Loki_moments

19.7K posts

Loki_moments banner
Loki_moments

Loki_moments

@Sam_Solooki

. Persian contemporary photographer + Ai/generative artist | All socials and works https://t.co/MKsKkOEhS8

België Katılım Haziran 2021
1.9K Takip Edilen1.6K Takipçiler
Sabitlenmiş Tweet
Loki_moments
Loki_moments@Sam_Solooki·
Who am I and what do I create/do? I'm Sam/loki, a Belgian contemporary nude photographer and generative artist with Persian roots. My photography mainly allows the viewer to perceive a differentiated perspective of the superficial aspect of our daily life by focusing on showcasing societal, political and individual issues expressed via symbolism, narrative, metaphorical implementations and nudity.
Loki_moments tweet mediaLoki_moments tweet mediaLoki_moments tweet mediaLoki_moments tweet media
English
2
4
17
1.9K
Loki_moments retweetledi
Sean Mundy
Sean Mundy@seanmundyphoto·
"decay" photography and digital manipulation
Sean Mundy tweet media
English
1
8
25
2K
Loki_moments retweetledi
Summer Wagner
Summer Wagner@summergwagner·
new work Feb 2026
Summer Wagner tweet mediaSummer Wagner tweet mediaSummer Wagner tweet mediaSummer Wagner tweet media
English
11
43
418
9.6K
Loki_moments retweetledi
LifeWithArt
LifeWithArt@lifewithart_·
Portrait of a Man from the 𝘋𝘢𝘵𝘢𝘴𝘦𝘵 collection has found its home. Thank You dear @1xVollard for the curiosity and care you took in collecting, taking the time for a genuine deep dive into my work. That kind of attention is rare and pleasure to come across.
LifeWithArt tweet media
English
12
7
45
1.2K
Loki_moments retweetledi
Sean Mundy
Sean Mundy@seanmundyphoto·
art that your dentist would have in their waiting room if they were cool
Sean Mundy tweet mediaSean Mundy tweet mediaSean Mundy tweet media
English
4
4
27
804
Loki_moments retweetledi
LifeWithArt
LifeWithArt@lifewithart_·
this is how i build
LifeWithArt tweet media
English
4
7
31
630
Loki_moments
Loki_moments@Sam_Solooki·
@bangjelkoski @injective 'No funds were stolen', I think you don't actually know the difference between whitehat and staying eligible and going into blackhat non-eligible territory. If he had actually stolen the funds, he wouldn't been someone who actuallt exploited it, which is illegal.
English
0
0
5
753
Bojan Angjelkoski
Bojan Angjelkoski@bangjelkoski·
Security is paramount at @injective and we take our bug bounty program very seriously. First and foremost, the figures referenced in the post are entirely misleading. There was no impact realized from this issue. Zero user funds were affected and zero addresses were compromised. For the stated vulnerability to work in practice, it would require execution of several suspicious transactions that would have an extraordinarily limited impact. Injective has dynamic rate limiting functionalities which are applied automatically based on our live monitoring systems. This functionality has been live on mainnet since last year and is publicly available in our code base. In addition to all of the above, this report was reviewed against the clearly defined terms of our Immunefi program. Based on those terms, issues such as those raised in this report that DO NOT impact block production or consensus are categorized outside of the Blockchain/DLT tier and carry a maximum payout of $50,000. If the poster had requested a mediation we would explain to him the dynamic rate limiters and monitoring systems we have in place and why his stated figures are misleading. However, he did not do so. We always follow the procedures set forth by the Immunefi program and expect the submitter to do so as well. We remain committed to fair, transparent, and consistent handling of all reports, and to maintaining the highest standards of security for the ecosystem. Injective has done so since its mainnet inception in 2021 and will continue to do so in perpetuity, always putting builders and security first.
f4lc0n@al_f4lc0n

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

English
71
38
189
178.2K
Loki_moments
Loki_moments@Sam_Solooki·
@YKatone @yeswehack What I hate is whenever they say it's out of scope, they still fix it but just don't pay out. Have had this before.
English
1
0
1
235
kyrixa
kyrixa@kyrixavlr·
@al_f4lc0n @immunefi should have taken it yourself then, there's no point in bitching about it if they underpaid you lmao you either do it for the love of keeping things safe, or you chase the money, if it's the latter then should have just exploited it yourself LOL
English
4
0
11
3.5K
f4lc0n
f4lc0n@al_f4lc0n·
I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…
English
518
528
4.5K
1.8M
Loki_moments
Loki_moments@Sam_Solooki·
This is quite mildy expressed insane. @immunefi I wonder what your response is, but @injective if you do someone this bad, honestly, y'all deserve the worst. He could have executed this, and then you guys would have offered 10 percent of that amount. Greedy, cunning
f4lc0n@al_f4lc0n

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

English
0
0
0
81
Loki_moments
Loki_moments@Sam_Solooki·
@al_f4lc0n @immunefi They also always try to find a way to negate poc's/found bugs, makes me wonder why would one even submit them, and not instead just execute it themselves as a blackhat?
English
0
0
0
151
Loki_moments retweetledi
Loki_moments
Loki_moments@Sam_Solooki·
'Genuine us', thread🧵 Writing this thread for the purpose to let the viewer understand the full extent of my self-portrait series @foundation . This series isn´t just an artistic photography body of work, it´s much more than that, the level of philosophy, meaning, symbolism...
Loki_moments tweet media
English
6
17
62
8K
Loki_moments
Loki_moments@Sam_Solooki·
@hamidonsolo Makes me wonder, maybe blackhats were just whitehats at some point and had enough of these type of situations?
English
0
0
0
245
Patrickbatman
Patrickbatman@hamidonsolo·
Just found a Critical vulnerability. Reported it. 4 months of silence. They patched it quietly. Then said “we can’t reproduce it.” I sent video proof. They offered $500. I said read my report again. $500 → $1,500. Know your worth. Companies will always try to pay you less than you deserve. Would you have accepted the $500?
English
12
3
160
10.9K
Loki_moments
Loki_moments@Sam_Solooki·
@andyyy It's a duality dilemma to be honest. The more private it goes, the more users would want to use this industry. On the other hand the more privacy is implemented, the more money laundering/illicit activity will go unpunished.
English
0
0
2
19
Andy
Andy@andyyy·
Without privacy, this industry isn't going to scale. We need privacy.
English
153
50
454
41.4K
Zero Cipher
Zero Cipher@zerocipher002·
Spent 3 days building a proof of concept for a critical in a bug bounty. Full exploit chain. Exact steps showing how to drain the pool. Marked duplicate. Another researcher submitted the same finding hours before me. 72 hours of work. Zero payout. On to the next one.
English
11
1
98
3.6K
Loki_moments retweetledi
john gerrard
john gerrard@john__gerrard·
Western Flag (Spindletop, Texas) 2017
English
32
1K
11K
2.9M
Loki_moments
Loki_moments@Sam_Solooki·
@DrFriesOfficial Couldn't have said it better honestly. The meaning of 'being an artist' has dramatically changed in this space, so much that people call people like Pak or Beeple revolutionary.
English
1
0
2
24
Loki_moments retweetledi
CRIME ☠️
CRIME ☠️@DrFriesOfficial·
it's called conflict of interest everyone who still has a SR account has this syndrome even the most vocal when it comes to criticising every/anything under the sun, if they have an active SR account, they shut up, or go suspiciously soft on their critiques of said platform when it does something reprehensible... imagine calling yourself an artist, let alone a 💎 while wearing a leash... lmfao
Loki_moments@Sam_Solooki

People are mad because artists are voicing critique or their opinion towards a platform such as @SuperRare ? I might not agree with all critique or things being said, but other artists or collectors trying to surpress others are truly doing something strange.

English
3
1
8
429
Loki_moments
Loki_moments@Sam_Solooki·
I get it, y'all like the platform, of course, you can't say anything bad about it because you are on the platform, but for god's sake, let people voice their opinion. I see artists that are represented by SR cussing others, trying to surpress them, etc.
English
0
0
4
48
Loki_moments
Loki_moments@Sam_Solooki·
People are mad because artists are voicing critique or their opinion towards a platform such as @SuperRare ? I might not agree with all critique or things being said, but other artists or collectors trying to surpress others are truly doing something strange.
English
2
0
6
540

Keşfet

@1xVollard @bangjelkoski @injective @YKatone @yeswehack @kyrixavlr @al_f4lc0n @immunefi