Web3 is Going Just Great

Such a dramatic crash in a cryptocurrency that was in the top ten by market cap has been devastating to some. Some members of the Terra/Luna community on Reddit have spoken of being massively over-invested in Luna, with some describing losing their life savings and appearing to be in crisis.

OneCoin was a Bulgarian ponzi scheme in which investors bought packages of "tokens" with which they would supposedly "mine" cryptocurrency. Despite advertising as a decentralized cryptocurrency, OneCoin in reality was centralized on the company's servers. The scheme attracted around $4 billion in investments since its creation in 2014, and several people associated with the project have pled guilty to money laundering and fraud charges.

This serves as a stark reminder to users who keep their cryptocurrency on exchanges, that although it is often a more user-friendly way to keep crypto (compared to self-custodying), it exposes users to risk like this.

Some members of the crypto community expressed shock, with Swan Bitcoin CEO Cory Klippsten tweeting, "Is this real?!?"

It appeared that Owen might have meant that there would be a lower bound on resale price of the NFTs, which is neither a new concept in NFTs (see Kaiju Kongz or Rich Bulls Club), nor does it mean the NFTs "can't lose their initial value". It just means that when the NFTs do lose their initial value, collectors can't recoup even a portion of their investment.

The remaining project developers have tried to remain positive and restore faith in the community, accusing the developer who sold of "gluttony" and "greed". The project also implemented a steep 50% tax on remaining holders to discourage them from trying to sell.

This news came as a shock to many lovers of Azuki NFTs, pricey NFTs which regularly trade for 20–30 ETH (~$45,000–$70,000). Azuki is not without its own controversies, recently facing accusations of insider trading.

The incentives that should keep TerraUSD trading at $1 have been put to the test lately, with a combination of spiraling cryptocurrency prices across the board and some apparent large sell-offs by those holding UST. The coin dipped down to $0.992 on May 7 before some large buys returned it close to its peg. It dipped again by a smaller amount the following day, reaching a low of around $0.994. These values may seem like small changes on the micro scale, but when major stablecoins diverge from their peg by even fractions of a cent they have major effects throughout the cryptocurrency ecosystem.

On May 9, UST saw its most extreme de-peg, plunging to $0.95, then again to $0.84 later that day, despite Luna Foundation Guard liquidating $1.3 billion in Bitcoin reserves to try to restore the peg.

Do Kwon, cofounder of Terraform Labs, initially seemed to be doing his best to portray confidence on Twitter by tweeting things that give the exact opposite impression. "If yall girls are gonna fud, try to do it during my waking hours pls," he wrote on May 7. "You could listen to [crypto Twitter] influensooors about UST depegging for the 69th time. Or you could remember they're all now poor, and go for a run instead", he tweeted, somewhat blithely acknowledging UST's repeated history of losing its peg. His tweets seemed to take a more serious turn beginning the evening of May 8, as the situation grew more dire.

The exploit caused the $FTS token to drop 42%. The creators of Fortress urged people not to supply any assets to the pool as the attack was ongoing, and tweeted "we need the support of all of our partners and key organizations in the community to assist and try to freeze and bring back the funds!"

Despite all this, the project deployer suddenly minted 23 million CSR tokens, which they swapped for almost $90,000 in other assets, crashing the token value in the process by about 70%. The development team also took the project website offline.

The rug pull was first noticed by CertiK, a blockchain security firm that had also audited the project. "We pointed out these major centralization issues in their audit," CertiK wrote on Twitter.

However, the NFT launch went poorly — fewer than 2,800 NFTs were minted out of the total supply of 9,671 NFTs. The project tried to relaunch but failed to drum up much more interest, so the creators apparently decided to call it quits — while keeping the money, of course. The project founder left a long message to the community, in which they said that they would be shutting the project and spoke at length about how difficult it had been for them.

Although the company claimed to have 3 million users on its waitlist, the public marketplace release has gone shockingly poorly given Coinbase's existing reputation. The platform has yet to see more than 200 transactions in a given day (compared to OpenSea, which regularly sees more than 100,000 transactions a day, or its smaller competitor LooksRare which sees more than 1,000 daily). Furthermore, the platform has only broken $50,000 in volume traded on five of the days it's been publicly available, with some days seeing only a few thousand dollars traded. OpenSea has been doing over $150 million in daily volume in that same time frame, and LooksRare around $100 million (though it should be noted that the prevalence of wash trading, particularly on LooksRare, makes these numbers hard to evaluate).

