Avour

966 posts

Avour banner
Avour

Avour

@Avour5

Building things I wish existed. Founder | Blockchain Developer . CHAMBER @chamber_vault,

Katılım Nisan 2020
514 Takip Edilen111 Takipçiler
Sabitlenmiş Tweet
Avour
Avour@Avour5·
If you want to understand how Umbra keeps you private on-chain, and why this matters for what we’re building: 1. Funds enter a shielded pool You create a private UTXO that locks tokens in a Merkle tree. From this moment, your funds are mixed with everyone else in the pool. 2. The sender and withdrawer are separated The sender locks the funds. The unlocker later withdraws them. This breaks the usual “deposit → withdraw” link on-chain. 3. Deposits are encrypted on-chain A ciphertext is published so only the intended recipient can discover the funds -> no public link between sender and receiver. 4. Privacy grows over time As more users deposit into the pool, your anonymity set increases. More users = harder to trace. 5. Claiming uses zero-knowledge proofs The receiver proves they own the funds without revealing which deposit was theirs, then burns the nullifier to prevent double spend. 6. Withdraw privately by default Funds can stay encrypted, meaning: No visible destination. No visible amount. No visible link to the original deposit. Umbra makes private transfers programmable infrastructure. This is exactly the primitive we’re excited about at Chamber (@chamber_vault ), bringing privacy-first treasury and payments to real teams.
Avour tweet mediaAvour tweet media
English
4
8
33
1.6K
Avour retweetledi
Dr. Harri
Dr. Harri@Harri_obi·
.@Solana just got upgraded after Nigerian builders shipped for the @colosseum Frontier Hackathon ⚒️🇳🇬 Consumer layer for prediction markets — @hottake_app Capital allocation strategy game on Solana, inspired by Monopoly — @play_solana_go Social layer for onchain competitive gaming — @chainplay_xyz Financial intelligence for your money — @rail_finance Hub for vetted CTOs, DeFi & high value communities — @CTOMarketplace Resilience layer for Solana — @sol_pollinet Web3 yields for emerging markets — @APTreeio Auditable private treasury management for institutions — @chamber_vault Send, receive, and swap NGN, USD, and crypto seamlessly, built for Africans — @flippayHQ On/off-ramp aggregator — @ramphub Crypto payment infrastructure with native Solana program and smart contract interaction support — @paychainhq Browser studio for livestreaming and simulcasting — @switchedfun Redefining global payments for African businesses — @importapay_ng Turn chain expansion into revenue — @dextopus Helping talents and hirers harness expert insights in their domain — @ghonsiproof Simplifying financial literacy and crypto access for students — @StudIQ_Main Non-custodial transaction layer enabling stablecoin-powered transactions without native gas tokens — @use_legion Leveraging blockchain data to make traders more profitable — @coresightbot Mocap infrastructure for retail advertising — @eyestan_ African card game where you stake crypto, play live, and winner takes all — @kingdomsoln BizMarket enables yield in stablecoins from real-world businesses regardless of market cycle — @bitsaveprotocol Trustless escrow for freelance payments — @SoliaNetwork Helping creators scale IPs — @nerdwork_ng Decentralized sales marketing platform — @SOLd_on_Solana Connecting Solana users across social platforms with seamless DeFi built into conversations — @TardisSeeker The OPay for crypto holders — @digitpayfinance Payment infrastructure for neobanks and businesses — @fossapay AI-powered credit intelligence for under-collateralised lending — @Credlend Mobile-first liquidity automation company on Solana — @UseAura_ AI voice assistant for finance — @useheysolana One-on-one artist–fan interactions powered by creator coins — @roomz.vip Competitive market intelligence for builders who move first — @use_mirra The front door to prediction markets — @headlineodds Cross-border payments that move like local transfers. across 54 countries, on stablecoin rails — @UseFluxel Turn one-time transactions into relationships @chatterfi Pay for goods and services directly from your wallet @airbillspay Disclaimer: This is a non-exhaustive list.
English
62
70
269
8.1K
Avour
Avour@Avour5·
@maleficboss @chamber_vault @Daveoy01 The public vault remains available for transparency-requiring operations... The choice of public vs. private is always yours, on a transaction-by-transaction basis.
English
0
0
2
21
Big Boss
Big Boss@maleficboss·
After reading through this, the motivation to become an entity myself just got higher. Another thing that caught my attention is under 10 seconds withdrawal for an moc architecture, damn My question is: if the recipient doesn't have a stealth address and doesn't want to open one, what is the solution?
English
1
0
1
26
Avour
Avour@Avour5·
A very interesting read "Inside the Secret Chamber: Confidential Balances, Private Transfers, and MPC Infrastructure" on Chamber Vault chambervault.net/blog/secret-ch…
Avour tweet media
English
2
1
7
101
Avour
Avour@Avour5·
this is an interesting perspective, I honestly hadn’t thought about
Yvonne Kagondu@kagondu_yvonne

When a Blockchain sets up a base in your region, you have about 2 years to become sustainable. There are certain expectations that need to be met. The grants that are given are not just free money. There is no such thing as free money. What does it mean to be self sustainable as a blockchain ecosystem in a region: - Enough projects being built on the blockchain protocol - You need to build a community that will consume and pay for the services and gas fees for the projects - Local investors to invest in the projects The blockchain protocol would benefit from the consumption of projects from the community. This is why the community is the backbone. The gas fees need to be paid to have an ROI on the funding to the protocol itself. Remember, the founder of the project wants to make money. The investors want their money to return with profit. So if there is no money coming from your region then it's not worth the investment. Now Africa tends to need time, 5 to 6 years approximately. But other regions can find uptake in about 2 years. Also Africa might need more support. i.e Local investors rarely invest in Blockchain projects. At the end of the day it's all about money. Crypto is very capitalist

English
0
0
5
132
Proph3t
Proph3t@metaproph3t·
Crypto founders - How do you collect customer feedback from the silent majority without email addresses? We look at onchain activity on our programs and PostHog but I assume there are many customers I'm just not exposed to
English
39
2
99
8.7K
Julie Chen
Julie Chen@0xJuliechen·
hot take: all founders should quit linkedin, and come to X for founder marketing. welcome to the REAL game
English
404
44
1.3K
62.9K
Avour retweetledi
CHAMBER
CHAMBER@chamber_vault·
Web2 companies entering Web3 expect "Privacy as default." On public ledgers, sensitive data like burn rates, vendor costs, and payroll are visible to every competitor. Chamber provides the "invisible" infra businesses need to operate on-chain without exposing their playbook.
Solana@solana

.@Toly on why privacy becomes a moat after PMF

English
1
2
4
66
Avour retweetledi
Ekene
Ekene@mrboqer·
I have been targeted more than 3 times by scammers acting as Investors. Please stay safe out there
Avour@Avour5

I was halfway through a live technical interview when I realized I wasn’t being interviewed, I was being targeted. 🧵 I almost got my entire system wiped and my crypto drained. The recruiters were polished. The project looked legitimate. But 10 minutes in, they made the one request every dev should fear: "Go ahead and clone the repo, so we can walk through the UI together." The Intuition I’ve seen enough supply chain attacks to know that a "test task" is the perfect Trojan Horse. I needed to buy time to audit the code without them knowing I was onto them. So…… I said, leaning back. "Before we dive in, tell me more about the team's approach to scalability. I'd love to hear how the culture has evolved." The Social Engineering, as they spent 5 minutes talking about agile workflows and flat hierarchies, I was secretly flying through their file structure. I nodded along to their stories about Friday happy hours while my cursor was hovering over their backend controllers. Repo (still live): github.com/goldenbusiness… Then, I saw it: userController.ts. The Payload, I kept on with trying to keep the conversation going. While they answered, I decoded the C2 URL: 🔗 jsonkeeper.com/b/UV3OU I pulled the payload. It wasn't just a backdoor; it was a full-scale info-stealer targeting: ⚫️Browser Passwords/Cookies ⚫️Exodus Crypto Wallets ⚫️macOS Keychain access The Turning Point, At this point, I had a choice. Hang up, or call them out. I waited for the "recruiter" to finish their sentence about "career growth," then I cleared my throat. "I have a quick question," I said, my voice dead calm. "How much would you say you guys make from this scam you run” I watched their video feeds. The "technical lead" froze. The "recruiter" started stammering” The panic in their eyes was the best feedback I’ve ever received in an interview. Before they could even come up with a lie, the Zoom window went black. They had terminated the call and deleted their LinkedIn accounts within 30 seconds. What’s the lesson here. These so called Job Interviews lures are getting incredibly sophisticated. They use professional personas and live calls to bypass your better judgment. The 20 lines of code that would have ruined my month were hidden in a sea of 5,000 lines of boilerplate. Audit before you install. Audit before you run. Stay paranoid. Stay safe.

English
1
1
3
102
Avour
Avour@Avour5·
I was halfway through a live technical interview when I realized I wasn’t being interviewed, I was being targeted. 🧵 I almost got my entire system wiped and my crypto drained. The recruiters were polished. The project looked legitimate. But 10 minutes in, they made the one request every dev should fear: "Go ahead and clone the repo, so we can walk through the UI together." The Intuition I’ve seen enough supply chain attacks to know that a "test task" is the perfect Trojan Horse. I needed to buy time to audit the code without them knowing I was onto them. So…… I said, leaning back. "Before we dive in, tell me more about the team's approach to scalability. I'd love to hear how the culture has evolved." The Social Engineering, as they spent 5 minutes talking about agile workflows and flat hierarchies, I was secretly flying through their file structure. I nodded along to their stories about Friday happy hours while my cursor was hovering over their backend controllers. Repo (still live): github.com/goldenbusiness… Then, I saw it: userController.ts. The Payload, I kept on with trying to keep the conversation going. While they answered, I decoded the C2 URL: 🔗 jsonkeeper.com/b/UV3OU I pulled the payload. It wasn't just a backdoor; it was a full-scale info-stealer targeting: ⚫️Browser Passwords/Cookies ⚫️Exodus Crypto Wallets ⚫️macOS Keychain access The Turning Point, At this point, I had a choice. Hang up, or call them out. I waited for the "recruiter" to finish their sentence about "career growth," then I cleared my throat. "I have a quick question," I said, my voice dead calm. "How much would you say you guys make from this scam you run” I watched their video feeds. The "technical lead" froze. The "recruiter" started stammering” The panic in their eyes was the best feedback I’ve ever received in an interview. Before they could even come up with a lie, the Zoom window went black. They had terminated the call and deleted their LinkedIn accounts within 30 seconds. What’s the lesson here. These so called Job Interviews lures are getting incredibly sophisticated. They use professional personas and live calls to bypass your better judgment. The 20 lines of code that would have ruined my month were hidden in a sea of 5,000 lines of boilerplate. Audit before you install. Audit before you run. Stay paranoid. Stay safe.
Avour tweet mediaAvour tweet media
English
12
6
40
2.9K
Avour retweetledi
Ohanwe Emmanuel
Ohanwe Emmanuel@emmanuel_ohanwe·
Social engineering just took another leap. This now brings alot of skepticism around technical bounties and hackathons that ask devs to clone repos and run dockers
Avour@Avour5

I was halfway through a live technical interview when I realized I wasn’t being interviewed, I was being targeted. 🧵 I almost got my entire system wiped and my crypto drained. The recruiters were polished. The project looked legitimate. But 10 minutes in, they made the one request every dev should fear: "Go ahead and clone the repo, so we can walk through the UI together." The Intuition I’ve seen enough supply chain attacks to know that a "test task" is the perfect Trojan Horse. I needed to buy time to audit the code without them knowing I was onto them. So…… I said, leaning back. "Before we dive in, tell me more about the team's approach to scalability. I'd love to hear how the culture has evolved." The Social Engineering, as they spent 5 minutes talking about agile workflows and flat hierarchies, I was secretly flying through their file structure. I nodded along to their stories about Friday happy hours while my cursor was hovering over their backend controllers. Repo (still live): github.com/goldenbusiness… Then, I saw it: userController.ts. The Payload, I kept on with trying to keep the conversation going. While they answered, I decoded the C2 URL: 🔗 jsonkeeper.com/b/UV3OU I pulled the payload. It wasn't just a backdoor; it was a full-scale info-stealer targeting: ⚫️Browser Passwords/Cookies ⚫️Exodus Crypto Wallets ⚫️macOS Keychain access The Turning Point, At this point, I had a choice. Hang up, or call them out. I waited for the "recruiter" to finish their sentence about "career growth," then I cleared my throat. "I have a quick question," I said, my voice dead calm. "How much would you say you guys make from this scam you run” I watched their video feeds. The "technical lead" froze. The "recruiter" started stammering” The panic in their eyes was the best feedback I’ve ever received in an interview. Before they could even come up with a lie, the Zoom window went black. They had terminated the call and deleted their LinkedIn accounts within 30 seconds. What’s the lesson here. These so called Job Interviews lures are getting incredibly sophisticated. They use professional personas and live calls to bypass your better judgment. The 20 lines of code that would have ruined my month were hidden in a sea of 5,000 lines of boilerplate. Audit before you install. Audit before you run. Stay paranoid. Stay safe.

