meltedblocks

super exited about this. many complex problems need to be solved, but one goal remains clear: best trade execution is on Solana

we are cooked

I tried to buy $SPCX xStock. route: USDC -> Backpack $SPCX -> $SPCX xStock still space for good market making

@armaniferrante @Backpack @solana works

@jussy_world @Backpack @sunrisedefi just decentralize

$SPCX launched today Two major CEX attempts failed: → Bybit canceled allocations after not receiving the underlying shares (Full refund) → Binance canceled its SPCXx IPO campaign (Full refund) Meanwhile on Solana, @Backpack x @SunriseDeFi launched $SPCX: → Trade 24/7 on Jupiter → Redeemable for actual stock, transferable to any broker → 1:1 backed by real shares → Self-custody, dividends supported Onchain delivered, CEXs couldn’t…

$SPCX like this tweet to see the rocket, nice easter egg

SpaceX IPO’d 50 years ago: have a shower, suit, Wall Street floor, broker, allocation, paperwork today no brokerage account, just a phone and a Solana wallet and can have part of Elon biz

just trade on SOLana

@ramzyyalii historical moment

And... we are live to infinity and beyond

@Luc100k It’s crazy, well done

Licensing stack Backpack Stack the licenses on top of Backpack's product: -Regulated perps (MiFID II) -Regulated spot crypto (MiCA) -Regulated payments (PSD2 ) -Real broker product (NY UCC Article 8) Only Kraken has the European regulatory trinity. Backpack adds the broker layer. Most competitors have one of these. We have all four.

@greg_rog It requires a lot of initial funds to get legal stuff done like licenses. So bootstrapping is very limited in that case. Agree that banking system is well developed in PL but for example innovating around equities like stocks is hard to do without being in NYC/London/SF

@meltedblocks why innovations in finance are impossible? funny thing I am a lawyer and I helped co-create first polish electronic payments law, super innovative for bot us and Europe. To this day Poland has one of the most modern banking systems in the world :)

@pawel_rainer @colosseum But bro power nap should not last 3h haha

They have a nap room in @colosseum office🤯 that place is sooooo perfect

@buffalu__ @jtx_trade me

Who wants to test @jtx_trade ?

@armaniferrante hard to move fast and innovate with all this regulatory burden and required funds to operate. But imo you are right there will be place for both type of venues

A lot of fundamental misunderstandings about how regulation works. You can't just slap KYC onto a frontend to comply with laws. If you think that, please ask your friendly neighborhood policy guy in DC. Regulation is about the infrastructure, the liquidity, the market integrity, and the million other details required to operate within the realm of traditional finance. There's a reason why none of the offshore CEXs have gotten access to the USA. It's really hard, and, my guess is that they probably think it's just not worth the time and energy for their business. As crypto goes mainstream, the market will continue to bifurcate. Regulated venues will serve a separate institutional segment than the unregulated venues. Both will be huge, but ultimately they are a separate set of users. The offshore unregulated CEXs will go toe to toe with Hyperliquid. The onshore regulated CEXs will go toe to toe with the TradFi venues. But at this point none of this even matters. Whether you're a Hyperliquid maxi, a Solana maxi, a Binance maxi, or a maxi, the final boss for perps hasn't even reared its head yet. It will soon.

@minnus @Raydium @solana our focus is on high-demand, major equities, regardless of whether their current tokenized equivalents already have deep liquidity

@meltedblocks @Raydium @solana Big stocks makes sense Not for the thousands of long tails

Could @Raydium and @solana AMM pools be coming back into focus? Many tokenized equities should start in the long tail: thin markets are better suited to pools before they become large enough for deep prop AMM quoting. Pools have always had a role in bootstrapping liquidity, and memecoins proved that model at scale. Which was perhaps the test run for tokenized equities. Raydium’s revenue mix is already starting to show tokenized assets becoming a meaningful category.

@r0bre @accretion_xyz yeah of course, just saying that security by obscurity is becoming option worse than ever

@meltedblocks @accretion_xyz Yea its likely. But we won't know for sure

Seems like there's an exploit of Raydiums old AMM v3 program. You can find an exploit transaction in the next message. But all you need to know is in the screenshot. Raydium LP positions mint a position NFT, which allows you to transfer the LP position. To withdraw your LP tokens, you just supply the NFT, it gets burned, and you get your tokens back. The bug seems to be simple: Attacker created a new NFT mint and token account with 1 token. They then withdrew real liquidity with the fake random NFT account. While it seems like no source is available, the bug is clear. The code didn't check that the NFT mint and the token it's burning are actually real position NFT mints. Just a missing account check, $1.5m gone, but will be repaid from the treasury it seems. Just the day that claude fable dropped. coincidence?

most probably how it was discovered: 1) program is closed source. 2) no one take a effort to decompile it by hand before, no one cared for "only" 1.34M 3) new AI models can easily decompile and run harness like smart fuzzing 4) no or weak check for LP mint was discovered 5) exploit

Anthropic is pushing me to be Robin Hood. Break the rules and bypass their terms for good cause. I help secure a crypto protocol with $120M+ in TVL. We are not large enough to be on every AI security whitelist, but we are definitely large enough to care if models like Mythos make vulnerability discovery faster and cheaper. And this is where it gets strange. The strongest cyber capabilities are gated, filtered, or partially routed away. I understand why. Nobody wants to hand attackers better exploit tooling. But attackers will obviously try to bypass those limits. So what should defenders do? Follow the rules and accept weaker tooling? Or test the real limits of the system, because that is exactly what attackers will do anyway? Or do you believe in their moral compass? That feels backwards. Defenders should not have to fight the attacker, the model restrictions, and the ToS at the same time. And there is another problem: cost. For an attacker, one good run can be enough. One bug. One exploit path. One protocol with money sitting in contracts. For a protocol, defense is not one run. It is every release, every dependency update, every new integration, every small change touching user funds. So if the best AI security tooling becomes gated or extremely expensive, the economics get very weird. Attackers only need to be right once. Defenders need to be right every day. In normal software, that asymmetry is already uncomfortable. In crypto, it is brutal. Because here, a bug is not just a bug. It is live money and instant loss.