The U.S. began sanctioning various wallet addresses belonging to the hackers in mid-April, though have faced obstacles given that it is trivial for the hackers to create new wallets. The use of cryptocurrency tumblers (also called "mixers") has also stymied the government's attempts to limit the DPRK's access to the ill-gotten funds. Blender is not the primary tumbler that Lazarus has been using — that would be Tornado Cash, which they have used to tumble more than $213 million from the hack. Tornado has taken perfunctory steps to comply with sanctions, but nothing that would meaningfully impact Lazarus' ability to use the service.

Sadly for the scammer, the scam was discovered and shut down when they had only managed to scam one person. The unsuspecting collector sent 0.3 ETH ($800), which the scammer transferred to Tornado Cash.

The project's website is one of the most absurd I've seen, promising that "all final holders will get 10,000,000x gains". Their project roadmap includes a "mystery plan" that results in a 1,000,000x price increase. Their FAQ states, "First of all, we promise that the team will not redeem the fund pool." Apparently projects based on pinky swears aren't great investments.

After the funds were drained, the project claimed that they had been compromised by an external actor, and had "reported to Binance and local authorities".

Given OpenSea's prominence, it's surprising that the hacker managed to obtain relatively few NFTs of much value. The wallet appeared to have successfully stolen only 13 NFTs, none of which were from high-value collections, that are worth a collective $20,000 if resold at the collections' floor prices.

OpenSea tweeted several messages acknowledging the hack and urging users not to click any links. They have not yet confirmed that they've conclusively re-secured their server.

McAfee identified 26 scam websites that were linked from the YouTube livestreams, which altogether took in $1.3 million in Bitcoin and Ether in a 24 hour period.

Capuci was charged with conspiracy to commit wire fraud, conspiracy to commit securities fraud, and conspiracy to commit international money laundering. If convicted on all counts, he could be sentenced to up to 45 years in prison.

The rug pull appeared to have been perpetrated by one team member, although several other team members had to sign off on the transaction in order for it to go through.

The team had had their real-life identities verified by Obsidian, and remaining team members said they were working with Obsidian to try to investigate those behind the theft. Third-party KYC verification like the service Obsidian provides is often used by crypto projects to increase trust, though Pragma is hardly the first project with this kind of verification that stole funds anyway.

Juno intended to transfer the seized tokens from the individual whale's wallet to a community-controlled wallet. However, the person making the transfer accidentally copied and pasted the wrong value, resulting in the funds being sent to a wallet address that no one can access — effectively burning the tokens.

Daniel Hwang, who helps run one of the Juno validators, said to CoinDesk, "We fucked up big time". He also offered an unusual opinion: "Validators should have due diligenced for ourselves to actually check the code we're executing and running".

Shortly after the botched transaction, the Juno community began voting on a proposal to hard fork a second time to fix their mistake.

"Please do not perform any transactions or your funds will be sent to the exploiter wallet," MM.Finance tweeted shortly before taking the website offline. Three days earlier, MM.Finance had published a blog post to address "FUD" in their ecosystem stemming from a popular Reddit post that described MMF as an "inverse pyramid of derivatives" that the author believed would "topple", and outlined the project's "rosy future".

The project promised to try to compensate users, with its developers foregoing 45 days of trading fees to reimburse users. They also appealed to the OKC crypto exchange to intervene to help recover funds from someone they believed to be the attacker, and threatened the attacker with the FBI. "With all these information, we have more than what we need to bring this information to the FBI," they wrote on Twitter. "So here's the deal, return 90% of the funds you stole and we will let this go, no questions asked. You have 48 hours to return these funds."

ape holders can use multiple slurp juices on a single ape

so if you have 1 astro ape and 3 slurp juices you can create 3 new apes

Tonight's slurp juice mint event is essentially a minting event for both Lab Monkes and Special Forces

The sale agreement announcement came at a tough time for Square Enix, as it was published the same day as a report from the Wall Street Journal that "NFT Sales are Flatlining".

However, the article must be taken with a grain of salt. It's very difficult to determine in the moment what's simply a temporary lull rather than a death spiral, and notoriously inconsistent NFT and crypto data sources can tell wildly different stories.

For now it sounds like the project doesn't involve selling NFTs, which raises the question of why NFTs are required at all when the goal seems to just be to display artwork online — something the Vatican already does. Personally, until I can own the Popemobile in the metaverse, I'm not interested.

