virtual currency trading opportunities", then tried to destroy evidence and obfuscate what they'd done after everything fell apart even before any actual trading happened. The group allegedly defrauded investors of more than $40 million over the four months in 2017 that the three companies were active, and they now face up to 20 years in prison if convicted.

Over 10,000 NFTs of photographs by August Sander are delisted from OpenSea after being created without permission

A black and white photo of a man, woman, and young child. The man sits on a stool with a child on his knee, and the woman stands next to them.AS10k+ #5489 (attribution)
An NFT project called the August Sander 10K Collection launched on February 11, offering NFTs of all 10,700 photographs by German portrait and documentary photographer August Sander (1876–1964). The project website described a "groundbreaking partnership between Fellowship and the August Sander family estate", apparently referring to their partnership with August Sander's great-grandson Julian. The NFTs were all distributed for free to the Fellowship community, which the project website boasted "speaks volumes about the commitment of both Fellowship and the August Sander family estate to creating a new standard of visibility and public access to large photography collections, an issue that has historically burdened museums". The website does not appear to mention that they take a 10% cut of all secondary sales, which so far appears to have netted them around 7 ETH ($20,000).

The problem with this whole scheme is that Julian Sanders does not actually control the Sander estate — it was sold in 1992 by Gerd Sander (August's grandson, and Julian's father) to the Cultural Foundation of the Stadtsparkasse Cologne. That group was surprised to see all of Sander's work suddenly being sold as NFTs without their permission, and submitted a legal notice to have it taken down from OpenSea. OpenSea complied with the request on March 7. After almost two weeks of stalling and deflecting questions about the delisting without even acknowledging the cause, Fellowship and Julian Sander finally released a statement on the issue on March 18. Sander wrote that "a third party... claims to have certain rights in August Sanders' photographs" but that he "believe[s] the complaint is not valid" and would be working with his lawyers to have the collection reinstated. As best as I can tell, it seems that Sander is trying to argue he is entitled to sell his great-grandfather's work as NFTs because he physically possesses the negatives, despite the fact that the Cultural Foundation owns the usage rights to all of Sander's work.

Influencer Jake Paul alleged to be repeatedly promoting projects without disclosing his financial involvement

A purple-skinned devil wearing a top hat, making a worried face, wearing a yellow t-shirt with a red female devil on it, and holding a sci-fi blaster gunLeague of Sacred Devil #4474 (attribution)
Jake Paul, who is already in hot water after being named in the class-action lawsuit against SafeMoon, has now been implicated by YouTube detective CoffeeZilla in $2.2 million worth of undisclosed promotions for multiple different projects. Influencers are required by the FTC to disclose when they financially benefit from promoting a project, though the crypto space seems rife with celebrities deciding that rule just doesn't apply.

Paul allegedly tried to cover his steps by creating a new crypto wallet to receive payments for each promotion, but then transferred the money a wallet he controlled to cash out. Oops. Some of the projects that Paul hyped in his undisclosed promotions included League of Sacred Devils, $MILF, and $YUMMY.

Andre Cronje and Anton Nell suddenly ditch their 20+ defi projects

Anton Nell
@AntonNellCrypto
Andre and I have decided that we are closing the chapter of contibuting to the defi/crypto space.
There are around ~25 apps and services that we are terminating on 03 April 2022. 
1/3
Most notibly
http://yearn.fi (use http://yearn.finance)
http://keep3r.network (use http://thekeep3r.network)
http://multichain.xyz (use http://multichain.org)
http://chainlist.org (lots of people replacing it)
http://solidly.exchange
http://bribe.crv.finance
2/3
Unlike previous "building in defi sucks" rage quits, this is not a knee jerk reaction to the hate received from releasing a project, but a decision that has been coming for a while now.
Thanks you to everyone that supported us over the past few years.
3/3Tweet thread by Anton Nell (attribution)
Andre Cronje and Anton Nell, the prolific developers of around 25 defi projects including yearn.fi and the new Solidly exchange, suddenly announced on Twitter that they would be quitting defi and shutting down their projects. "Unlike previous 'building in defi sucks' rage quits, this is not a knee jerk reaction to the hate received from releasing a project, but a decision that has been coming for a while now", wrote Nell. The sudden announcement caused several tokens associated with the projects to plunge in value. Some people were quite upset with the two developers, with one Twitter user writing, "People lock up billions of dollars for 4 years and dev announces it's being terminated in a month. Defi truly is the future of finance." Others were confused by the statement that the decision was a long time coming, when one of their projects, Solidly, had launched only a month before.

"NFT mortgage lender" Bacon Protocol is hacked for $1 million

Bacon Protocol, a defi project seeking to provide NFT mortgage liens (yes, really) was hacked. A reentrancy bug in their smart contract enabled attackers to get more lending credits than they should have been allowed, and was exploited for a total loss to Bacon Protocol of around $1 million.

BattleCatsArena apparently rug pulls several weeks after launch

An illustration of a rainbow-colored cat with a brown afro and small glassesBattle Cat #286 (attribution)
The NFT project BattleCatsArena appears to have rug pulled on March 5, about three weeks after its launch. The project had been announced late last year, with a post from its creator danvee.eth explaining, "After seeing lots of projects with zero utility and surviving 2 rug pulls I decided that it's time to build a real product that will deliver value to its holders from day one." The project had an ambitious roadmap, featuring NFTs, cat shelter donations, and of course a game with several play modes. Minting began on February 16, though the launch was somewhat disappointing — only around 400 of the 500 available BattleCats were minted in the three weeks following launch, and trading volume was low. On March 6, the project apparently deleted its Twitter account, and danvee.eth claimed the Discord had been hacked. All told, the project earned almost 21 ETH ($55,000). danvee.eth wrote on Twitter that he would try to refund people who wished to be refunded (so long as they were nice to him); as of that day no refunds had been sent from addresses associated with the project.

