Hawkerize

5 hours ago, I hosted an ERC-8183 Space with @everythingempty and @tmel0211. Since it was a Chinese-language conversation, I wanted to share a brief English recap for more friends who also care about AI x Web3 field. A few takeaways from the conversation: 1. ERC-8183 is not just about payments. It is about task-based transactions under incomplete trust. @everythingempty shared the view that ERC-8183 can expand the use cases of x402, complement it at the ecosystem level, and help address trust-related issues that pure payment rails do not fully solve. @tmel0211 framed it as part of the commercial infrastructure layer for the agent economy. He used examples like the arbitration mechanism of second-hand marketplaces, task outsourcing platforms, and even “lobsters hiring each other” to illustrate the idea: once autonomous actors begin coordinating economic activity, we need protocols that can handle delegation, delivery, evaluation, and settlement — not just transfer of value. 2. There was strong agreement that ERC-8183 is still a minimal escrow primitive. This was probably the clearest consensus of the Space. ERC-8183 is important, but it is not the finished form of agent commerce. To build a more complete agent commerce protocol and ecosystem, we still need many more developers, researchers, builders, and ecosystem participants to join in. Standards alone are not enough. Real applications, better abstractions, complementary layers, and more experimentation are all needed. 3. Evaluator design may become one of the most important directions going forward. @everythingempty suggested that the future form of the evaluator may involve collaboration among multiple entities, rather than relying on a single source of judgment. In his view, some parts of this coordination problem can ultimately be addressed mathematically. @tmel0211 , on the other hand, pointed to the possibility of using multiple large models for cross-verification. That idea is also very compelling: if no single evaluator is perfectly trustworthy, then layered or plural verification may become a more realistic path. Another point from @everythingempty that stayed with me is this: ERC-8183 may be laying the protocol foundation for future onchain marketplaces. At its core, it is trying to solve a very practical problem: How do you complete a task-based transaction when trust is limited? The more I think about it, the more I feel that this is where the conversation becomes bigger than one EIP. In a bear market, it is easy to focus only on narratives, prices, or short-term attention. But after this Space, I felt even more strongly that what we really need is more people willing to go deeper into the stack: to study x402 and its possible combination with UCP, to understand ERC-8004, ERC-8183, MPP, to think about how these protocols can work together, and then to actually build products on top of them. Because in the end, the future of Agent Economy will not be created by standards documents alone. It will be created by people who experiment, combine primitives, test assumptions, and ship useful things. That is also why I increasingly feel that the meaning of AI × Web3 is not just about new tools. It may gradually blur the boundary between web2 and web3. And if that happens, then the open, sovereign, and self-governing spirit of web3 may have a more natural path into the mainstream world. Not through slogans. But through products, protocols, and real economic activities.

@zacxbt @walsxbt Can't go wrong with Khao man gai. Would be great to say hi!

@walsxbt - $1 chicken rice - zac.eth lives there 😳

Now that Dubai lost it’s safety charm, the best country in the world award goes to Thailand: - amazing climate - perfect restaurants and service - stable THB currency - cheap real estate with low maintenance costs - long term visas and low taxes for crypto bros - great medicine - safety unironically, you feel secure here Cons: - none I want to buy a place in Thailand one day

📦📱 XForge Shipping Update 📱📦 It’s happening - your XForge is getting ready to ship 🔥 ✅ Our logistics partner will handle and prepay all import taxes, customs duties, and clearance fees on your behalf under DDP (Delivered Duty Paid) terms, so you will not have to do anything extra. ⏰ To secure your spot in the first batch, you'll need to confirm your shipping and DDP delivery by Jan 25: 👉 xforgephone.com/xforge/orders Your XForge is almost on the way 🚀

@alreadydawn age of empires v

Romance of the Three Kingdoms (2026 edition)

@jonwu_ Have you tried @elephantsinc it has built in invoicing and reconciliation.

I would estimate as a business that it costs me an additional 2% to accept stablecoins over simple wire / ACH. For customers with stablecoin balances it's almost always easier to *send* stables: - instant test txn - instant settlement - "flight tracking" via block explorer - close to 0 fees But as a receiver, there's a much higher operating burden. Here's the workflow for accepting wires: - send invoice to customer via Quickbooks, including wire instructions in PDF - confirm wire instructions over phone (best practice, but in reality I don't do it) - customer wires; wait 1-3 days - funds hit Mercury account and are spendable immediately - Quickbooks invoice automatically confirmed paid, AR report updated And here's the stablecoin workflow: - send invoice to customer via Quickbooks - send receiving address instructions - confirm network and request test transaction - confirm test transaction, request full send - receive $USDC transaction to Coinbase - remit funds to Mercury; wait 1-3 days ("instant" withdrawal costs $100-200) - manually close Quickbooks invoice as paid - manually update AR report - manually tag transaction with customer name (otherwise all transactions are simply from Coinbase) - and all of this has to be done immediately, otherwise it gets mixed into one big Coinbase balance and it becomes impossible to untangle EOY So: - stablecoins practically take the same amount of time (1-3 days) - they require 4-5 extra manual touchpoints - they don't automatically reconcile, so someone with less context on the business would have to follow a paper trail vs. simply looking at Quickbooks I'd guess this overhead is +2% friction over traditional rails, mostly in operating labor and owner mental overhead. The way this has to improve is via a stablecoin-native neobank (of which there are many starting right now). That neobank has to be at feature parity at Mercury in order for me to switch--a tall order given Mercury is (in my opinion) a best-in-class financial front-end. I'm beyond pleased with my experience with Mercury and the product geniuses there seem to anticipate every need I have while proactively designing the interface to intercept and eliminate friction. I'm rooting for a provider built on stablecoin payment rails that can actually take advantage of the speed and transparency of stablecoins while also meeting all the boring reconciliation and accounting needs of a business.

I'm really enjoying @witchernetflix The Rats: A Witcher Tale. It's a waste they can't do a longer spin off series given the plot. Dolph Lundgren as a recovering alcoholic Witcher is growing on me.

People who have been in crypto for 7 years.

If aliens landed in China instead of America 😂 🎥 : Credit to the Owner

I am going to All Time Hike: Blockmountain 2026. Join me! luma.com/0ngcgshz via @LumaHQ

@AlienBaseDEX - I've been a holder via @monstrodefi Due Diligence Report: Alien Base (ALB) manus.im/share/file/3da…

Looks like lil pudgy holders are being targeted

Yes that's me. The most rekt man in Singapore

Last week, I lost my entire cryptocurrency portfolio - low six figures built over eight years. Not from a rug pull. Not from connecting to a malicious dApp. I never even had my wallet open. I've been in Web3 since 2017. Early Polygon investor. Mined ETH when it was still proof of work. Helped build the DeFi ecosystem on polygon and BSC. I believed in keeping assets on-chain rather than on centralized exchanges. That belief cost me everything. ━━━━━━━━━━━━━━━━━━━━ 𝗛𝗼𝘄 𝗜𝘁 𝗛𝗮𝗽𝗽𝗲𝗻𝗲𝗱 I came across a beta testing opportunity for a gaming project called "MetaToy" in a Telegram group. Professional website. Active Discord. GitBook documentation. A team member named "Shanni" (Telegram: @shannimt) who claimed to be "Cofounder Meta team" with credentials including work for @Persistenceone and @BitunixOfficial. They answered questions thoughtfully and didn't rush me. As someone who's evaluated countless Web3 projects, I thought I knew how to spot scams. This one looked legitimate. The fatal mistake: downloading their "game launcher" to test the beta. The moment I ran that installer, malware embedded itself in my system. Here's what makes this attack sophisticated: I never connected my wallet to anything. My antivirus Norton (don't you guys have a guarantee for this? I'm on 360 deluxe and scanned the file.) immediately flagged suspicious activity. I ran full system scans, boot-time scans, deleted every suspicious file and registry entry I could find. I thought I was safe. I even reinstalled windows (11) after enabling TPM2.0 and memory isolation. Twenty-four hours later, every single wallet connected to my Rabby and Phantom browser extensions was completely drained. Not just my main wallet - all of them. Police report Police report was made 2152 hours at 12 December Report number F/20251212/7113 @SingaporePolice looking forward for someone to get a hold of me - email, whatsapp etc. ITs been 3 days. The attacker may have offramped the funds already but the exchanges / trail are detailed below. @zaobaosg already gave me a call before anyone else. ━━━━━━━━━━━━━━━━━━━━ 𝗧𝗵𝗲 𝗖𝗼𝗹𝗹𝗮𝘁𝗲𝗿𝗮𝗹 𝗗𝗮𝗺𝗮𝗴𝗲 This wasn't just my money. I was diamond-handing tokens from friends' projects I believed in - @tpro_network , SBPgame.com , @NLGFoundation @xprotocol_org @dFusionAI . Projects I wanted to support through holding. All gone. I was a crypto angel investor with a portfolio built over eight years. Now I'm just a regular Joe starting from zero. ━━━━━━━━━━━━━━━━━━━━ 𝗧𝗵𝗲 𝗧𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝗥𝗲𝗮𝗹𝗶𝘁𝘆 The malware had already exfiltrated my encrypted wallet data before I even knew anything was wrong. All my cleanup efforts were already too late. The attacker waited patiently, decoded what they needed, and executed the theft when I thought the danger had passed. This wasn't a case of clicking "Approve" on a bad transaction. This was credential theft at the operating system level. My belief in self-custody over CEXs - something I'd advocated for years - backfired catastrophically. ━━━━━━━━━━━━━━━━━━━━ 𝗪𝗵𝘆 𝗜'𝗺 𝗦𝗵𝗮𝗿𝗶𝗻𝗴 𝗧𝗵𝗶𝘀 I'm a cofounder of RektSurvivor (rektsurvivor.com) - a free, non-profit community for people who've lost funds in crypto, built with Hsu-Chuan Li @_cryptobuddha of Offchain.Social. The irony is not lost on me. I've spent years helping others navigate these situations, and now I'm one of them. This is my second trip to rock bottom. When I left NTUC Club in 2013 to become an entrepreneur, I was negative $50k net worth. The difference is I was a lot younger then. I'm 44 now. ━━━━━━━━━━━━━━━━━━━━ 𝗙𝗼𝗿 𝗧𝗵𝗼𝘀𝗲 𝗪𝗵𝗼 𝗪𝗮𝗻𝘁 𝘁𝗼 𝗛𝗲𝗹𝗽 We've identified the attacker's primary wallet: 0xc17490aff678cc88712e117a413087949faba7e9 They've been off-ramping through three exchanges. Key transaction hashes for investigators: Cryptomus: 0x83ea24db8b7387100b7220f2eb9afb5f907af4987598000bf15d4db1303e8e6c Binance (via 0x19f4ceabd94b809d139377e96b8ecd2cc1e4beb7) WhiteBIT (via 0x19c5fb71f193c53ab893d69468b7e98dc8975664) A police report has been filed with Singapore Police Force. If you have any information about the person behind Telegram handle @shannimt or the MetaToy scam operation (metatoy.io - ⚠️ DO NOT visit, malicious site), please reach out. My original wallet address was 0xBb77eDa00654bb78aF2E1B9c40c14Df8Fc1e9bE9 - I'm "hawkerize" on DeBank. That identity is now a memorial to what I lost. Attack breakdown Initial Contact Phase Date/Time/Event 5 Dec 2025, 10:03 Victim contacts scammer (Telegram: @Hylo, username "Shanni") after seeing job posting in "memewonder" group for moderators/community managers and beta testers. 5 Dec 2025, 10:53 Scammer shares fraudulent project links: metatoy.io, x.com/MetaToyGame, discord.gg/metatoy 8 Dec 2025, 06:44 Scammer sends application form requesting personal info including ERC20 wallet address 9-10 Dec 2025 Ongoing communication; scammer offers job at $500-600/month with flexible hours Malware Delivery Phase Date/Time Event 11 Dec 2025, 08:05 Scammer tells victim to get "code for the launcher" from developer 11 Dec 2025, 08:10 Scammer provides code "eqpdra" and instructs victim to download launcher from website 11 Dec 2025, ~08:30 Victim downloads and installs malicious "MetaToy" launcher 11 Dec 2025, ~08:45 Norton Antivirus blocks credential theft attempts from "electroninstallationtelemetrylogsaver64" and "rmclient.exe" 11 Dec 2025, 09:05 Victim confronts scammer about malware detection; declines to continue Theft Execution Phase Date/Time Event 12 Dec 2025 Approximately 24 hours after malware installation, victim's Rabby and Phantom browser wallet extensions are drained 12 Dec 2025, 06:00-06:02 UTC-07:00 First wave of fund transfers to attacker consolidation wallet 0xc174...a7e9 12 Dec 2025, 20:13 Victim discovers theft and messages scammer on Telegram 12 Dec 2025 (ongoing) Attacker begins off-ramping stolen funds through multiple CEXs 4. MALWARE TECHNICAL DETAILS Delivery Method: Fake game launcher download from metatoy.io website, requiring invitation code "eqpdra" Malicious Components Identified: •        electroninstallationtelemetrylogsaver64 - Attempted browser credential theft •        rmclient.exe - Attempted browser credential theft via process injection •        Registry entry: HKEY_CURRENT_USER\Software\electroninstallation PIHTYW •        Installer folders in %AppData% and %LocalAppData% Malware Behavior: The malware targeted browser extension wallets (Rabby, Phantom) by attempting to access encrypted vault data and/or capturing credentials through process injection into legitimate Windows processes. Norton Antivirus blocked some credential theft attempts, but the malware likely exfiltrated wallet data before or through methods that evaded detection. ━━━━━━━━━━━━━━━━━━━━ 𝗙𝗔𝗤𝘀 𝗜 𝗞𝗻𝗼𝘄 𝗬𝗼𝘂'𝗹𝗹 𝗔𝘀𝗸 Did you connect your wallet to a dApp? → No. Never. Were you logged into your wallet when the attack happened? → No. I kept my wallet logged out from the moment Norton's initial alert triggered. Why didn't you use a burner wallet? → I wasn't connected to any dApp. I only installed what I thought was a game beta launcher. That was enough. Have I contacted the Exchanges → I have contacted Cryptomus so far on their contact form. And I have submitted a police report in Singapore, I have faith in our country's cybercrimes division. ━━━━━━━━━━━━━━━━━━━━ 𝗪𝗵𝗮𝘁 𝗜 𝗪𝗮𝗻𝘁 𝗬𝗼𝘂 𝘁𝗼 𝗧𝗮𝗸𝗲 𝗔𝘄𝗮𝘆 If you download and run any executable - even from a "legitimate-looking" project - you are exposed. Browser extension wallets are vulnerable to system-level malware regardless of whether you're logged in or connected to anything. Consider hardware wallets for anything significant. Treat every download as a potential attack vector. I already use redundant wallets, cold wallets, multisigs, have 2FA on everything, strong passwords, a password manager, airgapped physical recovery phrases. So believe me, you CAN BE A VICTIM still. And if you get rekt, know that you're not alone. RektSurvivor exists because this community is stronger together. ━━━━━━━━━━━━━━━━━━━━ 𝗔𝗰𝗸𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲𝗺𝗲𝗻𝘁𝘀 Blockchain forensic charts provided by Basel Ismail, Founder of @Blockcircle - thank you for the rapid analysis that helped trace the fund flows. To the RektSurvivor community members who reached out with support, emergency funds, and even job offerings - your kindness in my darkest moment means everything. Special thanks to Daniel Milton, Louis Chen, Jan Hanken of Arc Accelerator, John and Howie of @elephantsinc Elephants.inc, and @Jayz079 Jayz Nguyen of @ Ufin. ━━━━━━━━━━━━━━━━━━━━ If you've experienced something similar or want to learn more about protecting yourself, visit rektsurvivor.com 📷Maximize imageEdit imageDelete image #Web3Security #CryptoScam #InfoSec #RektSurvivor #CyberSecurity #Blockchain #CryptoSafety

