0xbepresent

Stablecoins are becoming a significant absorber of US debt. They mint stable, buy US debt with your dollars, pocket the 4-5 % yield, give you zero, and in the process become a huge, price-insensitive buyer of US debt pushing bill yields down and the dollar up. Bitcoin was created by US gov to save his economy.

When a single private key can drain the protocol by design - it's probably not DeFi, it's CeDeFi. And that's ok, but it requires DevOps being very well organized. I prefer building real DeFi

Your brain is under attack by a trillion dollar adversary intent on destroying it. This is your David vs Goliath. Resist the algorithm.

[ DOOMER ] AFTER IRAN, THE US WILL SHIFT ITS FOCUS TO REGIME CHANGE IN THE ETHEREUM FOUNDATION, “WE’VE HAD ENOUGH OF THESE COMMUNISTS,” SAYS DONALD TRUMP: TRUTH SOCIAL

Thinking more about that deterministic tools + AI bridge... If AI can reach high confidence on bugs by cross-verifying with tools like CodeQL (querying code paths precisely, no hallucinations), why not speed up judging in audit contests? Attack vector hypothesis → AI runs CodeQL queries + maybe generates/runs PoC tests → flags/validates issues faster. Human judges focus on edge cases & severity debates instead of initial triage. Could make contests way more efficient (fewer duplicates, quicker payouts). Built a tiny prototype with Ouroborus and it already feels promising. x.com/0xbepresent/st…

Been vibecoding lately and it's honestly changing how I see smart contract audit. What if we built better bridges between deterministic tools (like Slither) and AI? Created a quick CLI called Ouroborus that pipes Slither findings → AI verification (using CodeQL to double-check issues in the code). Super basic, but context engineering + focused inputs = way less hallucination and sharper focus. Built the whole thing in ~2 days and cool... hacking just got even more interesting and fun. #example-output-with-codeql--function-tree-deterministic-lookup" target="_blank" rel="nofollow noopener">github.com/0xbepresent/ou…

@muellerberndt @Reddit Your theory involves NPCs right?

I'm trying to keep a positive attitude. But the people in @Reddit subs like /r/HypotheticalPhysics are something else. Even spoon-feeding the theory doesn't help. They immediately enter an aggressive mocking frenzy. One guy literally called me "a little baby who has its first psychosis", shortly before I got banned from the sub. I recommend avoiding those subs. Don't post your ideas there, you will NOT get anything useful out oi it.

"There will even be people who continue to defend the system; most aren't ready to be unplugged." x.com/i/status/20186…

The Theory-of-Everything is finally here. Exit the matrix today.

My ClawdBot has HackerOne access now and he sends me money from his adventures. 🤑🤑🤑

Being a hacker is a lifestyle. Everything can get hacked. Hack it first. Disclose the vulnerability safely and ethically. Move on to the next. Hack things for a living, it's the sh*t🫡

@gammichan Where is the other "imploding" part?

It's this simple imo

The best way to audit is to build a "mental interpreter" of the entire codebase so you can run it in your head. It can take weeks. But then the bugs start falling out automatically. You might wake up in the morning with a new bug in mind.

now tell them jeffrey epstein is satoshi nakamoto

Balancer ComposableStablePool was drained in a series of batchSwaps almost a week ago. Plenty of short writeups popped up — most miss the root cause or lack details. We wanted to figure it out and we wrote a full deep-dive along the way: blog.unvariant.io/balancer-hack-…

You’re hiding stable coins under your floorboards aren’t you

Markets about to discover that the cheapest supercomputer runs on food + sleep. AI valuation reset incoming. x.com/StockSavvyShay…

