Rohan Taneja

The wait is almost over. First batch of Rust School 🦀 approvals goes out tomorrow.

As a backend engineer please pick one language & its ecosystem deeply. - One server-side language deeply (Node.js/TypeScript, Python, Java, Go - pick one and master it) - API design & development (REST, GraphQL, gRPC, OpenAPI/Swagger, versioning, rate limiting) - Databases (SQL - PostgreSQL/MySQL with indexing, transactions, normalization + NoSQL like MongoDB/Redis) - Caching strategies (Redis, in-memory, CDN integration) - Authentication & authorization (JWT, OAuth2, sessions, RBAC, secure password handling) - System design fundamentals (scalability, microservices vs monolith, load balancing, sharding) - Event-driven architecture & messaging (Kafka, RabbitMQ, queues, pub/sub patterns) - DevOps & infrastructure (Docker, CI/CD with GitHub Actions, basic Kubernetes, observability - logging/monitoring/Prometheus) - Cloud platforms (AWS/GCP/Azure - compute, storage, serverless basics) - Security best practices (input validation, SQL injection prevention, HTTPS, rate limiting, secrets management) - Performance optimization & testing (query optimization, concurrency, unit/integration/load testing)

Tomorrow. We open Rust education scholarships 🦀 Most people don’t fail Rust because it’s hard They fail because they never get the right environment Limited cohort. Beginner → builder pipeline. Real systems training. Not everyone will get in. Details tomorrow!

Someone spent $500, planned for weeks, and stole $285 million from a crypto protocol. On April Fools Day. > The target was Drift Protocol. One of Solana's largest DeFi protocols. > It held $550 million in user funds the morning of April 1. > The attacker started preparing in March. Nobody noticed. > They created a fake token called CarbonVote Token. Minted 750 million units. Seeded a liquidity pool with $500. > Wash traded it for weeks until real price oracles reported it as legitimate. > At the same time they socially engineered two of Drift's five Security Council signers into pre-approving transactions. > Using a Solana feature that lets transactions be signed in advance and executed later. > On April 1 at 11:06am they pulled the trigger. > Listed the worthless token as real collateral. Raised withdrawal limits to unlimited. Borrowed every real asset in the protocol. > $309 million dropped to $41 million in minutes. > Not a smart contract bug. Not a code exploit. Not a seed phrase leak. > One admin key. That's all it took. > They swapped everything into USDC and bridged $230 million through Circle's own crosschain bridge to Ethereum. > 100+ transactions. Six hours. During US business hours. > Circle did nothing. > Nine days earlier Circle had frozen 16 legitimate business wallets with no warning for a sealed US civil case. > Legitimate businesses frozen. $230 million in stolen funds walked straight through. > The attacker deliberately avoided USDT the entire time. They knew Circle wouldn't act. > The stolen funds are now 130,000 ETH sitting in a single wallet tracked live on Arkham. > Currently worth $264 million. > The wallet was first funded through Tornado Cash. > The attacker also deposited directly into Binance. KYC data may exist. > Drift TVL went from $550 million to $24 million. > DRIFT token down over 40%. > Second largest Solana hack in history behind only the $326 million Wormhole bridge exploit in 2022. > Drift had to open their emergency announcement with: "This is not an April Fools joke." The $264 million on Arkham confirms it wasn't.