TreeCityWes.xen

@CLOUT_COCKS Those damn witches continuing throughout the week

NOTHING EVER HAPPENS IS THE WHOLE OF THY LAW

Some #X1 DEFI protocol news: 1. We are working on Stake and Lock protocol on X1, where if you stake and lock your $XNT, you will earn out more rewards if you just stake into the validator network. We think this is net-positive for the price of $XNT as less of it going to be available (if it's locked). 2. Stake $USDC.X (stable token on #X1) for $XNT yield with similar design as above - this would allow for more TVL in the bridge (app.bridge.x1.xyz) as people would bridge $USDC->$USDC.X, staking it for $XNT rewards. We are always looking for ways to create net-positive reward protocols which would move the chain's metrics higher before we get listed on Dexscreener and CEXes.

gm builders. what are you shipping today

So tru

BREAKING: The SEC has formally classified SOL as a digital commodity in its new crypto asset taxonomy, alongside BTC, ETH,  and 14 other assets. SOL is not a security.

Current status: building. $XEN #X1

Gave OpenClaw eyes... What could go wrong?

Software was eaten by AI.

Love the @mem0ai OpenClaw guide, but their default setup is ephemeral. I went deeper. Self-hosted #Qdrant + #Mem0 OSS = fully local, zero cloud dependency. 66/75 vs 38/75 across 15 real criteria: → persistence → privacy → cost → debuggability The part I'm most proud of: I turned the whole migration into a single .md file. Just attach it to your OpenClaw chat, hit send and it self-installs. Detects your OS, your paths, your architecture, then walks itself through the entire setup. OpenRouter or fully local Ollama. Your call. ⚠️ Tested on Linux. Should work broadly (but I can't promise Windows won't fight you). Guide + comparison chart in the replies 👇

DBXEN founder reply to the hack 🥶

🚨The @DBXen_crypto on BNB Chain was exploited at block 86,063,902 through an ERC2771 meta-transaction context confusion vulnerability in the `burnBatch()` function. The attacker abused the inconsistency between `_msgSender()` (used in the `gasWrapper` modifier) and `msg.sender` (passed as the `user` argument to `xen.burn()`) to split the state updates for burned-batch accounting across two different addresses. This desynchronized `accCycleBatchesBurned` and `lastActiveCycle` for the actual user (the attacker's EOA), causing the reward and fee calculation in `updateStats()` to believe the EOA had unprocessed burns from a previous cycle. The attacker then called `claimFees()` to drain approximately 23.12 BNB in accumulated protocol fees from the contract, plus received 9,676.9 DXN tokens via `claimRewards()`, for a net profit of ~22.53 BNB and ~9,677 DXN after accounting for costs.

@xenpub Forwarder vs No Forwarder

Certik in the chat.

HOLY SHIT - DBXEN STAKING HACK. A Thread 🧵... DBXEN staking contract was drained for 65.28 ETH in a single exploit. The attacker combined a permissionless trusted forwarder with a fee accounting bug for fresh addresses, spoofed _msgSender(), called burnBatch(5560), and walked away with the entire fee pool built up over 1,085 cycles. etherscan.io/tx/0x914a5af79… Attacker EOA: 0x63150ac8e35c6c685e93ee4d7d5cb8eafb2f016b Beneficiary: 0x425d3ec2dcebe2c04ba1687504d43afc6be7328d Exploit TX: 0x914a5af790e55b8ea140a79da931fc037cb4c4457704d184ad21f54fb808bc37

@xenpub @razvancostin14 @mrJackLevin @ackebom @CLOUT_COCKS @simplewaters @dbxeneth @ludolphus

@TreeCityWes @razvancostin14 @mrJackLevin @ackebom @CLOUT_COCKS @simplewaters @dbxeneth @ludolphus No way... did you try to figure out what happened? @razvancostin14 are you aware of this? Can you confirm is that was a hack?

@razvancostin14 @mrJackLevin @ackebom @xenpub @CLOUT_COCKS @simplewaters @dbxeneth @ludolphus etherscan.io/tx/0x914a5af79…

dbxen staking contract was drained @razvancostin14 @mrJackLevin @ackebom @xenpub @CLOUT_COCKS @simplewaters @dbxeneth @ludolphus