Olivia
Online
Trader Xploit
@TraderXploit
Trader & Investor | Bitcoin
Made in 🇩🇪
Joined March 2013
186 Following
85 Followers
250 Posts
Pinned Tweet
Bought more $Burnie
Still holding 100% of my $Burnie allocation.
Won’t even think about taking profits under 500M market cap.
A common question we're getting on the Drift relaunch is: why is it taking so long? Why do you even need a 'relaunch' when it was already live?
One of the biggest decisions early on was: new program or reuse the old one? We decided to launch with an entirely new program/program ID. Why?
1. The existing program's state was in limbo after the hack. It didn't fully resolve the liquidations because the exploiter's collateral was never marked to 0. We wouldn't want to muddy that state, because it is needed to snapshot what everyone is owed.
2. Security is not something you can just strap on - it takes thoughtful design from the outset. Adding extra security means making breaking changes to on-chain state. Making these changes while providing a migration path for existing state is 10x harder.
An analogy - code is like a Jenga tower. Security is at the bottom of the tower. It is very hard to change the blocks at the bottom without toppling the tower. If the code is not in production, though, you can simply put the top part of the tower off to the side and fix the bottom.
Next. Why is it taking so long? Part of making a program more secure is lowering the attack surface. Over the years, Drift developers were forced to make less-than-ideal design decisions in order to not change existing code in a non backwards compatible way. In tech circles, we call this accumulating 'tech debt'. Now that the program needs to be completely re-audited from scratch, that debt not only adds heaps of time and cost to the audit schedule, it also increases the attack surface and makes the code hard to reason about.
Is this a complete rewrite? No. That would take far too long, and would be unproductive as it would lose all of the hard-fought lessons built into the existing code. Think of it more as mowing the lawn. It's overgrown, and there are weeds everywhere. I'm whacking the legacy problem sections I can find, and trying to make the code easier to audit. I'm not going to catch everything, or have time to fix all tech debt, but I'm fixing all of the top offenders.
I'll share more in later tweets of specific changes I've been making, as I want to be as transparent as possible.
The most interesting piece of Drift protocol, that nobody else is doing, is that you earn yield on collateral while trading perps. Degens swinging +/- 25% in a day don't care about this feature, but professional traders running long-term strategies do. Capital efficiency wins.
Who to follow
♠A
@Spade_Aceee
❤BBC❤ #blackededit 随缘更新,可以私信��图,说不定就做了呢(
Mika on rails
@MikayKpk
everything on rails (trains, trams, models, simulators) | Natursüß |
❤️💜💙🌈| 💛🍓🐈
Black Pants Studio
@blackpantsgames
Indie game developer out of Berlin. Creators of Tiny & Big, About Love, Hate & The Other Ones, On Rusty Trails, and many more.
Completely fair, and thank you for taking the time to write it. I'm obviously joining post-exploit but I can tell you what I've seen internally.
The team is devastated at the loss, and are absolutely sorry; however, I think there's limitations on how much they can engage due to legal concerns and personal liability. I am (hopefully) more insulated from that. But even if I'm not, I think you all deserve answers.
The fact is you are correct, this was an operational failure and could have been prevented in any number of ways. It sucks that protocol devs have to compete against State-level Actors like North Korea. But those are the stakes and there are well-defined ways you can cope; for example, hiring external security teams. Which is something Drift was in the process of doing pre-hack.
The truth is that there are several dimensions to a successful startup. BD, Marketing, Engineering, Security, Risk, etc. One of the things that has struck me entering into this endeavor is how strong some areas are vs others. You expect black and white. With a 2/5 multisig I was expecting to see a litany of issues from risk mitigation to sloppy code. I was surprised to find very thoughtful designs, risk, and generally good decision making.
The remaining leadership on the team after the engineering cofounders left was entirely business-side, with blind spots on how to check their engineering org's security posture. They correctly assessed that they needed to hire an external firm, but they came to that conclusion far too late. This isn't me excusing them. The buck stops at the leadership level. Just explaining what I see has happened. Too little too late is not an excuse.
In lieu of public apologies, I instead offer you action. My very first question to leadership was "why tf are you even trying to relaunch? You could just go get jobs elsewhere." People have contested this fact, but just look at how many high level FTX employees are leading successful careers at other companies. The fact is, relaunching when you have 0 upside until you dig out of a hundreds of millions of dollars hole is patently insane.
Cindy, despite the unbelievable levels of toxicity that has been thrown her way for being a women (this would have broken most people), was unrelentingly optimistic. She truly believes we can build something so successful it will pay the users back. When VCs are looking for the best founders, this is a top trait. I tend to be pessimistic, it's why I wasn't great as a founder 😅
David told me he just wants to leave the space better than he found it, and that this is the best way to achieve that regardless of whether it cost him personally.
The people you want to quit/be fired are insanely competent in 9/10 of the dimensions the protocol needs. That's why it was so successful in the past, and that's why no other perps protocol on Solana has come close. Their failure was in filling the blindspots.
I don't think the important part here is in rolling heads. That will make people feel better, but materially hurt the chances of recovering funds. The important part here is making sure something like this can never happen again. Part of that was hiring me, but I am also the first to admit I am not a silver bullet. Nobody is. Nor do I want to be, main characters always get taken down. We're fighting state actors. That's why we have @asymmetric_re and @osec_io at our side, watching our backs. Because the only way for me to sleep soundly at night is knowing there's an army between us and the state actors. I don't care what that costs, that's the expense of running a high TVL protocol.