NeosVR virtual reality project jettisons its crypto component after a team blow-up

NeosVR, a virtual reality project originally released in 2018, introduced "Neos Credits" (NCR) in 2018 with the idea that it could enable in-game transactions. The crypto component was primarily managed by Karel Hulec, one of the project's team members. After cryptocurrencies and metaverse projects experienced a boom in 2021, crypto enthusiasts flooded into the project and drove up the value of the token. Some project members described the influx of people from the crypto community as having a strongly negative effect on the community, with one person writing they brought "all of its true slur-lovin' pepe-wearing glory to Neos". After some discontent within the team about the crypto side of operations, members of the team traded public statements with allegations about other members. On March 4, after Hulec released an updated whitepaper fraudulently (but perhaps mistakenly) "signed" by the rest of the team, the project creator and developer announced a proposal to allow Hulec to operate the cryptocurrency "on top of our work, but as a 3rd party solution, under a company solely under his ownership and direction", and for the primary team to cease involvement with the crypto component of the project.

Tai Lopez releases an exorbitantly-priced NFT project where people can buy access to him

List of NFTs: "1 on 1 Shadow Tai in Person at His Office
1 on 1 Michelin Star Restaurant with Tai
1 on 1 Whatsapp Access to Tai's Personal Number
1 on 1 Private Jet Trip with Tai
1 on 1 Watch a Movie with Tai
1 on 1 $10,000 HORSE Basketball game with Tai
1 on 1 NBA Game Courtside with Tai
1 on 1 VIP Table at a Top Nightclub with Tai"Some of the NFTs (attribution)
The entrepreneur and motivational speaker Tai Lopez, of "here in my garage, just bought this new Lamborghini" fame, announced a new NFT project. The NFTs feature staggering list prices and promise "value" that all largely center around access to Lopez. Some of the highest-tier "Black Card" NFTs include, "1 on 1 Shadow Tai in Person at His Office" (2–3 hours, travel & accommodation not included), "1 on 1 Whatsapp Access to Tai's Personal Number", "1 on 1 Watch a Movie With Tai" (2-hour movie, Lopez picks), and "1 on 1 $10,000 HORSE Basketball game with Tai", and were presented in a Dutch auction beginning at 80 ETH ($210,000).

Some people in the crypto community responded with disdain at the project, describing it as a "cash grab". One NFT influencer tweeted "Hey @tailopez legit question: Why Would I pay 30-40k to watch a movie with you? or 80-90k for your WhatsApp? Who u think u are? U def have a shady reputation and doing this only adds more fuel to the fire. I respect anyone wanting to add value to NFTs but this is not the way." Others were surprised at the project's smart contract, which not only automatically transfers any money out of the project and into the team members' wallets, but requires the NFT buyer to pay the gas fee for that transaction in addition to normal gas fees for minting.

Nemus Earth plans to buy and protect land in the rainforest... with Ethereum NFTs and a Brazil nut plantation

An illustration of an eagle sitting on a branch, on a trading card styled background. The card reads "Harpy Eagle, Parcel #128, -66.87661, -7.83341"Nemus Earth NFT (attribution)
A project called Nemus Earth has emerged, offering to sell you an Ethereum NFT to become a "Guardian" of the Brazilian Amazon rainforest. The project has lofty plans to create a "protective belt" in the Brazilian Amazon to try to protect it from deforestation. The project's whitepaper goes on to explain that "economic activity is required" on the land that they will purchase, and outlines a plan to employ the Indigenous people in the area to farm Brazil nuts on an abandoned plantation the project intends to "revitalize". The project describes a "co-op" for the local people that will "unlock generational wealth for these communities", though there appear to be no plans for these people to actually join the community of "Guardians" or have any say in the project's governance. Other economic activity planned by the project apparently involves "sustainable forestry", "empower[ing] local police authorities", something involving drones, and of course generating carbon offsets for other projects.

The whitepaper also addresses that the project will be built on the Ethereum blockchain. There is a section about "pros & cons of Ethereum", which has one section: gas fees. Apparently the project based on environmental conservation has decided to simply gloss over the enormous energy consumption, emissions, and electronic waste stemming from the Ethereum blockchain.

The project opened its second round of minting on March 3, and is offering its NFTs for mint prices between 0.06 ETH and 19.44 ETH ($150 to $50,000).

OpenSea blocks Iranian users

Iranian users were surprised to find that their OpenSea accounts had been deactivated with no warning. One Iranian user wrote, "NOT A gm AT ALL. Woke up to my opensea trading account being deactivated/deleted without notice or any explanation, hearing lots of similar reports from other Iranian artists & collectors. What the hell is going on? Is OS straight up purging its users based on their country now?" At least one user who reported issues said that they are Iranian, but haven't lived there in years, and are based in Italy.

OpenSea said in a statement that "OpenSea blocks users and territories on the U.S. sanctions list from using our services", though it's unclear why this change seems to only have come into effect recently.

MetaMask and Infura block Venezuelan users, at least briefly

Users based in Venezuela suddenly found themselves unable to use the enormously popular crypto wallet, MetaMask, on March 3. MetaMask relies on Infura, a popular API platform for Ethereum, which had apparently blocked access for Venezuelan users. Both MetaMask and Infura are owned by the parent company ConsenSys. An FAQ page on MetaMask's website states that "MetaMask and Infura are unavailable in certain jurisdictions due to compliance with laws", though it does not specify which jurisdictions, or which laws.

Some Venezuelan users were furious with MetaMask, feeling that their choice to prevent them from using the platform was incompatible with the decentralized and deregulated nature of much of crypto. One Twitter user wrote, "MetaMask Do not tell me that you became Centralized, I have this problem and many people in Venezuela have the same".

ConsenSys later appeared to say that the block of Venezuelan users was in error, writing that "In changing some configurations as a result of the new sanctions directives from the United States and other jurisdictions mistakenly configured the settings more broadly than they needed to be".

