It is very easy to be pessimistic and right.
Most ideas are bad. Most markets are too early, too small, too crowded, too hard. You can build an entire worldview around seeing the flaw first, and be rewarded for it over and over again
But the strange thing about startups is that the only outcomes that matter come from the places where someone was optimistic and right
I used to underestimate how much this matters. But there is a whole world of difference between reacting to the world as it is, and having enough understanding of the world as it is to still stay open to what it could become
Long optimism
@lex_node I believe in the weird, novel, and exciting parts of crypto
Tokenized ideas, organic communities rallying around schelling points, hyperstition, using these tools as means of dissent and subversion, privacy, permissionless, etc
That’s what makes this industry still exciting
I’d like to share some common scenarios behind wallet compromises, in the hope that this helps users better understand where risks actually come from:
1️⃣ Centralized private-key risk in DEX Bot products
Many DEX Bot products require users to upload their private keys to servers, where they are stored in plaintext or in decryptable form.
👉 This means internal technical staff may have access to user private keys, and once a system is compromised, the risk profile effectively becomes comparable to that of a centralized exchange.
As a result, such products must meet exchange-level security standards to be considered safe.
Importantly, these products are not truly self-custodial by nature. In many jurisdictions, service providers may be deemed subject to KYC, AML, and other compliance obligations. Failure to meet such obligations could expose operators to regulatory or even criminal risks.
2️⃣ Vulnerabilities or malicious behavior in self-custodial wallet code
This includes software bugs, supply-chain attacks, or compromised code repositories, which can result in private keys being exfiltrated.
👉 A recent high-profile wallet incident falls into this category.
3️⃣ Compromise of user devices or unintended data exposure
User devices may be infected with malware capable of monitoring keystrokes or clipboard activity.
In other cases, users store recovery phrases as screenshots, which are then automatically backed up to cloud photo services.
👉 We have handled real legal cases where employees of large photo-storage providers wrote server-side scripts to scan user backups and identify images containing recovery phrases.
4️⃣ Structural reliance on private-key custody for automated strategies
Many users rely on automated trading or execution strategies, which often require private keys to be entrusted to bot service providers.
OKX Wallet is preparing to introduce Smart Accounts, leveraging Trusted Execution Environment (TEE) technology to enable automated strategy execution without custodial control over private keys, addressing this long-standing security trade-off.
5️⃣ The correct direction for wallet security evolution
Security and usability are not mutually exclusive.
The design philosophy behind OKX Pay Wallet is to combine:
•Institutional-grade security and risk controls
•User-controlled local authentication, such as passkeys
OKX Pay is currently a concept-stage product, and over the coming year we plan to roll out a range of powerful features to better protect assets for mainstream users.
I'd like to invite @PaulFrambot and @StaniKulechov onto Bell Curve to discuss the isolated risk model in lending.
Some very good points from both sides made this week, retweet if you'd like to see these two legends on a pod 🫡
when memecoins took off, the tl declared that the future was memecoins
when perps took off, the future was perps
and when prediction markets took off, the future was… prediction markets
guys i don’t know how to tell you this but
there is a future more than 2 hours from now
and it is full of possibilities we’re only gonna realize if we pull our heads out of our asses and start to see there is more to building than trying to replicate the mediocre present surrounding us
you can do things