The whale has repeatedly appealed to the community not to revoke his tokens, even trying to claim that the Juno developers had been secretly selling off $JUNO and damaging the community. Unfortunately for him, he didn't succeed in swaying the community, who voted on April 29 to confiscate his tokens.

The whale has threatened to take "legal action against each validator" if the community burns or locks the tokens that previously belonged to him, and which he claims to have been managing on behalf of clients in an investment scheme.

The Wikimedia Foundation has accepted cryptocurrency donations since 2014, accepting donations in cryptocurrencies including Bitcoin, Bitcoin Cash, Ether, Ripple (XRP), Litecoin, Dogecoin, and the DAI and USDC stablecoins. However, it has made up a small portion of the non-profit's donation revenue — they received only $130,000 worth of crypto donations in the last fiscal year, which made up 0.08% of their revenue.

There has been strong pressure from crypto advocates on the WMF to accept crypto donations — both in 2014 when it was initially implemented, but also via brigading of the recent community discussion.

Blockchain sleuth zachxbt found one such address that had netted around $1 million in NFTs just today, and tracing its transactions led to two other scammer wallets containing $5.1 million of other stolen NFTs.

Most trading on OpenSea during this period was for the much-anticipated Otherside land deeds, which sell for around 5 ETH ($13,500) plus gas. However, some people oddly continued to buy and sell cheaper NFTs, including one person who bought a 0.1 ETH ($275) NFT and paid $3,850 in transaction fees.

This is hardly the first instability the network has demonstrated, much to the chagrin of its users. Transaction flooding is an issue on Solana in part because of the low transaction fees compared to networks like Bitcoin and Ethereum, which have relatively high gas fees that would make flooding extremely expensive.

In late April, the Twitter account was suddenly suspended. On April 30, the TMNT project announced in their Discord that they had discovered that they had been sold a "fake IP rights contract", which they learned after communication from Paramount. They, probably overly optimistically, wrote that they would be pausing the project but they were hoping to "continue the project hand in hand" with Paramount.

Saddle Finance had lost money once before, hours after it launched in January 2021. An individual was able to arbitrage Saddle Finance pools for a profit of around $275,000.

Fei Protocol tweeted that they had paused borrowing to avoid further thefts, and offered a $10 million bug bounty if the hacker returned the money.

Deus had suffered a similar attack in March, with an attacker using a flash loan attack to steal more than $3.1 million. Deus reimbursed users who were liquidated in the incident.

According to Deus' CEO, the exploit in this incident was not the same one used in the previous attack. He wrote on Twitter that the exploit was "the first of its kind, a zero-day exploit on Solidly [decentralized crypto exchange] swaps".

The Bank of Central African States (BEAC) has expressed surprise at the CAR's choice, saying that they only learned about it along with the rest of the public. Two former prime ministers of the CAR co-authored a letter stating that adopting Bitcoin as legal tender without guidance from the BEAC was a "serious offence".

The project airdropped these NFTs to NFT whales, causing some trackers used by people who follow and imitate whales' behavior to believe the whales themselves had minted the NFTs. The site then used a random counter to make it appear that the NFTs were quickly selling out, causing people to quickly mint their NFTs in fear of missing out. One NFT collector recounted her experience falling for the scam, buying five of the NFTs for a total of 0.6 ETH (~$1700) in hopes of striking it rich on a newly-launched project before it became widely known.

An examination of the website source code shows that the project is reusing code from a different scam based around World Cup themed NFTs.

The Employee Retirement Income Security Act of 1974 requires plan fiduciaries to act solely in the financial interest of plan participants, and the U.S. Department of Labor issued guidance in March reminding plan fiduciaries of this duty, urging them to "exercise extreme care before including direct investment options in cryptocurrency". In a blog post shortly after, the DoL wrote that they had "serious concerns" about plans that would expose participants in cryptocurrencies and related products, outlining risks including valuation concerns, obstacles to making informed decisions, price volatility, and a still-developing regulatory landscape.

A Fidelity executive said that the company "believe[s] they should withdraw that guidance".

Whether they actually get close to that dream very much remains to be seen. The project has faced several setbacks, including complaints from doctors whose likenesses were used without permission, and lack of any telemedicine license that would allow doctors to actually provide remote medical services. The project has also faced criticism for hosting "Ask a Doc" chats where physicians answered various questions without clarifying they weren't providing medical advice, for listing "physicians" in their whitepaper who were still completing residency, and for pledging to donate its first $1 million in revenue to an autism-related charity which has promoted the false claim that vaccines cause autism and has described autism as a disorder that needs to be "cured".