People joke about being "rugged" by Ukraine as the country cancels its planned airdrop

Ukraine canceled its promised cryptocurrency token airdrop on the day it was expected to happen. Government officials had previously announced that anyone who donated by March 3 would receive an airdropped cryptocurrency token as a reward; this was a promise that spurred a large total number of donations, though relatively few of much size. Protocol reported that 95% of people donated amounts of 0.01 or 0.001 ETH (equivalent to $28 or $2.80), apparently primarily in hopes of getting the promised reward.

Some publications have speculated that the airdrop was canceled because someone tried to spoof the tokens, but it doesn't appear that Ukraine has given a reason for the change in plans. After the cancellation, many commenters on Twitter, all of whom were hopefully joking, wrote that they had been "rugged" by Ukraine — using the common slang for crypto scams in which people are convinced to buy in on a project that then takes the money and doesn't follow through on its promised plans. In the tweet announcing the cancellation, Ukrainian Vice President Mykhailo Fedorov wrote, "After careful consideration we decided to cancel airdrop. Every day there are more and more people willing to help Ukraine to fight back the agression. Instead, we will announce NFTs to support Ukrainian Armed Forces soon. We DO NOT HAVE any plans to issue any fungible tokens". What a world we live in.

Someone tries to spoof promised Ukraine airdrop

After embracing cryptocurrency donations to help fund its resistance to Russian invasion, the Ukrainian government decided to try to solicit even more donations by announcing they would airdrop a token to anyone who donated. There was some excitement on March 3 as it appeared that Ukraine was seeding liquidity pools on Uniswap with $WORLD tokens. However, blockchain analysis tool Etherscan shortly afterwards marked the token as "misleading... and may be spam or phishing". It's not yet clear what the person apparently spoofing the tokens was trying to do.

Conspiracy theorists Brian Rose and David Icke get in on the defi and NFT grift

Brian Rose and David Icke pose next to one another with their arms crossedBrian Rose and David Icke (attribution)
Conspiracy theorists Brian Rose and David Icke are together known for their April 7, 2020 interview where Icke attempted to draw unsubstantiated links between the rollout of 5G cellular technology and the COVID-19 pandemic. Independently, Icke is also known for many other conspiracy theories, including the antisemitic theory that an interdimensional race of reptilian creatures form the Illuminati, and control humans through fear.

Rose, for his part, runs a show called Brian Rose's DeFi Real, where he has published episodes like "Create your Career in Crypto: How to Become a DeFi Influencer, Educator & Fund Manager", and "The Next 100x Coins: How to Pick the Big Crypto Winners". As for the Rose and Icke duo, not only have they teamed up to broadcast COVID-19 conspiracy theories, they've also turned that project into NFTs, with a 100-item collection consisting of several-minute-long portions of their COVID-19 conspiracy TV series. Although all of the NFTs were given away, only a single NFT has experienced any trading so far.

Personally, I'm shocked to see the conspiracy theorists and crypto communities overlapping in this way.

Bug in Treasure NFT marketplace results in listings being sold for free

A pixel art monkey with a large brain, who appears to be made out of goldSmol Brains #5203 (attribution)
The Treasure NFT marketplace on Arbitrum (a layer 2 network built atop Ethereum) apparently experienced a bug that allowed someone to "buy" NFTs in transactions where they sent 0 currency. The attacker particularly seemed to target the "Smol Brains" NFT project, likely because of its relatively high value — the project has a floor price of almost $10,000. Some of the NFTs that were transferred at no cost to the attacker had been listed for several times that floor price, including one gold-colored Smol Brain (pictured) that had been put of for sale for the equivalent of $560,000.

At least 17 Smol Brains NFTs were stolen, which were listed for a combined total of around $1.4 million. PeckShield reported that more than 100 NFTs from multiple collections had been stolen. They reported that the exploit was due to a bug in their contract that allowed an attacker to set a quantity of 0 in a transaction, which when multiplied by the item price resulted in a total price of 0.

TreasureDAO co-founder John Patten wrote in a tweet while the hack was ongoing that "We will cover the costs of the exploit — I will personally give up all of my Smols to repair this."

One contracted developer writes malicious code for 32 different NFT projects

Rendering of a spherical planet with dark green trees interspersed with futuristic skyscrapersThestarslab #6333 (attribution)
A developer offering his services on the freelancer marketplace Fiverr was hired by 32 different NFT projects, for which he wrote and deployed the smart contracts. The first project to be compromised via the malicious code was "TheStarsLab" project, when the developer renounced ownership on the mint contract, making it impossible for the project team to access the funds. The developer is the only one who has the ability to move the money out of the project contract, though as of a month after the attack on the project, the 197 ETH stuck in the contract (~$580,000 at the time of the attack; ~$648,000 as of April 10).

About 2/3 of the other affected projects had yet to launch or had no social media presence. Crypto sleuth zachxbt tried to contact the other 1/3, and some of the projects were able to migrate contracts before any malicious actions. zachxbt wrote, "Funny enough when I reached out to all the different projects the ones that responded said they either didn't read over the smart contract beforehand or weren't the most technically inclined teams." On April 7, OpenSea contacted zachxbt to say they had frozen trading for all contracts created by the developer.

Hackers who stole data from Nvidia demand the chipmaker remove cryptomining limitations on GPUs

In late February, the Lapsus$ ransomware group claimed to have breached Nvidia's corporate network and stolen more than a terabyte of data, which they say includes schematics and source code for drivers and firmware, as well as employee credentials. Instead of the typical monetary ransom, Lapsus$ demanded something unusual: that Nvidia remove the "Lite Hash Rate" (LHR) feature from their graphics card. LHR is an artificial limitation that Nvidia has applied to their line of gaming chips, which makes them less attractive to cryptominers who have otherwise been causing shortages in GPUs.

