Bartosz

This is how people get drained: scan QR → connect → blindly sign an unlimited approval - not an NFT claim users still don’t see what they’re agreeing to at signing

@zxstim Kind of agree, the fact this is still unsolved after years says a lot about incentives. but there are teams pushing it forward (e.g. Ledger investing heavily in clear signing)

wallets won't adopt things like this because they still believe that people won't care. they are obsessed with the idea of chasing "normies", and locking people into the wallets. i think too much competition in the wallet layer is not very good. eventually bad behaviour will come out. the only way out is advocating for an over supply of wallets and move competition to where it matters, the app layer.

Even in the best wallet UX like Zerion, signing a UniswapX Exclusive Dutch Order still requires guesswork. Here’s the difference with clear signing

@P3b7_ Any data on how much has been lost?

🚨 All it takes is one website and your crypto disappears: Coruna may be the EternalBlue moment for iOS exploits. For years, large-scale exploitation of iPhones was considered impractical. Coruna proves otherwise. Recently exposed by the Google Threat Intelligence Group, Coruna is a modular, state-grade iOS exploit kit that shows how sophisticated cyber capabilities developed by governments or surveillance actors can eventually leak into criminal ecosystems. The framework contains five complete exploit chains built from 23 vulnerabilities targeting Apple devices. These chains combine: - WebKit remote code execution - Privilege escalation - PAC (Pointer Authentication) bypass (!!) - Sandbox escape - Page Protection Layer bypass Together, they enable full compromise of an iPhone from a simple website visit. The implications are immediate. Coruna has already been used primarily for cryptocurrency theft. The attack path is brutally simple: your keys sit in a software wallet on your iPhone, you visit a compromised website, and your crypto is gone. Once inside the device, the malware can: - Steal assets from software wallets - Extract seed phrases stored in Apple Notes or in your photos - Harvest photos, emails, and other sensitive data Researchers observed the toolkit targeting 18 cryptocurrency apps, including MetaMask, Trust Wallet, and Exodus Wallet. Coruna works out of the box against devices running iOS 13 through iOS 17.2.1, covering releases from 2019 to 2023. That represents hundreds of millions of potentially vulnerable devices worldwide. So far, researchers estimate that tens of thousands of iPhones have actually been infected. More recent iOS versions are also actively targeted by nation-state actors, though not exploited yet at this scale. But the trajectory is clear: as exploit development accelerates, particularly with the assistance of AI, these capabilities will become cheaper and more widely available. Large-scale mobile compromise will become more common. The lesson is straightforward: Storing valuable secrets on general-purpose devices is fundamentally risky. When a single browser visit can compromise the entire mobile phone, relying on software wallets to protect high-value assets is no longer a defensible security model. For those interested by the technical details, I recommend this excellent report from Google Threat Intelligence group. cloud.google.com/blog/topics/th…

When autonomous agents start out-tx-ing humans?

Finally my OpenClaw bot can spend its pocket money.

Crypto payments aren’t just cheaper. They’re instant, global, and settled straight from self-custody. WalletConnect Pay is the infrastructure that lets wallets and merchants use that power at scale.

Great insights about feature of payments from @cyberdrk

@cyberdrk Never say never

The problem in Bitcoin is that 10% of supply incl. Satoshi's coins (~2mio BTC) is considered to be lost in "P2PK" legacy accounts that are the easiest to break and will never be migrated to post-quantum accounts

Join us!

@0xRtomas @reown_ nice

Payments redefined (💵+⛓️) With @reown_ + Binance direct-integration Users pay from their exchange account — no wallet switch, no friction. Web3 meets real-world checkout. #CryptoPayments #Reown rtomas.hashnode.dev/redefining-pay…

Built at @WalletConnect: EIP-7730 clear signing turns Aave’s borrow request into a human-readable intent.

- USD currency in circulation (last 66y): ~76× - Gold above-ground stock (last 66y): ~2.7× - Bitcoin supply (next 66y): +<6%

400 Billion flowing through @WalletConnect

1/ WalletConnect is set to surpass $400B in annual Total Network Volume. The connectivity layer of the financial internet. Here's the breakdown ↓

1/ Introducing WalletConnect Pay 🌐 In partnership with @dtc_pay, one of Asia’s leading POS providers, seamless stablecoin payments are coming to retail, hospitality, and everyday commerce across Asia.

1/ State of Onchain Payments 2025 is now live. Onchain payments are growing fast, but most teams still lack the data to design better experiences. We surveyed 1,000+ users and analyzed 300M @WalletConnect sessions to understand what’s working, what’s broken, and what’s next.

1/ @FireblocksHQ just launched @SuiNetwork support and Reown is powering the UX that makes it secure, scalable, and institutional-ready. Here’s how 👇

1/ The impact of Reown’s AppKit over the last 12 months: - 10B+ RPC calls - 66M+ unique addresses - 286M+ session connections - 261M signatures via @WalletConnect Powering UX for thousands of onchain apps across Solana, EVM, and Bitcoin. Why leading teams build with AppKit ↓