After initially rejecting a plea offer that would have allowed him to plead guilty to one felony if he forfeited up to $371 million, Fowler ultimately decided to enter an open plea to the charges against him and skip a trial. He pled guilty to five charges: bank fraud, conspiracy to commit bank fraud, operating a money transmitter business, conspiracy to operate a money transmitter business, and wire fraud. Fowler faces a maximum sentence of 90 years in prison.

Levine responded, "I think of myself as like a fairly cynical person. And that was so much more cynical than how I would've described farming. You're just like, well, I'm in the Ponzi business and it's pretty good."

The post invited people to visit a website that prompted users to connect their wallets in order to receive the airdrop. Users who did so found their NFTs transferred out of their wallet to the scammer. So far, 44 people have fallen for the scam site, transferring a total of 133 NFTs with an estimated value of around $2.4 million. The stolen NFTs included items from pricey collections including Bored Apes, Mutant Apes, Bored Ape Kennel Club, and CloneX. Several of the NFTs had previously been sold for over $100,000 each.

Byrne and Collins published the paper via their co-founded company Streetlight Equity. The firm has also published ostensibly economic-focused articles that include conspiracy theories about how U.S. sanctions on Russia are all a part of a plan to "force the left's green agenda", and rail against pandemic lockdowns.

This is not the first unsolicited newspaper from the Epoch Times or its associates; the Falun Gong-associated and strongly anti-Chinese Communist Party publication previously distributed an unsolicited "special edition" which described COVID-19 as the "CCP virus". This led to pushback from Canadian postal union, who urged the Canadian government to ban its distribution as hate speech they feared would endanger Asian Canadians. Epoch Times have also spread QAnon and anti-vaccine conspiracy theories, spread false claims of fraud in the 2020 United States presidential election, and promoted far-right politicians in Europe.

Navalny has been imprisoned in Russia since returning in January 2021, shortly after recovering from poisoning: an attempt on his life reportedly ordered by Putin. While in prison, Navalny's foundation has encouraged people to donate cryptocurrency using Binance. They have raised more than 670 Bitcoin ($28 million) so far, despite the Russian government outlawing the foundation and labeling it a terrorist organization. Donors to Navalny's cause now face potentially serious danger as they've been identified to the Putin regime by Binance.

Crypto proponents have long promoted the technology's potential to fund individuals who are targeted by oppressive regimes, and to allow anonymous and untraceable donations.

The contract suffered from several flaws, however. The first allowed an exploiter to stop all refunds and withdrawals from the contract. Luckily for the team, the exploiter was well-intentioned and only intended to highlight the issue; they removed the block shortly after, leaving a message urging the team to have their contracts audited before release.

AkuDreams were not so lucky with the second issue. A bug in the code failed to account for users minting multiple NFTs in a single transaction, which made it so that the claimProjectFunds function that would allow the team to withdraw their earnings can never successfully execute. This means that the team can never withdraw the 11,539 ETH ($34 million) earned from the NFT sales — it is stuck there forever.

52 different people fell for the scam, losing a total of around $4.3 million in assets. The scammers appeared to be targeting high-value wallets, with only two accounts transferring less than $1,000. 24 individual wallets were scammed for more than $10,000 each, 7 wallets lost more than $100,000, and one user lost almost $1.4 million.

Following a thread by zachxbt outlining the team's rug pull, the project founder made the first post in the project Discord since December, announcing a theme song competition with no acknowledgement of the team's absence and lack of progress.

This event once again shows how it is people like zachxbt who are left to try to hold project creators accountable in the absence of reasonable regulation or enforcement.

More than a few people expressed shock at seeing what they believed to be a hate symbol on their Twitter feeds from a large brand. The date of release only made things worse — April 20 is celebrated among fascists because it is Hitler's birthday. Tweets from Binance's official Twitter account and the Twitter account of founder and CEO Changpeng Zhao (known as "CZ") were quickly deleted, though the emojis remained. Several hours later, Binance changed the emoji to a globe with the Binance logo.

Twitter doesn't publicly list how much it costs to obtain a branded hashtag, though most articles I could find listed the price at around $1 million. I'm not sure if this is per hashtag or per emoji — the new emoji appears on several related hashtags.