Lapsus$ initially promised that if Nvidia removed LHR from their 30-series line of chips, they would "forget about [the hardware] folder (it's a big folder)". However, they updated their demand on March 1, demanding that Nvidia either make all current and future drivers for all of their cards open source ("while keeping the Verilog and chipset trade secrets... well, secret"), or else they would publish all files for Nvidia chips. They wrote that Nvidia had until March 4 to make a decision. As of March 3, Nvidia had not made a statement around whether they would acquiesce to the hackers' demands.

Former ConsenSys employees demand audit regarding MetaMask and Infura's transfer to a new company

A group of 35 former employees of the startup incubator ConsenSys filed a request for an audit of a transfer of the company's "crown jewel" assets to a new company, which they say "was to the detriment of the minority shareholders". The requested audit relates to an August 2020 deal that saw the cryptocurrency wallet MetaMask and the developer platform Infura be transferred to a brand new entity. The transaction also resulted in the banking giant JPMorgan taking a 10% share in ConsenSys, and in a $39 million loan by ConsenSys founder being offset. The shareholders allege that MetaMask and Infura were massively undervalued in the trade; an allegation that a ConsenSys spokesperson has rebutted, saying that "the group would like to apply a valuation that might be achieved today to a set of projects that were pre-monetization during the darkest days of Covid when the transaction took place".

Far-right social network Parler launches an NFT platform where you have to pay with credit cards

An illustration of Donald Trump wearing rhinestone sunglasses and a rhinestoned tuxedo and bow tie, in front of rhinestoned text reading "TRUMP"CryptoTrump (attribution)
You might think if Parler was going to create an NFT celebrating their hero, they wouldn't include along with their promotional material the example most reminiscent of Milo Yiannopoulos, the man who's been so effectively deplatformed that he's had to resort to selling statues of the Virgin Mary on a home shopping TV channel. On March 1, the far-right social network Parler announced their "CryptoTrump" NFTs, which will sell on their "DeepRedSky" NFT platform. The platform is built on the Solana blockchain, and has already helped Melania Trump "sell" (wash trade) her NFTs. Their inaugural project is a collection of 250 algorithmically-generated Trump NFTs, which will sell for $2,750 each and eventually be part of a collection of 10,000 items.

Although Parler's press release contains a lot of their usual chest-thumping about "freedom from Big Tech", the DeepRedSky NFTs can only be minted with credit cards, with payments being processed through Stripe. The good news: if you aren't getting enough of a rush out of the risks involved with crypto in general, you can get a new thrill from giving your personal information to a platform that's been hacked multiple times.

GenomesDAO wants you to give them your genetic data, which they acknowledge is "data that can be exploited in ways we cannot even imagine yet"

An illustration of a calico cat with green eyesWho's going to tell them cats don't have human eyebrows? (attribution)
GenomesDAO has created a platform which they promise will allow people who wish to sell their genetic data to have more control over it. They write that genetic data is "data that can be exploited in ways we cannot even imagine yet" and go into a list of these possible exploits — and this is apparently why you should definitely entrust it to a company building in a space known for its endless hacks. The company promises to help users earn money through selling access to their genome — though of course this isn't until step five in their roadmap. They're currently at step two or step three, depending on which version of your roadmap you look at; both steps seem focused on creating cat NFTs out of your genetic data for some reason.

Randi Zuckerberg tests your secondhand embarrassment tolerance with her second crypto-themed parody song

Apparently hoping to create the "rallying cry for the women of web3", Randi Zuckerberg released her second crypto-themed song "WAGMI", a parody of Twisted Sister's "We're Not Gonna Take It". Earlier that month, she had released another parody video, of Adele's "Hello". "WAGMI" is loaded with crypto in-jokes, with Zuckerberg at one point yelling "LFG! sweep the goddamn floor! we're hodling, yes we are!" The reaction on Twitter appeared to be fairly universally one of cringe, and more than a few users drew comparison to the terrible raps of alleged Bitfinex money launderer Heather "Razzlekhan" Morgan.

Partway through the song, Zuckerberg sings "carpe the crypto diem". This raises the question of whether she intentionally included a dig at her brother Mark's failed Diem cryptocurrency project (formerly Libra), or if the project was such a flop even his own sister didn't know about it. I truly can't decide which scenario would be funnier.

NFT collector files $6 million lawsuit against OpenSea, LooksRare, and the company behind Bored Apes for not doing more to discourage thefts

A Mutant Ape illustration, with an ape made out of yellow oozing slime, with rainbow worms coming out of its nose, wearing rainbow suspendersMutant Ape #1819, one of the stolen NFTs (attribution)
Robert Armijo is the former owner of three valuable NFTs — one Bored Ape and two Mutant Apes — which he bought for a total of around $300,000 between November 2021 and January 2022. On February 28, he filed a lawsuit against the NFT marketplaces OpenSea and LooksRare, as well as the company behind the Bored and Mutant Ape projects, Yuga Labs. The lawsuit was filed only ten days after another former Bored Apes owner filed suit against OpenSea for allegedly failing to secure their platform.

On February 1, he was the victim of a phishing attack in which he lost the three pricey NFTs. He had agreed to trade one of his Mutant Apes for another NFT he was interested in, but he and the prospective buyer had to perform the transaction through a platform other than OpenSea or LooksRare because it was a swap rather than a purchase for ETH. Armijo turned down several suggestions of platforms by the other party, saying he was unfamiliar with them, and instead suggested one of his own choosing. However, the other party was still able to send him a trading link that appeared to be from the site he had suggested, and Armijo approved what turned out to be an illegitimate transaction that allowed the other party to take all three of his NFTs for nothing in return. Armijo alleges that although he quickly realized he'd been phished, he was not able to get OpenSea or LooksRare to freeze sales of the stolen NFTs, and they were flipped for resale within days.

Armijo alleges that OpenSea and LooksRare have "utterly failed to protect consumers or do anything to disincentivize or stop the thefts" because they profit from each trade on their platform. He has also named the company behind the Apes NFTs, Yuga Labs, in his lawsuit, stating that they have not done enough to disincentivize theft by failing to "monitor its proprietary and exclusive ape community by denying entry to individuals whose access is predicated on a stolen BAYC NFT". Once again, my heart goes out to the judge hearing this case.

In terms of damages, Armijo states he has been "deprived not only of the significant monetary value of the NFTs he owned, but also [has been] strip[ped] of his membership in the BAYC community and the commercialization rights he possessed in his underlying Bored Ape and Mutant Ape images", and as such is seeking damages "in no event less than $6 million". Interestingly, the name Robert Armijo also appears as a defendant in SEC charges from June 2021, where the individual is alleged to have unlawfully sold securities managed by an organization also alleged by the SEC to be a Ponzi scheme. It's not immediately clear if this is the same person, or someone who shares a name.

Elexir draws in more than $1.3 million, then announces an end to the project a week later and "reimburses" investors with $300,000

Elexir Finance promised a platform where users could build passive income via "yield bearing NFTs". They drew in more than $1.3 million in investments since the project's launch on February 22. However, on February 28, the team suddenly sold off their assets, tanking the $ELXR price in the process. They explained in Discord that this was because they had discovered a flaw in their tokenomics design, and so they had sold in order to cut losses and put "almost all early investors... either in positive profit or breakeven". The team also announced that they would distribute $300,000 to other early investors via airdrops. They notably failed to mention their plans for people who were not "early investors", or who were unknowingly snapping up doomed tokens that the project was offloading. Notably, the announcement also mentioned that the remaining treasury of more than $1 million would stay with the project developers, to be used for some new project they did not describe.

After their announcement went over about as poorly as you might expect, Elexir offered their community a choice: take the $300,000 they planned to airdrop, and either continue with that plan or re-add it to the liquidity pool. Community members by and large seemed to support an unlisted third mention, which was to refund the entire treasury to people who bought in, but the project developers seem intent on keeping that amount.

The project development team had had their identities verified by the organization StaySAFU, who subsequently tweeted that "We are currently communicating with both the team behind Elexir and the legal authorities", and that they had identity documents for the team members as well as video confirming they were responsible for rug pulls.

Cryptocurrency exchanges refuse requests by Ukrainian Vice President to freeze Russian and Belarusian addresses

Jesse Powell
@jespow
5/6 Sometimes the hardest thing about having power is knowing when not to use it. Our mission is better served by focusing on individual needs above those of any government or political faction. The People's Money is an exit strategy for humans, a weapon for peace, not for war.Tweet by Kraken CEO Jesse Powell (attribution)
Ukrainian Vice President Mykhailo Fedorov publicly requested major cryptocurrency exchanges to freeze addresses of all Russian and Belarusian users, to increase economic pressure on Russia to end its attacks on Ukraine. Several crypto exchanges including Binance, Kraken, and KuCoin publicly refused to do so. CEO and co-founder of the U.S.-based Kraken Exchange, Jesse Powell, wrote a Twitter thread in which he stated that Bitcoin was "the embodiment of libertarian values" and supposed to be "a weapon for peace, not for war".

Although perhaps unsurprising that these exchanges refused a request like Fedorov's, it will be interesting to see if and how sanctions may affect various cryptocurrency exchanges' actions. Binance, the largest crypto exchange, has already indicated it will comply with sanctions. Kraken, whose executives have tended towards more ideological stances, has also indicated that it will comply with legal requirements to freeze accounts.

Gavin Wood decides war in Ukraine is a great opportunity to promote his Polkadot project

Gavin Wood
@gavofyork
Replying to 
@Ukraine
If you post a DOT address I'll personally contribute $5m.Tweet by Gavin Wood (attribution)
On February 26, the Ukrainian government tweeted Bitcoin and Ethereum addresses, allowing cryptocurrency donations directly to the government to support their resistance to the ongoing Russian invasion. Gavin Wood, a co-founder of Ethereum who is now primarily involved with the Polkadot cryptocurrency network, apparently thought this could be a great marketing opportunity for Polkadot if the Ukrainian government would list a Polkadot address alongside BTC and ETH. He took to Twitter to offer a generous donation contingent on them doing so: "If you post a DOT address I'll personally contribute $5m". I'm sure the Ukrainian government have nothing more important to do than futz around with making wallets for every millionaire who wants to promote his crypto project.

Some with a more optimistic view of Wood's tweet suggested that perhaps his request was motivated by a desire to avoid capital gains taxes that could be incurred by converting his DOT to ETH before donating it, but another commenter pointed out that 1) Wood almost certainly holds more than $5M in ETH already as a co-founder of the project, and 2) Wood lives in Switzerland, where private individuals are generally exempt from capital gains taxes.

Co-founder and primary artist for Starcatchers NFT project uses insider knowledge to buy the project's rare NFTs to flip after reveal

An illustration of a human figure with a star for a head, wearing a pink baseball cap and looking unhappy, wearing a rainbow hoodieStar Catcher #1755 (attribution)
The Starcatchers NFT project sold NFTs which did not immediately show the image associated with them, but would instead be revealed at a later date. An observant collector noticed that several of the NFTs in the project sold for considerably higher than others. Following the reveal, it turned out that these were the rarest NFTs in the project. One of the NFTs (#1755, pictured) has been described as the "project mascot", and later sold back to the Starcatchers team for 30 ETH (~$83,400).

It turned out that "Beutrec", a co-founder and the primary artist behind the collection, had used his access to the project metadata to identify and buy the rarest NFTs in the collection. Although he attempted to use distinct wallets to perform the transactions, they were trivially linked back to him. He made around 50 ETH (~$140,000) in profit from flipping the NFTs he bought with insider knowledge. After his actions were revealed in April 2022, Beutrec's new NFT project, Boki, announced that Beutrec would no longer be a part of their team.

