I woke up this morning to the devastating news that FTX security was breached last night. It is not clear which parts have been compromised, but a general warning was issued by John Ray the new CEO. (1)
The core vision behind DeFi to bring transparency and open access to finance is today more relevant than ever and Iโm happy to be part of such a strong community that does not stop to fight for it, even in tough weeks like this one. (14)
The serum program update key was not controlled by the SRM DAO, but by a private key connected to FTX. At this moment no one can confirm, who controls this key and hence has the power to update the serum program, possibly deploying malicious code. (2)
1/ White hat hacker Th0mas from
@Neodyme
notified mango developers of a bug in the mango token sale pool at 9PM UTC on 09/08.
@tjshipe
and I immediately verified that no one used the exploit yet and secured the remaining 390,000 MNGO.
Serum is a special project. It inspired many of us to start building on Solana. Itโs the central order book for liquidity providers to backstop liquidations of all major lending protocols on Solana. (5)
To
@avi_eisen
,
You have demonstrated repeated disrespect for the DeFi community. You revealed your plan to pillage more and more protocols to do larger and larger โprofitable tradesโ as you call them.
This is an interim solution, as a member of SRM DAO, I have some ideas how to improve the project, but ultimately the whole community should decide. (13)
When I reached out to a couple of people previously involved with Serum, I got answers like: โI wish I had more info to help you, but I really donโtโ. โI have no idea wtf is happening. Should assume the worst and that everything related to FTX is compromised.โ (4)
My partner gives me shit, because she think's it's my fault
@mangomarkets
is not fast enough. Claims slowlana is a bad choice of material (she's an artist). I want to prove her wrong, but it's going to be a lot of work
Wonder why the
@marginfi
team can't deliver? Their team is busy posting with their alt accounts on Mango discord and spreading fud. Wouldn't leave money in marginfi - monkeys and typewriters only gets you so far in crypto.
So excited to see
@UXDProtocol
launch.
@KentoInami
has been walking through fire to get here and I am super excited to have a stable coin built on
@mangomarkets
and hope we can use it to make Mango fully censorship resistant.
@aeyakovenko
@R89Capital
@openbookdex
I kinda like the idea of zero net fees and no token. Crypto is all about removing the rent seeking middleman.
CLOB based AMMs are tricky, but
@jktrader16
has a really good approach, hope we can try it out in December
As the first DAO on Solana and a community driven project,
@mangomarkets
naturally attracts more political debate. Hereโs my (personal) opinion on your shitcoins including MNGO.
A random user just doubled
@mangomarkets
TVL in one deposit of bSOL. Is that a problem? No! The risk engine scaled down collateral weight for the asset which restricts the whale in it's actions to a safe limit. If I were the whale, i'd bring forward a governance proposal๐ฟ
Let's try this game: if you run a voting
@solana
validator, update it now and reply to this post. If not, try to tag a voting validator and get them to update. Game ends when 1.9.15 is rolled out or tps >3000. Go!
Going to bed last night at 3am after getting some work done
Get a call from
@m_schneider
on the integration of the new โnot FTX relatedโ serum order book
Get out of bed
Update
@SolapeFinance
code to integrate it
Update website with new markets
Back to bed
For
@solana
๐ค
The best thing about open source programs is that they can be improved, even if the original authors ceased to develop them. It's always inspiring when the work of an artist develops a life of its own.
This one goes to all the NFT flippers out there:
You don't need to be a farmer to use DeFi!
Even if all you do, is buy SOL and BTC.
Just stop using centralized services
for anything but fiat onboarding.
You need to start the exodus, one user at a time.
let's rent a physical arena, allow one fighter for each solana protocol in (unless it's ian, he needs to represent all his protocols alone). rules are FFA wrestling, spontaneous teams allowed. one round per hackathon.
Last week the first
@openbookdex
community meetup was held and a couple of important questions were discussed. This is how I see the project right now and it's development going forward:
You claim that your actions were legal, and even if we don't agree on it, we both know that there is ืืืช-ืืื ืฉื ืืขืื ืืืืช-ืืื ืฉื ืืื and we are judged in both. Yom Kippur just passed but god signs us each year and there is no redemption without asking for one from our fellow men.
6/ I am super honored and thankful for the great minds at
@Neodyme
to disclose this issue in a responsible way and I will ask the Mango DAO to grant them a bug bounty for their efforts to protect the Mango DAO participants.
One of the most overlooked, but hardest grinding teams on Solana. Didn't get a breakpoint talk, but managed to reach top 1 on the defi lama leaderboard in the meantime. Well done!
This statement intends to clarify the issues other people have put forth in the process of reviving Mango DAO and proves good intentions through explanation of my actions.
Is the "closed source for security" season finally over? Looking forward to see some strong projects release their source code and invite open review from the community
@mangomarkets
is legit run by fucking retarded people
spends years going jack shit 0 NOTHING and then add $MOUTAI and is catering to a meme coin with sub 2k followers
idiot fucks
Can't believe how much attention to detail
@mangomarkets
designer puts into his work. My favorite part is definitely the list token CTA next to the recently listed tokens.
Copying OS without attribution is stealing from your brothers. To even copy the spelling mistakes, but apply for the hackathon as if itโs your own can be a mistake. But not if people reached out before and asked for correction.
dev-diary on Solana:
2020: write code, ask on discord for help, repeat
2021: write code, run test, open PR, check SOL price, repeat
2022: write code, try test, check TPS, existential crisis
Can
@therealchaseeb
do something until TPS is better?
5/ This incident is a good example, that security is often only the result of many eyes reading. Open sourcing is in my opinion the best way to get more eyes on my code.
Solana isn't going to happen. An attempt to "reframe the narrative" really means "we need to invent some new bullshit to get liquidity." The scam died when Sam did. Capitulate and move on.
let's do a community call and sort this out. everyone gets a few minutes to present his point and we can all stop wasting time slow-posting on twitter.
What language should the third solana client be implemented in?
My preference would be to focus on readability / hackability.
Go and mojo seem to be decent options.
"Degens after Dark" will be happening again in Amsterdam on Nov. 2nd. Looking for artists from the Solana community to dj / play live music. DM me your music
Security stage is where the magic will happen today, kudos to
@Neodyme
for hosting us. Mainly talking about economic attacks, a topic that is often out of scope but needs more attention by the security community.
i think i should just stop using the public governance forum and openly disclosing what I do for Mango DAO. Clearly the guy who collects seed / vc deals on his profile definitely knows what's "insidery" and is right here
solana hackathons have the tendency to coincide with the worst dev-ex bugs. last one no one was able to build anchor due to crate dependency spaghetti. this one people can't land program deployments on chain. to all the new devs:
welcome to solana, how do you like your glass?
The
@openbookdex
team asked me to present the project on their behalf on
@SolanaConf
because they are busy shipping and helping multiple hyperdrive teams integrate. Can you imagine how much love for the product went into this rewrite?
UNLEASH THE POWER!
The production version of OpenBook V2 has been deployed to mainnet!
Program ID ๐ opnb2LAfJYbRMAHHvqjCwQxanZn7ReEHp1k81EohpZb
Audit by
@osec_io
๐
Stay tuned for more detailsโฆ โก๏ธ๐2๏ธโฃ
tBTC is a great example for comparing capital efficiency across ecosystems. Impressive how well the uniswap design scales with faster block times, but can't beat
@openbookdex
in efficiency.