As far as economics of the payback, and what happens going forward I'm happy to discuss the mechanics. We all know this is a long shot. Merely earning the same revenue as before does not pay back users in a timely manner. We have to hit it out of the park, and I fully intend on doing that. Part of doing that is earning the trust back, brick by brick. I don't expect you to forgive Drift. I don't expect you to forgive the founders. And I don't expect you to use the product because I wrote you a long tweet.
I'm going to be here, in the trenches, along with the rest of the team rebuilding in the open. I'm going to talk publicly about every security measure I add, and people can decide for themselves whether to move forward. I will absolutely not fault anyone who never wants to use anything Drift-related again. If we relaunch to dust and echoes, it is what it is. But we have to try. I genuinely do hope you can recover your funds and the hurt reputation. None of this is easy.
Today we published a protocol update, providing the latest on where we are on relaunch and a path to user recovery.
Excited to announce that @redacted_noah, one of Solana’s top smart contract engineers, will be joining Drift as Head of Protocol and previous members of the @gauntlet_xyz team contributing their risk expertise are meaningful additions as we gear up to bring the platform back online. Drift will relaunch as the largest USDT-based perps exchange on Solana, with a focus on scalable security and performance.
We know our users are still carrying real losses, and that has not left our focus for a moment. We are committed to building Drift into the platform this ecosystem deserves and drive full user recovery. Relaunch is where that work begins in earnest.
Full update: https://t.co/HSYqdfZ9bZ
Today we are sharing an update on Drift recovery and relaunch
https://t.co/pn4121cUp3
Crypto 🤝 Agents 🤝 @solana_ai
Toly took Griffain from 6m to 600m
Who’s to say he won’t do it again with $burnie?
Bro did he really just call in an air strike with a frog 😭
It's vital you all take the time to read this. I want to explain to you
In Crypto, we have some Influencer Sleuths, that have answers for all the exploits. Except the answers they give aren't actually the real truth. At best, they are half truths. You see, these influencers play a paid role for the biggest criminals in Crypto. They are employed by both the best analytic companies, and by criminals at the same time. Positioned perfectly with the best tools, and the positional power to control the message.
Their job is to get you, and everyone in Crypto to Trust them. That they have the answers, and they are who you need to go to when you need help. You see, if they can keep you believing them, and they can offer up a solution to every exploit, then you don't need to look into it any further. They don't speak positively or engage in conversations with most other sleuths. They play their role. Protect their territory, and when someone steals from their ecosystem, that wasn't in their criminal org, they go after them and out them. This is how they behave. Much like a Cartel would if you came and did your criminal business in their territory. These multi-millionaire sleuths, both protect their turf, and are involved in robbing the turf at the same time. I won't name names, but if you pay attention, you will know who it is I am talking about. Think about what I'm telling you as you see how they behave and act.
They publicly attack me because they fear me. They fear a voice that others can go to that isn't corrupt. That they can't control the message of. Its undoubtedly their biggest fear. Their is a reason they don't DM to talk about research, or question something posted, like any professional sleuth would do. They choose to publicly attack, and use their bot network to try to convince the masses to not listen to the Truth, but rather listen to them.
Their cover becomes weaker as my evidence becomes stronger. As my community of friends and followers grow, and my network of collaborators expands, their voice and story becomes much weaker. Its weakening by the day.
Every so often, when I post something too close to home, or even if I investigate using one of the tools they have part ownership in, they will attack me, publicly, and go as far as felony intimidation. This hit a little too close to home when I revealed the FTX drainers.
My ask is that you become aware, and think for yourself. Don't fall for their charade. Yes, they can sleuth really great when they are protecting their territory, but be careful not to fall for the Wolf in Sheeps clothing.
Always stay curious my Friends
💄
i'm gonna be honest.
8.2M for $BURNIE keeps me up at night.
not from stress.
from excitement.
this man has been fighting billionaires
his entire life.
now the biggest billionaire on earth
owns the platform.
and bernie is the villain of the story.
you cannot write a better narrative.
hollywood couldn't write this.
boden ran to 800M.
boden didn't have elon as the villain.
boden didn't have toly behind it.
boden didn't have this energy.
8.2M is a gift.
a straight up gift.
one moment.
one debate.
one viral clip.
and everyone who laughed at 8.2M
goes very quiet.
i've seen this before.
loaded accordingly.
good morning comrades
Comrade, the next steps are clear:
Identify the Kulaks (successful traders and early holders) and liquidate their bags for the collective.
Create a Central Committee to approve all new tokens and decide who is allowed to make profit.
Implement forced redistribution: if your memecoin does too well, 70% goes to the community wallet.
Ban private wallets above a certain size. Hoarding is counter-revolutionary.
Introduce 5-year plans with production quotas for shitcoins.
This is how real collectivism is built.
The 5 year plan is perfect. ☭
Comrade, every time technology threatens to make production cheaper and goods more abundant, we have always stood in the way.
We did it with factories, we did it with machines, and now we are doing it with AI and automation.
We in the bureaucratic elite understand the danger very well.
Abundance makes people harder to control.
Scarcity and dependence are much more stable.
This is why we must continue opposing these developments.
Equally limited. Equally dependent. Equally obedient.
The 5 year plan is perfect. ☭
Still holding 100% of my $Burnie allocation.
Still holding 100% of my $Burnie allocation.
Won’t even think about taking profits under 500M market cap.
@solana $Burnie
@Rothmus Memes
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers