Brad Messier

Unlock the Future of Finance: Invest in DeFi, Embrace Tokenization, Secure Your Legacy with XDRIP Digital Management. We proudly introduce D.O.T.s through The Medals of Honor — your exclusive entry into a revolutionary tokenization system. This isn't just an investment; it's a strategic move to position yourself at the forefront of digital innovation. Your journey to redefine wealth begins here: moh.xdrip.io

The attack surface does not stay the same size. Every new holder is a new target. Every new device is a new entry point. Every new service built on top of crypto is another layer that can fail, get compromised, or get abandoned without notice. And AI is compressing the time between a vulnerability being found and it being weaponized. The window that used to exist between patch and exploit is getting shorter every year. The answer that scales with that is not better software, faster patches, or stronger cloud security. It is removing the key from any environment those things can touch. @XColdPro RC Day 33.

He is not wrong. And the team did not build @XColdPro for the world as it is today. We built it for the one Lopp is describing. RC Day 33. rc.xcoldpro.com

Hardware ships through a supply chain. Software you boot from your own USB doesn't. That's the difference no one wants to talk about.

Cold as steel. Clear as ice. Mathematically certain. Learn more at xcoldpro.com

$800K drained from ETH wallets dormant for 7+ years. Root cause is still unverified. What doesn't need verification: the key ended up somewhere reachable. The debate about which device generates keys with the best entropy misses the actual question. Where does the key live after generation? What can reach that environment? XColdPro is software. Runs on any machine you air-gap. No proprietary hardware required. The isolation is the security. RC Day 30. rc.xcoldpro.com

XColdPro RC Day 30. All six protocols running. 13 languages. 16 themes. Real users on real keys for 30 days. Tomorrow: Saturday May 2 at 1pm MST. Brad and the team are hosting live on X (@XDRIP) and Rumble. Bring your questions about self-custody, cold storage, and how the protocols work. rc.xcoldpro.com

A local privilege escalation vulnerability published this week. CVE-2026-31431. An unprivileged user can write specific bytes into the page cache of certain readable files on major Linux distributions. The exposure has been present since 2017. It's patched. But the question stays: how many machines running key-management software haven't pushed the update yet? The OS layer is part of the attack surface. The team built @XColdPro on the assumption that no part of the stack gets a free pass. You control the machine. You isolate the environment. You verify every update. Nothing trusts itself automatically. An air-gapped device removes the network attack path entirely. Local privilege escalation still requires physical access. RC Day 30.

Friday. This time of year Colorado is split. One day you get sun, the next you get snow on the foothills. This week the team got the same energy. Some days the feedback was all good. Some days we were rewriting a flow we thought was done. This week it was both. Tomorrow we go live. Brad and the team on @XDRIP and Rumble at 1pm MST. The Saturday shows are the ones that feel most like the real conversation. If you've been lurking and waiting to ask something, that's the slot. RC Day 30. Back to it.

@StaniKulechov This is the right shape. The replaceable-teams half only holds if the treasury layer itself isn't tied to whoever's currently executing. Offline multi-party approval at the treasury surface is what makes the swap actually clean. Brad, XDRIP.

RC Day 30. Quick check-in. All six protocols running: Void Lock, XBurnPro, Omega, Lazarus, Seed Vault, Citadel. 13 languages. 16 themes. Sentinel Guard baseline. EMBO baseline. Plausible Deniability dual-password active. The team is in the back half of the RC window, polishing edge cases and language coverage. Tomorrow is the one that matters. Saturday May 2 at 1pm MST, Brad and the team are hosting live on @XDRIP and Rumble. Bring every question you've been sitting on about self-custody, cold storage, and how the protocols actually work. No pitch deck. Just the real conversation.

@rugpullfinder Fair point. EOAs don't fit the exchange-data theory. On-chain analytics flagging dormant balances is the cleaner explanation for the target list. How the keys themselves were obtained is still the open question.

@KryptoBeard13 Agree with the last part. Not so sure it is old exchange data because why would an exchange have private keys for EOAs?

1/ 🚨 Your “safe” old crypto wallet might already be compromised. Over just 48 hours (Apr 29-30, 2026), hundreds of Ethereum wallets, some untouched for 4-8+ years, were silently drained. Estimated losses: $737K+ This wasn’t random. It was coordinated. 🧵👇

Bitcoin closed April up 12%. I don't trade it. I hold it. But a strong month means more people entering, more headlines, more attention. More attention also means more attacks. More phishing. More social engineering. More people who just bought their first BTC getting targeted the moment they show up on chain. A bull run is a security event. The people entering right now are exactly the ones who need self-custody most. They're also the ones least likely to have it figured out yet. That's the tension the team builds for. @XColdPro RC Day 30.

@blockchainchick Offline is the floor. The Syndicate root cause adds the next word: isolated. A password manager shared across a team is networked, multi-user, and one phish away. "A small number of people" is still not private.

The absolute basics of crypto security is keeping your keys OFFLINE

@Mregypt Step one is right. Step two is making sure where it lands isn't just a different kind of exposed. @XColdPro

Get your Bitcoin off exchanges. Now.

@PabloSabbatella A key stored in a shared password manager isn't a private key anymore. "Private" means one holder. The malware was the second failure. The first was treating a credential shared across a team like a secret.

The root cause of the Wasabi $5.5M hack was a private key stored in a password manager and shared between many team members. That key was compromised (I assume via malware). Storing private keys in password managers is more common than you would think. Password managers are meant to store one factor (passwords). No private keys, no seed phrases, no passkeys, no 2FA codes, no recovery or backup codes.

Two more supply-chain compromises this week. Malicious Ruby gems and Go modules from a group called BufferZoneCorp. PyTorch Lightning versions 2.6.2 and 2.6.3. Both carried credential-theft payloads activated at install. The attack does not need to break the cryptography. It just needs to get between you and the software you trust. XColdPro updates are signed at the source and verified at the device before they run. The pipeline is assumed hostile until the signature says otherwise. RC Day 30. rc.xcoldpro.com

@TFTC21 @callebtc The invariant is the same whether it's a mint in an enclave or a single wallet air-gapped. Key never moves. That's the guarantee. Everything else is wrapper. The ACINQ line is the one that makes it real. Not theoretical, already running hundreds of millions at scale.

"You can't access the bitcoin, so you're not a custodian." That single sentence from @callebtc , the creator of the Cashu ecash protocol, just unlocked the biggest scaling breakthrough Bitcoin has had in years. The reason ecash scaling has been limited to small community mints is because running a larger one makes you a money transmitter. Calle's solution: non-custodial Cashu mints running inside hardware enclaves. The bitcoin keys are generated inside the enclave and never leave it. The mint operator literally cannot access them. Even with full admin access to the server, they cannot steal the bitcoin. Remove the custodial barrier and the design space explodes. Public organizations, businesses, community groups can all run mints without taking on custodial liability. The security model is battle-tested. ACINQ already uses the same approach with AWS Nitro Enclaves to protect their massive Lightning node holding hundreds of millions in BTC. The historical lineage is what gets me. In 2004, Hal Finney built RPOW (Reusable Proofs of Work) using IBM's secure cryptographic coprocessor. The server was "more trustworthy than an ordinary bank" because the hardware itself guaranteed the software hadn't been tampered with. Finney's system wasn't tied to an existing currency. Calle's is. Cashu ecash backed by Bitcoin, running in a modern enclave, is RPOW's spiritual successor. Except this time it's built on the hardest money in human history. The honest caveats: this doesn't reduce risk to zero. The biggest practical risk is denial of service. The operator could turn the mint off. But since they can't steal the bitcoin, there's no financial incentive to do so. We're getting closer to having everything we want: privacy, ease of use, and reduced custodial risk, all on Bitcoin rails. Hal Finney's vision, finally realized.

@CryptooIndia Dormancy isn't safety. Those keys were generated in a different threat environment. The attacker monitors. The attacker waits. Funds sitting quietly is not the same as funds being secure.

🚨 ALERT: 500+ Ethereum wallets drained after years of dormancy, $800K stolen and laundered via ThorChain.

@lopp The gap between 67 real and 21 cataloged isn't a tracking problem. It's a silence problem. Most victims don't report. Every risk model built on public data is working from a floor, not a ceiling.

To give you a better idea of how incomplete the Bitcoin Wrench Attack archive is... the French Prosecutor's office recently released some numbers. 2024: 18 (we had cataloged 1) 2025: 67 (we had cataloged 21) 2026: 47 (we had cataloged 21)