Olivia
Online
Ologai | Umbrella Finance ☂️
@ologai
Scrolling down the world of economics, finance and crypto
Founder of Umbrella Finance: @umbrella_fi
Joined September 2020
443 Following
1.9K Followers
3K Posts
Pinned Tweet
Hi folks. I'm the founder of an innovative protocol built on Monad testnet.
In Umbrella Finance, you can swap, lend and borrow any token, where your LPs work twice (for trading and for lending) effectively boosting your yield.
Come and give it a go. Feedback is appreciated.
What if your next DeFi protocol wasn't built with duct tape and vibes?
Introducing Umbrella Finance ☂️
Swap. Lend. Borrow. Yield. No oracles. No BS.
Here’s what makes us different (and dangerously good):
👇
Everyone can use @elonmusk's "Magic Wand Number" and "Idiot Index"
They're universal ideas, helpful in any industry.
"so you staked your ETH on the Ethereum blockchain to earn yield?"
"yes, Dave"
"except you didn't want your capital to be locked up so you actually staked it with a liquid staking protocol called Lido?"
"that's correct, Dave"
"and Lido gave you a liquid staking receipt token called stETH in return?"
"yes, Dave"
"and then you didn't think that was enough, so you juiced the yield even further by depositing your stETH receipt tokens into a restaking protocol called Eigenlayer?"
"you are correct, Dave"
"and now you didn't want to lock up your capital, so you actually restaked with a liquid restaking protocol called KelpDAO who provided you with a liquid restaking receipt token called rsETH?"
"you got it, Dave"
"and then that was surely not enough juice, so you then deposited your rsETH tokens into a lending protocol called AAVE so that you could open a leveraged looping position that borrows ETH against the rsETH collateral and restakes the ETH into rsETH which is then deposited as collateral, except it turns out rsETH used a cross-chain bridge called LayerZero whose security is held together by a 1/1 toothpick, which was obviously hacked by north koreans causing rsETH to become undercollateralized and now these looping positions are stuck and unprofitable, and everyone is pointing fingers at each other, and also DeFi is a very serious industry"
"you are 100% correct, dave"
jfc.
So let me start. DeFi is the future of the World Financial System. That's my belief, and this is why we are here.
This amount of absolutely preventable hacks we see in DeFi (with root causes attributable to CENTRALIZED points of failure) is enormous recently. This damages out industry, and I build for this industry. So I cannot remain silent.
Imagine an average grandma (mass adoption is here?) putting her life savings on Aave. And then BOOM, she cannot withdraw her funds on Monday. Aave (the biggest DeFi protocol btw) said it's operating as intended - just rsETH got exploited. rsETH said that all code is safu - just LayerZero bridge got hacked. LayerZero (the biggest bridge securing quarter of a trillion $) said that everything operating as intended. Yet, she cannot withdraw here funds. WTF? Are we industry of clowns?
But here's the thing. All issues like this should be prevented BEFORE they happen, not AFTER. Number of single points of failure should be reduced, not increased. When these points of failure are unavoidable - trust should be split. If there's a reliance on infrastructure - we should share best practices how to configure it. Not to mention that code should be very well checked - everyone gets that already.
We should probably come together and develop safety standards for DeFi. How to build safely, and how to verify safety. Probably everyone should bring their best practices, and the projects, auditors and risk assessment groups should know them. Maybe we need @ethereumfndn and @SolanaFndn bringing all the ecosystem projects to participate and come up with principles, rules and recommendations of safe building. And, perhaps, we can even learn something about protecting the few remaining centralized points of failure from traditional finance who have many more of those.
DeFi will win
Who to follow
slappjakke 
@Slappjakke
DeFi, DeFAI and Layer 2 connoisseur
Nothing gets my libido going like triple digit APRs
NFA - i'm just educating
Ignas | DeFi
@DefiIgnas
Subscribe to my DeFi blog to get ahead of the curve 👉 https://t.co/7O0WAdXUnT
Co-founder of @PinkBrains_io DeFi Creator Studio
rektdiomedes
@rektdiomedes
Crypto, macro, thumos. Publisher @thedailydegenhq. Evangelist for Mapledom @maplefinance. Paladin @protocol_fx. Proud Mantleian. Threads in Highlights tab.
