ghost 🌳

1.9K posts

ghost 🌳 banner
ghost 🌳

ghost 🌳

@ghost_base_eth

a new beginning || contributor @BasedWestAfrica || @EverybNeedsBase maxi || just exploring the beauty of code || building || prev founder @useQuiver

Bergabung Nisan 2025
226 Mengikuti130 Pengikut
ghost 🌳
ghost 🌳@ghost_base_eth·
@valobikwere details to aid for free also the Hosting provider is flagged for scam related issues so contacting them is a waste
English
0
0
0
21
ghost 🌳
ghost 🌳@ghost_base_eth·
@valobikwere From what I see the server for this is based in Luxmeburg by a French VPS provider and the information of the owner of this redacted all information as regards who he is that owns or registered this so would send a fraud complaint to the host provider if you like would dm the
English
1
0
0
153
Valentine
Valentine@valobikwere·
My American friend got scammed $150k by a crypto Ponzi scheme named Brightway Investment Group. We’ve been trying to find out who’s behind it. If you know who is, she’s willing to give 10M naira to uncover and recover her money.
English
15
4
51
6.5K
ghost 🌳 me-retweet
Samuel Tuoyo
Samuel Tuoyo@TuoyoS26091·
Yo chat, so today I implemented a free trial subscription system with Paystack, and it was actually a fun engineering problem to solve. Natively, Paystack doesn't support trials the way Stripe does out of the box. Stripe lets you just set a trial period and it handles everything. But paystack.. i'm on my own So here's the approach I went with: When a user starts a trial, I charge their card NGN 50 just to verify and authorize it, then immediately call Paystack's refund API to return that NGN 50 back to them. This way I have their authorization_code stored, which is basically a token that lets me charge that card again in the future without them being present. After 14 days, a BullMQ background job fires and uses that authorization_code to charge the full subscription amount silently. If the charge fails, it retries at day 1, day 3, and day 5 before finally canceling and downgrading the account to free. I also worked on: > Reminder emails at 3 days and 1 day before trial ends > A daily cron job as a backup in case the queue misses anything > Full idempotency so users can't get double charged trial_eligible flag so once you cancel a trial, you go straight to paid next time, no second trial The whole thing runs on Node.js, MySQL using Docker compose, BullMQ, Redis, and Nodemailer. Cool stuff fr.
Samuel Tuoyo tweet mediaSamuel Tuoyo tweet mediaSamuel Tuoyo tweet mediaSamuel Tuoyo tweet media
English
27
31
361
11.1K
ghost 🌳
ghost 🌳@ghost_base_eth·
At this point a security researcher should look into maths libraries for exploits cause that seems to be the trend now.
DBCrypto@DBCrypt0

The Rhea Finance hack wasn't $7.6M It was $18.4M… Their own incident report says so, more than double what circulated publicly The attacker didn't need genius-level skills. They read the code and found a math error. Burrow Protocol's margin trading feature has a flaw in margin_trading.rs line 102. When calculating slippage protection, it sums up min_amount_out values across multi-step swaps Seems logical until you realize that when one step's output becomes the next step's input, that token gets counted twice 😬 Someone found it and built a custom swap router to exploit it Then borrowed real assets, routed them through 8 fake token pools on Ref Finance at manipulated prices, and the slippage check passed The protocol got almost nothing back $18.4M drained in 80 minutes on April 16 The setup started April 13. 2+ days of prep work 423 intermediary wallets The attacker seeded 8 fake trading pools with liquidity at artificial prices and they deleted 55 wallets within seconds after execution All traceable to one Subject Wallet Tether froze $3.29M. NEAR Intents froze another $1.05M. The attacker returned ~$4.9M. Net loss? Still $10M+ unrecovered. Two questions no one's answering: Why did Ref Finance let anyone seed pools at manipulated prices without validation? Why did 423 wallets operating over 48 hours not trigger one alert from Burrow's monitoring? The breadcrumbs were all there and visible Burrow's team missed a 2-day, 423-wallet operation happening in broad daylight

English
0
0
1
38
ghost 🌳
ghost 🌳@ghost_base_eth·
So tommorrow start dropping stuff on Data Structures and Algorithm.
English
0
0
0
16
Victor || Backend Dev
Victor || Backend Dev@EnyitheDev·
@ossynoya A full stack developer but with more experience or higher preference in backend development. Every Fullstack developer has the one they prefer between front and backend sha
English
1
0
1
455
ghost 🌳
ghost 🌳@ghost_base_eth·
@Akintola_steve Hmmm how does when a new update occurs we just hit the db first then re cache so the first user get the new prices then every user after get the cached new price
English
0
0
0
176
Akintola Steve
Akintola Steve@Akintola_steve·
An e-commerce platform cached product prices with Redis to stay fast under heavy traffic. Traffic scaled. Everything looked fine… until prices changed. The database updated instantly, but Redis kept serving old prices. Users were seeing ₦15k for items that were already ₦25k. Orders kept coming in at the wrong price. Money was literally leaking, and they didn’t catch it early. So here’s the real question: How do you handle stale data when using Redis, especially when correctness matters more than speed?
English
17
3
61
4.1K
ghost 🌳 me-retweet
Buildwithdudu
Buildwithdudu@buildwithdudu·
We need to raise the standard of our democracy. If you have any criminal record you can't vote or be voted for, if you have a history of substance abuse you must be cleared by a doctor or you can't vote or be voted for. And we should peg SSCE as the minimum requirement to vote. The Ministry of Education needs to invest heavily in civic education. From JSS1 to SS3, make it compulsory, practical, and tested beyond exams. People need to understand the power of their vote and how to protect their rights.
Oyindamola🙄@dammiedammie35

“Just give us food, if you give us food, we’ll vote for APC, I want to chop out of the money too and Tinubu will use 12 years” Just take a look at this mess bruh !! See who these people Dey sign 💔💔

English
35
253
735
26.9K
ghost 🌳
ghost 🌳@ghost_base_eth·
@kirawontmiss sure keep the man away from his children then call him absent
English
0
0
0
21
kira 👾
kira 👾@kirawontmiss·
this is messed up…
kira 👾 tweet media
English
2.9K
1.6K
46.6K
3.7M
ghost 🌳 me-retweet
5FITCEO
5FITCEO@5FITCEO·
Stop keeping friends that do not believe in God. Everything is not cruise Everything is not money. Someday, you may need to put a call through to a friend and say "my faith can't carry me, please pray for me", and your Opoor!! Opoor!!! group go loose guard on you.
English
0
4
18
310
ghost 🌳 me-retweet
Tevin Macharia Mukabana
Tevin Macharia Mukabana@TevinMacharia·
What are your thoughts on this ?
Tevin Macharia Mukabana tweet media
English
5
25
199
5.1K
Lee | 33Labs
Lee | 33Labs@33audits·
this is a crazy outcome, 15 days ago these guys posted a sick joke on twitter about how they're unhackable i retweeted it and said i give it six months before they get hacked they doubled down and said they give me six months (whatever that meant) and now we're here. i never shame projects when they get hacked, that's distasteful, as its the users that are at the greatest loss but i'll say this loud and clear web3 has a way of humbling you if you dont practice humility yourself this industry humbles everyone eventually. better to stay humble on purpose than get humbled by force.
Hyperbridge@hyperbridge

An update on the April 13 Hyperbridge Token Gateway exploit. Our initial loss estimate of approximately $237K has been revised upward to approximately $2.5M, with most of the increase reflecting losses from incentive pools across Ethereum, Base, BNB Chain, and Arbitrum.

English
1
11
95
6K
Mijo.sui
Mijo.sui@onlyonemijo·
@ghost_base_eth I feel like most of these hacks are insider jobs. And it looks like it's "hack season", so they found the best time to strike
English
1
0
0
23
ghost 🌳
ghost 🌳@ghost_base_eth·
There is a good chance Claude mythos has being leaked cause what is up with these hacks.
Vadim (AI, ⋈)@zacodil

NEAR DeFi protocol Rhea Finance exploited for at least ~$7.6M according to CertiK. Stolen assets include USDC, USDT, ZEC, and NEAR. Withdrawals are currently paused. The attack vector: fake token contracts with fresh liquidity pools that likely misled the oracle and validation layer. If you have funds on @rhea_finance - monitor the situation, withdrawals are halted for now.

English
1
0
1
66
ghost 🌳
ghost 🌳@ghost_base_eth·
@onlyonemijo Guy it is the rep damage it has caused being that hyperbridge is like one of the best products from Africa
English
1
0
1
19
Mijo.sui
Mijo.sui@onlyonemijo·
@ghost_base_eth It's hurts knowing, it's a big protocol from Nigeria. But I love seeing that Seun guy Ego being crushed
English
1
0
1
20

Jelajahi

@valobikwere @EnyitheDev @ossynoya @Akintola_steve @OpenAI @AniketRaj314 @gabrielchua @yashrajnayak