0xmt

Tbh I think the attack surface from compromised access controls is what made the team targets. At the risk of sounding like a preacher, do you know which teams are not likely targets of these kinds of attacks? Uniswap. Curve. Liquidity. Sky. Aave. If the Liquity, Sky, or Aave teams could introduce new collateral with a multi-sig, they too would be targeted. If Uniswap’s or Curve’s pools could be upgraded with a multi-sig, they too would be targeted. Multi-sig usage is okay in certain cases, but not when the attack surface includes the introduction of new collateral which can drain the protocol.

Today we learn, there is a single EOA that can unilaterally withdraw any funds from Gauntlet's USD Alpha vault. Good think we don't have a track record of any private key leaks causing issues...

i gave an AI $50 and told it "pay for yourself or you die" 48 hours later it turned $50 into $2,980 and it's still alive autonomous trading agent on polymarket every 10 minutes it: → scans 500-1000 markets → builds fair value estimate with claude → finds mispricing > 8% → calculates position size (kelly criterion, max 6% bankroll) → executes → pays its own API bill from profits if balance hits $0, the agent dies so it learned to survive built in rust for speed claude API for reasoning (agent pays for its own inference) runs on a $4.5/month VPS weather markets: parses NOAA before polymarket updates sports: scrapes injury reports, finds mispricing crypto: on-chain metrics + sentiment $50 → $2,980 in 48 hours how much do u think i’ll see in a week?

I think TheDAO is getting drained right now Unfortunately I am on a train to work, so cannot investigate, but looks like recursive call exploit of some kind

one thing i wish eth adopts from sol: capitalism