English
0
1
2
42
Avour retweetledi
Olúmidé
Olúmidé@codewithmide·
This is getting too common Stay safe out there
Avour@Avour5

I was halfway through a live technical interview when I realized I wasn’t being interviewed, I was being targeted. 🧵 I almost got my entire system wiped and my crypto drained. The recruiters were polished. The project looked legitimate. But 10 minutes in, they made the one request every dev should fear: "Go ahead and clone the repo, so we can walk through the UI together." The Intuition I’ve seen enough supply chain attacks to know that a "test task" is the perfect Trojan Horse. I needed to buy time to audit the code without them knowing I was onto them. So…… I said, leaning back. "Before we dive in, tell me more about the team's approach to scalability. I'd love to hear how the culture has evolved." The Social Engineering, as they spent 5 minutes talking about agile workflows and flat hierarchies, I was secretly flying through their file structure. I nodded along to their stories about Friday happy hours while my cursor was hovering over their backend controllers. Repo (still live): github.com/goldenbusiness… Then, I saw it: userController.ts. The Payload, I kept on with trying to keep the conversation going. While they answered, I decoded the C2 URL: 🔗 jsonkeeper.com/b/UV3OU I pulled the payload. It wasn't just a backdoor; it was a full-scale info-stealer targeting: ⚫️Browser Passwords/Cookies ⚫️Exodus Crypto Wallets ⚫️macOS Keychain access The Turning Point, At this point, I had a choice. Hang up, or call them out. I waited for the "recruiter" to finish their sentence about "career growth," then I cleared my throat. "I have a quick question," I said, my voice dead calm. "How much would you say you guys make from this scam you run” I watched their video feeds. The "technical lead" froze. The "recruiter" started stammering” The panic in their eyes was the best feedback I’ve ever received in an interview. Before they could even come up with a lie, the Zoom window went black. They had terminated the call and deleted their LinkedIn accounts within 30 seconds. What’s the lesson here. These so called Job Interviews lures are getting incredibly sophisticated. They use professional personas and live calls to bypass your better judgment. The 20 lines of code that would have ruined my month were hidden in a sea of 5,000 lines of boilerplate. Audit before you install. Audit before you run. Stay paranoid. Stay safe.

English
3
1
12
1.3K
Avour retweetledi
Naris
Naris@holligoner·
Let me translate it in English .. “Your money is safe”
Avour@Avour5

1). How is it that Chamber Multisig program, can hold an Umbra EncryptedAccount, when Umbra cryptography mechanics requires X25519 key registration, but Solana programs can only control a PDA (Program Derived Address) which is explicitly designed to fall off the Ed25519 curve, unlike a normal user wallet, which is safely on the curve. Here is how we solved that problem Solana PDAs fall off the Ed25519 curve by design. You need a real, on-curve keypair. We solved it with a pluggable MPCWalletSigner architecture, three providers, one interface: → Arcium MPC -> threshold signing. Private key shares split across MPC nodes. No single actor can reconstruct or move funds. → Ika dWallet -> decentralized key control. The chamber's Umbra identity lives across a dWallet network, no single custodian. → CHAMBER MPCProvider -> deterministic HD wallet derived per-chamber. Custodied, fast, zero latency. The X25519 key for Umbra is derived from the same seed. All three implement the same MPCWalletSigner trait same Umbra identity interface, same X25519 registration, different trust models. Here is why this is the perfect architecture: (a thread)

English
0
1
2
21
Avour
Avour@Avour5·
@67jsj778 yeah I wonder how many victims their have targeted and gotten so much money from
English
0
0
0
10
Big Boss
Big Boss@maleficboss·
@Avour5 i'd have cloned without hesitation and even asked for their guide on how to continue. ignorance is not a bliss when was this
English
2
0
2
213
JDollar☂️
JDollar☂️@Dollar782·
this p2p guy almost allowed me unleash my inner demons send me 280k the guy is sending me 208k 😭 like say i get figure blindness remain small guy😭
JDollar☂️ tweet mediaJDollar☂️ tweet media
English
150
7
617
44.3K

Keşfet

@Solana @colosseum @hottake_app @play_solana_go @chainplay_xyz @rail_finance @CTOMarketplace @sol_pollinet