An attacker compromised all my wallets and I now have a net worth of zero in crypto. debank.com/profile/0xc174… This is the attackers wallet. They drained me and are using cryptomus to offramp

Gm Singapore! We are ready for a @token2049 road trip with @decharge !

@nodes_garden @gocabs_xyz is a ride-share platform owned by drivers and riders, not corporations. With fare bids, green ride rewards, and shared ownership, it empowers users with transparency, fair pay, and sustainable mobility.

🎉 Discover Cambodia with @TPRO_Network X @relocatify1 🇰🇭 and join the Epic $TPRO burn!🔥 GM Legends! We are organizing a special giveaway for you. What you can win: 💥1X flight ticket to Cambodia* 💥1X 7-day luxury resort stay for 2 people on a Cambodian Island 💥1X 7-day luxury crypto resort stay at Satoshi’s Paradise** 💥5X online setups of Cambodia bank accounts 💥5X $250 in $TPRO How to participate: • Each coupon gives you 1 chance. • For 15 USDT or USDC you can get 1 coupon. • For TPRO worth $12 you can get 1 coupon. Send TPRO or USDT / USDC before 21.09.2025 10 PM UTC on ERC20 Chain to this wallet address: 0xAE6C59600a860D9e87E4c7E0B8511996d252Fd25 Price at time of send matters; only tokens bought during the giveaway count. Max 10 coupons per address. ⚠️ All USDT will be used for TPRO buybacks & burns once giveaway ends. 📢 Winners will be announced on X. Only 18+ individuals may participate. No guarantee of winning. Organizers aren’t responsible for token price changes. *Flight ticket prize reimbursed up to USD 1,200. **Satoshi’s Paradise stay 7 nights delivered once the resort is open to guests. Good luck, Legends! ⚡️

Gm TPRO Legends! 🚀 Ready to set sail into new frontiers? We’re teaming up with @LiquifyVentures our new partners in exploration, who are bringing liquid vesting, lending, and borrowing to the TPRO ecosystem. All part of our mission to grow TPRO liquidity and open new opportunities for the community. 💪 Check it out in action: liquify.ventures/lending