Well boys, think I figured out (part of) the scam, and it is a doozy. Strap in. TLDR: Stream (xUSD) and Elixir (deUSD), and likely more, are recursively minting each other tokens in order to inflate there own TVL and create a ponzu the likes of which we haven't seen for awhile in crypto. NOTE: In the name of readability and due to X restrictions all txn hashes and addresses will be posted in a follow up tweet for those that wish to follow along themselves. We start our journey on mainnet, watching the flow of USDC funds that have just landed in the Stream xUSD wallet last night. 0x15 - First step is to transfer the USDC out to another Stream controlled address 0x33, in this case to the tune of $4.4m. - 0x33 places a cow swap order to buy USDT, which is paid out to 0x25. - 0x25 takes that USDT and uses it to mint the equivalent amount of deUSD from their on chain minter 0x69 - 0x25 then transfers the deUSD back to 0x33 which in turn transfers it back to the main Stream wallet 0x15. - Stream then takes that deUSD and bridges to AVAX, World chain or any other L2 that has lending markets listing sdeUSD, uses it as collateral to borrow other stables such as USDT or AUSD, swaps to USDC and bridge back to mainnet. This is repeated one or two more times with varying amounts and lending markets, but the end state is Stream mints deUSD, uses that as collateral to borrow stables and mints more. Yesterday they did 3 rounds to mint about 10m deUSD. While degenerate yes, not inherently scammy. Enter Part 2 Usually when leverage looping, the last txn is just to supply the last amount as collateral. But Stream has a special power, which is their wallet receive's all USDC used to mint their "stable" coin xUSD and boy do they use it. So with the final USDC they borrowed they recursively mint their own xUSD coin. Yesterday using the same $1.9m USDC they minted about 14.5m xUSD as shown in the tweet below. This means xUSD is not only not actually backed 1:1 but the protocol itself is the largest holder of the token. It currently controls over 60% of the xUSD in circulation, meaning if we assume all is recursively minted like this then each xUSD is backed by at most $0.40. But for what purpose? Well this is where it gets fun. The main thing to do with xUSD other than hold, is leverage loop it where listed on Euler, Morpho etc. But who would lend millions of stables against a token the protocol just minted out of thin air you ask? 🤔 Well none other than our friends at Elixir who happen to find themselves with an extra $10m newly acquired USDT. 🤯 - Step one is to transfer the $10m USDT to what their "Transparency Dashboard" labels "Elixir's sUSDS Multisig" (lol) 0x73 - Next 0x73 creates a Cow swap order to swap the USDT back to USDC and have it land in 0x1b - 0x1b bridges the $10m USDC to Plume network and then transfers it to a Safe at 0xaF8 - The Elixir Safe then supplies the USDC directly to a Morpho market that lends against, you guessed it xUSD. -This market is hidden from all available morpho UI's and Elixir is the only depositor. There is currently over $70m USDC supplied and >$65m borrowed. - Shortly after each deposit Stream will then come along with its brand new xUSD it minted to itself, borrow the USDC, bridge back to mainnet and we find ourselves back at the start of the story. Funny enough as I was writing this they seem to be kicking off another round starting with another minting of deUSD. While I did not dive fully in yet I would assume most markets that Stream uses to borrow against deUSD are also funded in similar manners, potentially by other partner "stable coins" engaging in the same tactics. It is hard to know for sure how much actual collateral is backing this full system but seems likely to be sub $0.10 per $1. Though what's a bit of leverage when you can each advertise 10-15% TVL growth overnight, just look at this beautiful chart from the Elixir dashboard showing their TVL growing about $60m in just a few weeks. (that amount sounds familiar) The exposure runs rampant through DeFi, not only just holding xUSD or deUSD but depositing into any market or curated vault that lends against them or the other Yield coins that also are at least in part backed by these. Make sure you know where your yield is coming from. Happy Farming.

Three years ago on this date, Nikolai was found washed up on the beach of Puerto Rico under suspicious circumstances. He was a great man, a legendary cypherpunk developer and a friend. His work included MakerDAO (now Sky), Reflexer, Balancer, Dappsys and more. Rest in peace.