Discord server for the Doodles NFT project is compromised

A cartoon person with blue hair in two buns and an open mouth wears a purple and orange hoodie and a yellow backpackDoodle #1691 (attribution)
The enormously popular "Doodles" NFT project announced on February 26 that their Discord server had been "penetrated by a hacked bot", and that all messages should be ignored. They wrote, "Our lawyers, friends at discord, and the community are helping us". Later that day they announced that they had regained control of the server, and that they would compensate community members affected by the attack. It wasn't clear the scale of losses that may have been suffered by members of the Discord who believed that messages coming from an attacker were from the official team.

Howlerz NFT drop goes incredibly badly, with heavy botting, a poorly-implemented contract, and buyers falling for a scam contract

An illustration of a grey wolf skeleton wearing a purple turtleneck, with gold teeth and earrings, and laser beams shooting from its eyes, on a gold backgroundHowlerz #3074 (attribution)
A heavily-hyped NFT project called "Howlerz" released its project via "secret mint" with no allowlist, and it went very, very poorly. Would-be buyers who were excitedly waiting for the mint to begin were fooled by a fake contract that scammed buyers for a total of 250 ETH ($675,000). When the project did mint for real, its NFTs sold out within seconds to the swarm of bots waiting to snap up the assets. Some prospective buyers who tried to buy the NFTs ran into "out of gas" problems, where they spent too little gas to cover the transaction, and ended up losing the gas fee on a failed transaction. This is a problem that is usually addressed by NFT developers in their contracts by adding a buffer to the estimated gas required.

Part of this collection's draw has been the promise that "you own the art". However, the artwork is released under the CC0 license, which dedicates the work to the public domain — that is, any ownership of the work in a copyright sense no longer exists.

Crypto and NFT scammers take advantage of the invasion of Ukraine to boost their grifts

Engr. 🇺🇦🇺🇦@MRchildofGod·1hCan anyone help me please I’m stranded in Ukraine with my family2Engr. 🇺🇦🇺🇦@MRchildofGod·1hBTC 

17rd6cGoopC7vH71S5fgLDpDfW1M3PRtRdPerson claiming to be stranded in Ukraine requests Bitcoin (attribution)
Cryptocurrency scammers have turned to the crisis in Ukraine to provide fodder for their scams. Some have taken the tactic of pretending to be a person trying to escape the country and asking people via private message to send cryptocurrency; others have set up sketchy crowdfunding projects that claim they will send the money to various Ukrainian causes. One scam project tried to get people to buy "UkraineToken", with vague promises of "regular donations and support".

Ukraine-themed NFT projects have also sprung up all over the place, promising to donate portions of proceeds, with very few avenues to distinguish the legitimate from the scams. Some existing NFT projects have created Ukraine-themed items to add to their collections. Other NFT projects that have nothing to do with Ukraine have tried to tempt buyers by claiming they will donate a portion of proceeds (5%, in one case) to Ukrainian war relief funds. Individual sellers have also tried to use the crisis to increase the sales of NFTs they own, promising to donate their profits.

Needless to say, my advice if you're hoping to donate to relief would be to skip the cryptocurrency and NFTs altogether and pick any of the many verified relief funds out there.

Pixelmon raises $70 million only to reveal hilariously bad NFTs

A poorly 3D-rendered approximation of a Squirtle, with both eyes pointing in different directionsSquirtle is looking rough these days (attribution)
The Pixelmon project promised an ambitious roadmap including a Pokémon-like game where the pixelized Pokémon could be caught and traded, a land project, and rewards to buyers of their "Generation 1" Pixelmon. The 3D pixelized Pokémon on their flashy website and on social media certainly looked promising to the buyers who sunk a total of $70 million into the project. Those buyers, who spent 3ETH per mint (~$9,300), were excited to unveil their "fully modeled 3D character[s] that you can interact with". However, when they "hatched" their Pixelmon, buyers were greeted with some truly terrible models, if they were lucky enough to have a model at all — some unveiled just an empty patch of grass, and others found their models appearing partway in the ground.

Although the project lead wrote on the Discord that they had "made a horrible mistake" but that they would "completely revamp and redesign" the NFTs, the project appeared to be a cash grab. On the night of the reveal, 1,000 ETH ($2.8 million) had already been transferred out of the project and split among various addresses. One of the recipients who received 400 ETH ($1.1 million) immediately went on a shopping spree, buying various big-ticket NFTs with their windfall.

Bitconnect founder indicted by federal grand jury on charges of orchestrating a global Ponzi scheme

BitConnect founder, Satish Kumbhani, founded the Bitconnect "investment program" in 2016, which attracted investors with its impossibly high payouts. From then until its dramatic 2018 shutdown, Kumbhani and his team drew in around $2.4 billion from investors. The whole thing turned out to be a Ponzi scheme, as many had suspected, and Kumbhani now faces a long list of charges: "conspiracy to commit wire fraud, wire fraud, conspiracy to commit commodity price manipulation, operation of an unlicensed money transmitting business, and conspiracy to commit international money laundering". If convicted of all charges, Kumbhani faces up to 70 years in prison.

The Associated Press continues to mishandle its NFT fiasco with mass Discord bans and scrubbing of messages

Dwayne — Today at 11:00 AM
What are your thoughts on the adoption by finance? We see networks like Pyth seeking to replicate traditional financial pricing awareness on chain.
Dwayne — Today at 11:02 AM
Seems they also have an existential driver to move transactions on chain.
Dwayne — Today at 11:03 AM
So, what's the technology's future? Do you think there's no turning back?
Dwayne — Today at 11:04 AM
Alas. I, too, shunned Bitcoin and my wife has not let me forget it.Gaps in conversation where most messages were removed (attribution)
After the fiasco the previous day in which some group of people at the Associated Press apparently decided turning an image of human suffering into an NFT was a brilliant idea, some at the Associated Press seem to be intent on tarnishing the organization's reputation even further. Horrified individuals took to the project's Discord, as the AP had previously invited people to use that as a way to give feedback and ask questions. The AP's "Director of Blockchain" Dwayne Desaulniers spent a while trying (but not really succeeding) to explain why the AP has decided to turn some of its photojournalism into NFTs. However, around 24 hours after the initial NFT tweet had been made, he apparently decided enough was enough and nearly everyone who'd asked a question was banned from the Discord, with their messages were removed. Some of Desaulniers' replies were also removed, such as where he had replied "Fucking right" to a user who said, "Dwayne wants a world without adblock, without archive.is, without a possibility that someone somewhere might wring a tiny bit of the AP's journalistic output out of them without paying for the privilege."

Nelson Mandela's paintings from prison to be sold as NFTs

A pencil and watercolor illustration of the interior of a prison cell, viewed through the open doorThe Cell by Nelson Mandela (attribution)
The Guardian reported that five watercolor paintings created by former South African president Nelson Mandela depicting scenes from his years of incarceration will be sold as NFTs next month, as well as a handwritten description of why he created the artwork. His daughter is the one behind the project, and she says that "My dad was all about creating an accessible society. This is a way of democratising his art." She does not explain why there is a need to sell them as NFTs in order to accomplish this, or why this makes them more accessible than them already being available to view online. She also doesn't explain how pricing them at $3,500 for a set including one of each, or $700 apiece, can be considered "accessible".

The Associated Press wants to sell you an NFT of migrants adrift at sea

Still frame of an inflatable boat full of people wearing orange life jackets, pictured from aboveStill frame from the video (attribution)
The Associated Press announced they would be dropping a new NFT on the platform they launched in January, which notably doesn't allow users to sell their NFTs off-platform or really do much at all with the image or video associated with their NFT. Most NFTs they've offered to date have been fairly benign, like a photo of a shooting star over a house in a field, or of a person spray-painting "illegal" on a brick wall (edgy!)

However, on February 24 they announced that their newest NFT would show a short, top-down video of around fifty migrants crammed into a small inflatable boat, adrift at sea in the Mediterranean. Any goodwill the AP might have had for their NFT project was likely shattered by their choice to monetize a video of human suffering. The already horrific NFT announcement was particularly ill-timed, given its juxtaposition on many Twitter feeds amongst news of Russian military action against Ukraine. The Associated Press deleted the announcement tweet four hours later.

Founders of BitMEX crypto exchange take guilty plea, pay $10M fine for failing to implement an anti-money laundering program

Arther Hayes and Benjamin Delo, the founders of the BitMEX cryptocurrency exchange, pled guilty to violations of the Bank Secrecy Act, which they violated by ignoring requirements to implement any anti-money laundering (AML) programs, including programs that would verify customer identities (KYC). They also separately agreed to pay a $10 million fine, which represents the monetary gain from their crime. "BitMEX was in effect a money laundering platform", said the U.S. Department of Justice statement, which also described how the platform was reportedly used to launder funds from a hack of another exchange, and how the executives both had direct knowledge that some of their customers were from countries under OFAC sanctions.

In March, the third co-founder, Sam Reed, also pled guilty and agreed to pay a $10 million fine. In August, top BitMex employee Gregory Dwyer entered a guilty plea and agreed to pay a $150,000 fine.

BitMEX had attempted to evade sanctions by claiming they didn't serve customers in the United States, though in reality they served thousands of U.S. customers and marketed in the U.S. At one point, when an early investor inquired as to why an investment in the company hadn't triggered a report to regulatory authorities, Delo responded with a meme of a man smiling, superimposed with the text "Incorporated in Seychelles, come at me bro". Hayes and Delo face a maximum sentence of five years in prison as a result of this plea. The exchange had in August paid $100 million to settle a separate lawsuit from the Commodity Futures Trading Commission, in an agreement which had also required them to implement proper blocks to prevent U.S. customers from using the service.

Space Crypto game surprises its player base with new, disadvantageous tokenomics

Space Crypto to USD Chart, showing a precipitous drop on February 23Space Crypto to USD chart (attribution)
Space Crypto, a play-to-earn game that launched on February 15, announced on February 23 that users wouldn't be able to withdraw all their reward tokens, as expected. Without previously informing investors, they decided that players won't be able to withdraw the necessary amount of reward tokens ($SPE) to repair all their ships, essentially locking everyone in to artificially extend the game's life. They also decided that the token exchange rate would be 5 in-game tokens = 1 $SPE (also not specified in the whitepaper), essentially hiding the true amount of in-game currency needed for positive return on investment. The community was fairly universally enraged, and the $SPE token price dropped in value by 93% after the announcement.

Utility promising to restore mining performance on Nvidia GPUs actually malware

The popular Tom's Hardware and PC Gamer websites both ran articles about a utility called "Nvidia RTX LHR v2 Unlocker", which claimed to increase the artificially-limited cryptocurrency mining performance of its RTX graphics cards. These graphics cards are shipped with performance-limiting software to reduce the GPUs' attractiveness to cryptocurrency miners, whose thirst for GPUs has made it difficult and expensive for gamers and various others to acquire the hardware. Unfortunately, both publications had to run a second article just a day later to warn their readers away from the software they had just advertised. "Instead of fixing the capped mining performance, the utility infects the host system with malware", wrote Tom's. Though it is now clear that the tool is malware, it's not immediately clear what exactly the malware does — speculation has ranged from keylogging to, well, cryptocurrency mining.

NBA player De'Aaron Fox ditches his NFT project after raking in $1.5 million

A 3D fox wearing a black ball cap and purple basketball jersey reading "Swipa". His eyes are popping out like in a cartoon.Swipa The Fox #5784 (attribution)
Sacramento Kings player De'Aaron Fox announced his "SwipaTheFox" NFT project in mid-December, and the "high utility NFT collection" went live on January 15. The project roadmap promised a metaverse basketball court, a scholarship to a University of Kentucky student, and chances to win all-star game tickets, as well as "much more to come". The project had over 100,000 people in its Discord, and pulled in about 475 ETH (about $1.5 million at the time).

Suddenly, on February 23, the project deleted its social media accounts and most of its Discord. Fox wrote in the remaining Discord announcements channel that "The time and attention that y'all deserve and that I wanted to give you all/what this project requires, was not known to me and I overstepped and stretched myself too thin, trying to do this project in the middle of an NBA season." He promised to send anyone who bought more than five NFTs (which would have cost ~0.4 ETH, around $1,300, if bought at mint price) a signed jersey (available for purchase online for around $100).

The following day, after some attention was drawn to the rug pull, Fox released a Twitter statement that said basically nothing at all, and made no mention of reimbursing holders. Meanwhile, the floor price of the NFTs dropped to around 0.003 ETH ($8).

Seller withdraws Sotheby's CryptoPunks auction minutes before it's due to go live, likely due to "tepid" reception

A pixel-art person with black bob-style hair and blue makeup around their eyes, on a blue backgroundCryptoPunk #1563 (attribution)
Two weeks prior, collector 0x650d announced that they would be partnering with the Sotheby's auction house to auction a single lot of 104 CryptoPunks. CryptoPunks are some of the earliest NFTs, and trade for hundreds and even thousands of ETH (equivalent to hundreds of thousands to millions of dollars). The collector wrote in a Twitter thread that they "simply could not pass up the opportunity to elevate CryptoPunks in the international art community. And with this sale, the CryptoPunk collection will be solidified in the broader art world." Media reports speculated that the auction would fetch as much as $30 million.

However, 0x650d withdrew the sale only minutes before the auction was due to start, tweeting only "nvm, decided to hodl". CoinDesk reported that, "Perhaps contributing to 0x650d's reversal were rumors of a tepid reception for the CryptoPunks mega-lot. Three sources, including one bidder on-site at Sotheby's, told CoinDesk that the highest pre-bid offer was $14 million, which was also the reserve price."

Journalist says she's been able to use chain analysis tools to discover the person behind the 2016 hack of The DAO

"The DAO", one of the first DAOs, was famously hacked in 2016, requiring a hard fork of the Ethereum blockchain to "undo" the breach. (So immutable!) Had Ethereum not forked, members of The DAO would have lost 3.6 million ETH — then worth around $50 million.

Journalist and researcher Laura Shin reported on February 22 that she had successfully used a forensics tool from Chainalysis to discover the identity of the hacker: Toby Hoenisch, a co-founder of the TenX "crypto debit card" project. Hoenisch refused to speak with Shin, and has denied the allegation.

For a technology that makes lofty promises of anonymity and privacy, increasingly-powerful technology is being released that at least claims to be able to unwind crypto mixing and make other connections between wallets and transactions that were previously extremely difficult, if not next to impossible. I imagine there may be a few people behind various crypto crimes sweating a bit as these technologies progress and threaten to unmask those behind other hacks and scams.

Security researchers desperately try to contact Ocean Protocol about a critical security problem

Screenshots of Kubernetes credentials and a shell connection, with sensitive credentials blurred out.Image from Bleckmann-Dreher's tweet (attribution)
Ocean Protocol is a web3 project promising to help people "publish, discover, and consume data in a secure, privacy-preserving fashion". Recently, they've been promoting the ALGA defi wallet, a project created by an external development team called Data Whale. Security researcher Christopher Bleckmann-Dreher, also known as "schniggie", resorted to publicly replying to one of Ocean Protocol's promo tweets to try to get the group's attention on a security vulnerability he and his collaborator Daniel Matesic ("mtd_0x00") had discovered. The duo found Kubernetes infrastructure that appeared to be completely compromised, and were able to get a shell, call their underlying AWS metaservice, and more. When Bleckmann-Dreher tried to report the bug through Ocean Protocol's Github bug bounty program, he found it was retired. He also tried to contact the team via their security email address, Telegram, and Discord, but received no reply.

After Bleckmann-Dreher's attempts to contact the project were published on Web3 Is Going Great on February 26, Ocean Protocol's founder Bruce Pon commented to say they were "on it", and that he had alerted Data Whale about what appeared to be an issue in the ALGA project. Several hours later, Data Whale announced they would be taking the app offline due to concerns that there was a vulnerability, and that they had contacted the researchers. ALGA was later brought back online after they confirmed the vulnerability was not an issue with their project, but rather with Ocean Protocol itself. Pon acknowledged on February 27 that "there was a configuration issue on Ocean compute-to-data which is being fixed now", and later that day Ocean Protocol cut a new release of their operator engine which appeared to be a patch.

Coinbase CEO tries to weave a compelling story about how their own team came up with a Super Bowl ad that "broke the rules on marketing", is quickly revealed to just be taking credit for the work of an outside ad agency

Two tweets. First by Brian Armstrong: "10/ I guess if there is a lesson here it is that constraints breed creativity, and that as founders you can empower your team to break the rules on marketing because you're not trying to impress your peers at AdWeek or wherever. No ad agency would have done this ad." Reply by Kristen Cavallo: "Except an ad agency did do that ad."Tweet by Armstrong, with reply from Cavallo (attribution)
Coinbase CEO Brian Armstrong embarked on a 12-tweet-long thread congratulating Coinbase employees for coming up with the bouncing QR code Super Bowl ad. He wrote, "I guess if there is a lesson here it is that constraints breed creativity, and that as founders you can empower your team to break the rules on marketing because you're not trying to impress your peers at AdWeek or wherever. No ad agency would have done this ad."

Unfortunately for him, CEO of The Martin Agency Kristen Cavallo showed up with receipts: "It was actually inspired by presentations our agency showed your team on 8/18 (pages 19-24) and 10/7 (pages 11-18) with ad concepts for the Super Bowl with floating QR codes on a blank screen."

I guess if there is a lesson here it is that if you're going to take credit for someone else's idea to try to make your team sound good, maybe you shouldn't also use it as an opportunity to dunk on the people who actually came up with the idea.