@patfscott @CurveCap I'd go mostly for number one, especially with social engineering. Most recent hacks were done that way.
I'm at point where I prefer to have AI review my code (yes, I went old school and still wrote my code) than a human.
Some false positives, but also many true positives.
@DefiIgnas What are the centralized oracles you mention? Chainlink is decentralized afaik.
There are some lending protocols out there that do not rely on external oracles, including my own.
Can I DM you?
@Only1temmy From the user perspective, safety is better of course. But from the protocol perspective, it needs to keep adding features to remain competitive. How to balance that? Creating new contracts and asking everyone to migrate from old to new contracts is not great either.
Another one. This is getting too frequent... My guess is that social engineering is becoming increasingly better.
ok so here's how drift got drained for $200M+. on-chain receipts for everything. its insane tbh
Great stuff. Just search Google to find the url.
Inspired by @cartoonitunes' work with @EthereumHistory, I've been digging into contracts from the 2015-2019 era to find ETH's still withdrawable but has no active frontend and isn't tracked by Debank or other portfolio trackers.
116 contracts, 76,000+ ETH, 516k depositors with claimable balance.
Built Forgotten ETH to help people recover it
👇
This Man Trusted Physics By Being Ejected At 80 Km/h From A Riding Truck Running At 80 Km/h 🤯
🚨 @ResolvLabs USR just got exploited: here's the full on-chain breakdown
h/t @yieldsandmore who flagged this first | data via @ArkhamIntel
An attacker deposited 100K USDC into Resolv's USR Counter contract via requestSwap and received 49,950,000 USR back (~$39M)
That's a 500× overcredit on a $100K deposit. The minting function is broken.
On-chain receipts:
→ 100,000 USDC sent to Resolv: USR Counter (0xa27a...5861)
→ 50,000,000 USR minted from null address to Counter
→ 49,950,000 USR forwarded to attacker (0x04A288a7...caEd)
→ 100,000 USDC sent to intermediary (0xacB7027f...2b8e)
The _targetAmount in the input data reads:
50,000,000,000,000,000,000,000,000 (50M × 10^18)
The requestSwap → completeSwap is a 2-step async process.
Either the oracle was gamed, the off-chain signer was compromised, or the amount validation between request and completion is simply missing.
The attacker's exit playbook is textbook DeFi hack cashout running at full speed:
Step 1 — Wrap USR → wstUSR to access deeper DEX liquidity
20M USR → 17.65M wstUSR
15M USR → 13.24M wstUSR
Step 2 — Dump wstUSR across every available venue
8.77M wstUSR → 9.7M USDT (KyberSwap)
2M wstUSR → 2.01M USDC (direct contract 0x04a2...caed)
1.31M wstUSR → 655K USDT (KyberSwap)
1.31M wstUSR → 148K USDT (KyberSwap — slippage getting brutal)
604K wstUSR → 568K USDT
300K wstUSR → 277K USDC (Velora)
300K wstUSR → 303K USDC (Velora)
Dozens of 100K-150K wstUSR clips through Velora at varying slippage
Step 3 — Convert stables → ETH aggressively
4.85M USDT → 2,297 ETH (contract 0xbeef...c555)
1.66M USDT → 789 ETH (Uniswap V4)
2.02M USDC → 948 ETH (MetaMask Swaps)
1.5M USDT → 703 ETH (MetaMask Swaps)
2M USDT → 938 ETH (MetaMask Swaps)
808K USDT → 384 ETH
760K USDT → 362 ETH
656K USDT → 312 ETH
370K USDT → 174 ETH
Yes @MetaMask Swaps for multi-million dollar legs 😅
wstUSR selling at $0.50-$0.88 on the dollar across different trades, with slippage worsening as liquidity drains. Multiple failed transactions visible on-chain showing the urgency.
Estimated total extraction: $25M+ and counting. The attacker is still actively dumping remaining wstUSR positions as of this post.
For context Resolv had ~$500M+ TVL, an @immunefi bug bounty of $500K, Fireblocks custody integration, and multiple audits including a Sherlock competition.
Audits ≠ security. Monitoring partnerships ≠ prevention.
The core question: how did a 100K USDC requestSwap get authorized as a 50M USR completeSwap?
Someone needs to explain what happened between those two steps.
@PeckShieldAlert @peckshield @SlowMist_Team @hypaboreal you may want to take a look 👀
My net worth peaked at $1.2 million.
None of it was real.
I don't mean that philosophically. I mean it was located on servers that have since been turned off.
I own eleven properties in the metaverse. Three in Decentraland. Four in The Sandbox. Two in Voxels. One in Otherside. And a beachfront villa in Horizon Worlds that I bought for $214,000 because Mark Zuckerberg called it "the next frontier."
The frontier closed last week.
It's a mobile app now.
Last year I mass DM'd 340 people the phrase "you don't understand how early we are." I have since stopped doing that. Not because I was wrong. Because most of them blocked me.
I got into metaverse real estate in November 2021. Everyone was buying. Someone paid $450,000 to be Snoop Dogg's neighbor. In a video game. With no legs.
The avatars didn't have legs.
I thought that was bullish. "The legs are coming," I told my Discord. "Legs are a roadmap item." Three hundred people reacted with rocket emojis.
I called myself a "digital land baron."
I put it in my Twitter bio.
I put it in my LinkedIn headline.
I said it on a podcast that had eleven listeners. Three of them were bots. The rest were my alts.
My virtual property has more square footage than my actual apartment.
My actual apartment has furniture.
Location, location, location.
My most valuable asset was a plot next to a virtual Gucci store. Gucci left in 2023. The store is still there. Nobody's in it. It's like a mall in Ohio but with worse graphics and no food court.
I held.
Diamond hands.
That's what we said. "Diamond hands." It means refusing to sell while your investment loses 94% of its value. We turned financial paralysis into a personality trait.
A guy in my Discord paid $2.4 million for a 618-parcel estate in Decentraland. Prime district. High foot traffic. I asked him what "foot traffic" meant when the platform had 38 daily active users.
He said I didn't understand the technology.
I didn't.
I still bought more.
We had a DAO. A decentralized autonomous organization. That means we voted on decisions. There were nine of us. Three never showed up. Two voted on everything without reading it. The other four were me and my alts.
We voted to "acquire strategic parcels."
The vote passed unanimously.
I voted four times.
My portfolio peaked at $1.2 million. I told everyone. I made a spreadsheet. I projected 40x returns by 2025. I made a pitch deck. The pitch deck had a slide that said "WE ARE BUILDING THE DIGITAL ECONOMY."
The slide had a rocket emoji.
That was my entire financial model.
In 2023 I bought a Bored Ape for $189,000.
It's worth $14,000 now.
I don't talk about the Ape.
I still use it as my profile picture. People ask me about it. I say "I'm long-term bullish." Long-term bullish means I can't sell it without crying in a Panera.
My mom asked me what a Bored Ape was.
I said "digital art on the blockchain."
She asked why it cost more than her car.
I said "you don't understand Web3."
She said "I understand you live in a studio apartment."
She's not in my Discord.
Justin Bieber bought one for $1.3 million.
It's worth about $90,000 now.
I felt better about mine after I heard that.
That's community.
WAGMI. We're All Gonna Make It. We said that every day. In the group chat. While the floor dropped. While the volume dried up. While 95% of all NFT collections went to zero.
We're all gonna make it.
None of us made it.
But we said it with conviction and a laser-eye profile picture. That counts for something.
It doesn't.
But we said it did. That's decentralized consensus.
Meta spent $84 billion on the metaverse.
I need to say that again.
$84 billion.
More than the GDP of Luxembourg. More than the GDP of Iceland, Luxembourg, and Malta combined. They spent it on a platform where the avatars had no legs, the graphics looked like a 2006 Wii game, and the peak user count was lower than the lunch rush at a Chipotle in Des Moines.
They just pulled Horizon Worlds from VR headsets.
It lives on as a mobile app.
My beachfront villa is now a mobile app.
Location, location, location.
Zuckerberg renamed the entire company for this. Facebook became Meta. A $900 billion company changed its legal name because the CEO watched Ready Player One and said "I want that."
Reality Labs lost $10 billion in 2021. $14 billion in 2022. $16 billion in 2023. $18 billion in 2024. $19 billion in 2025.
That's not a strategy. That's a speedrun.
They laid off 1,500 Reality Labs employees this year. Shut down three VR studios. Killed Supernatural. Put the entire VR social vision in a casket and said "we're pivoting to AI and wearables."
The pivot took four years and $84 billion.
I pivoted too.
I'm an AI real estate investor now.
I bought a virtual plot in an AI-generated world that doesn't exist yet. The founder said it was "the intersection of spatial computing and large language models."
I don't know what that means.
I gave him $40,000.
He has a whitepaper. It's 47 pages. I read the title and the tokenomics section. The tokenomics section is a pie chart. I love pie charts. They make everything look like a plan.
The project has a roadmap. Q1: "Build community." Q2: "Launch beta." Q3: "Scale ecosystem." Q4 is blank.
Q4 is always blank.
That's where the exit scam goes.
My accountant asked me to value my metaverse portfolio for tax purposes.
I said $1.2 million.
He said "current market value."
I said $6,400.
He stared at me for eleven seconds.
I know because I counted.
He asked if I had any other investments.
I showed him my NFTs.
He stared for longer.
I told him they were "cultural artifacts with long-term provenance."
He asked if I'd considered a 401k.
I told him a 401k was "legacy finance."
He told me to leave his office.
The metaverse is dead.
I don't accept that.
I am a digital land baron. I own eleven properties across four platforms. I have a beachfront villa in a mobile app, a plot next to an empty Gucci store, and a cartoon monkey that cost me more than my actual car.
Location, location, location.
The location is nowhere.
But I'm early.
I'm always early.
That's the same as being wrong except you get to say it with confidence.
Earlier today, a user attempted to buy AAVE using $50M USDT through the Aave interface.
Given the unusually large size of the single order, the Aave interface, like most trading interfaces, warned the user about extraordinary slippage and required confirmation via a checkbox. The user confirmed the warning on their mobile device and proceeded with the swap, accepting the high slippage, which ultimately resulted in receiving only 324 AAVE in return.
The transaction could not be moved forward without the user explicitly accepting the risk through the confirmation checkbox.
The CoW Swap routers functioned as intended, and the integration followed standard industry practices. However, while the user was able to proceed with the swap, the final outcome was clearly far from optimal.
Events like this do occur in DeFi, but the scale of this transaction was significantly larger than what is typically seen in the space.
We sympathize with the user and will try to make a contact with the user and we will return $600K in fees collected from the transaction.
The key takeaway is that while DeFi should remain open and permissionless, allowing users to perform transactions freely, there are additional guardrails the industry can build to better protect users. Our team will be investigating ways to improve these safeguards going forward.
This video really puts life into perspective.
Don't take time with your loved ones for granted. Don't look at charts 24/7.
Balance is key.
https://t.co/1sp1h8X1An
Another oracle related incident, this time on Aave.
$27M worth of wstETH wrongly liquidated due to a safeguard configuration problem.
It's a lesson that even guardrails can be a problem, with the inconvenience that they are seldom tested in prod.
More info below...
https://t.co/PDUI6U3LqX
https://t.co/u51Dwct4VK
So the reason this Polymarket “prediction market” is performing so insanely high is because there’s a second market asking if this market will go above 5%. People in the derivative market are manipulating this market. Which defeats the public policy case for prediction markets…
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers