Key Takeaways:

Another hack. This time was different. This is a doozy.

Why? Nomad got exploited for $190m. It was crypto's 5th-biggest hack. Ouch.

It wasn't hackers, but random folks. What happened:

A Nomad smart contract flaw was discovered. They couldn't drain the funds at once, so they tried numerous transactions. Rookie!

People noticed and copied the attack.

They just needed to discover a working transaction, substitute the other person's address with theirs, and run it.

In a two-and-a-half-hour attack, $190M was siphoned from Nomad Bridge.

Nomad is a novel approach to blockchain interoperability that leverages an optimistic mechanism to increase the security of cross-chain communication.  — nomad.xyz

This hack was permissionless, therefore anyone could participate.

After the fatal blow, people fought over the scraps.

Cross-chain bridges remain a DeFi weakness and exploit target. When they collapse, it's typically total.

$190M...gobbled.

Unbacked assets are hurting Nomad-dependent chains. Moonbeam, EVMOS, and Milkomeda's TVLs dropped.

This incident is every-man-for-himself, although numerous whitehats exploited the issue... 

But what triggered the feeding frenzy?

How did so many pick the bones?

After a normal upgrade in June, the bridge's Replica contract was initialized with a severe security issue. The  0x00 address was a trusted root, therefore all messages were valid by default.

After a botched first attempt (costing $350k in gas), the original attacker's exploit tx called process() without first 'proving' its validity.

The process() function executes all cross-chain messages and checks the merkle root of all messages (line 185).

The upgrade caused transactions with a'messages' value of 0 (invalid, according to old logic) to be read by default as 0x00, a trusted root, passing validation as 'proven'

Any process() calls were valid. In reality, a more sophisticated exploiter may have designed a contract to drain the whole bridge.

Copycat attackers simply copied/pasted the same process() function call using Etherscan, substituting their address.

The incident was a wild combination of crowdhacking, whitehat activities, and MEV-bot (Maximal Extractable Value) mayhem.

For example, 🍉🍉🍉. eth stole $4M from the bridge, but claims to be whitehat.

Others stood out for the wrong reasons. Repeat criminal Rari Capital (Artibrum) exploited over $3M in stablecoins, which moved to Tornado Cash.

The top three exploiters (with 95M between them) are:

$47M: 0x56D8B635A7C88Fd1104D23d632AF40c1C3Aac4e3

$40M: 0xBF293D5138a2a1BA407B43672643434C43827179

$8M: 0xB5C55f76f90Cc528B2609109Ca14d8d84593590E

Here's a list of all the exploiters:

The project conducted a Quantstamp audit in June; QSP-19 foreshadowed a similar problem.

The auditor's comments that "We feel the Nomad team misinterpreted the issue" speak to a troubling attitude towards security that the project's "Long-Term Security" plan appears to confirm:

Concerns were raised about the team's response time to a live, public exploit; the team's official acknowledgement came three hours later.

"Removing the Replica contract as owner" stopped the exploit, but it was too late to preserve the cash.

Closed blockchain systems are only as strong as their weakest link.

The Harmony network is in turmoil after its bridge was attacked and lost $100M in late June.

What's next for Nomad's ecosystems?

Moonbeam's TVL is now $135M, EVMOS's is $3M, and Milkomeda's is $20M.

Loss of confidence may do more damage than $190M.

Cross-chain infrastructure is difficult to secure in a new, experimental sector. Bridge attacks can pollute an entire ecosystem or more.

Nomadic liquidity has no permanent home, so consumers will always migrate in pursuit of the "next big thing" and get stung when attentiveness wanes.

DeFi still has easy prey...

Sources: rekt.news & The Milk Road.

WRITE FOR THE WEB3

Why web3’s messaging is lost and how crypto winter is growing growth seeds

People interested in crypto, blockchain, and web3 typically read Bitcoin and Ethereum's white papers. It's a good idea. Documents produced for developers and academia aren't always the ideal resource for beginners.

Given the surge of extremely technical material and the number of fly-by-nights, rug pulls, and other scams, it's little wonder mainstream audiences regard the blockchain sector as an expensive sideshow act.

What's the solution?

Web3 needs more than just builders.

After joining TikTok, I followed Amy Suto of SutoScience. Amy switched from TV scriptwriting to IT copywriting years ago. She concentrates on web3 now. Decentralized autonomous organizations (DAOs) are seeking skilled copywriters for web3.

Amy has found that web3's basics are easy to grasp; you don't need technical knowledge. There's a paradigm shift in knowing the basics; be persistent and patient.

Apple is positioning itself as a data privacy advocate, leveraging web3's zero-trust ethos on data ownership.

Finn Lobsien, who writes about web3 copywriting for the Mirror and Twitter, agrees: acronyms and abstractions won't do.

Web3 preached to the choir. Curious newcomers have only found whitepapers and scams when trying to learn why the community loves it. No wonder people resist education and buy-in.

Due to the gender gap in crypto (Crypto Bro is not just a stereotype), it attracts people singing to the choir or trying to cash in on the next big thing.

Last year, the industry was booming, so writing wasn't necessary. Now that the bear market has returned (for everyone, but especially web3), holding readers' attention is a valuable skill.

White papers and the Web3

Why does web3 rely so much on non-growth content?

Businesses must polish and improve their messaging moving into the 2022 recession. The 2021 tech boom provided such a sense of affluence and (unsustainable) growth that no one needed great marketing material. The market found them.

This was especially true for web3 and the first-time crypto believers. Obviously. If they knew which was good.

White papers help. White papers are highly technical texts that walk a reader through a product's details. How Does a White Paper Help Your Business and That White Paper Guy discuss them.

They're meant for knowledgeable readers. Investors and the technical (academic/developer) community read web3 white papers. White papers are used when a product is extremely technical or difficult to assist an informed reader to a conclusion. Web3 uses them most often for ICOs (initial coin offerings).

White papers for web3 education help newcomers learn about the web3 industry's components. It's like sending a first-grader to the Annotated Oxford English Dictionary to learn to read. It's a reference, not a learning tool, for words.

Newcomers can use platforms that teach the basics. These included Coinbase's Crypto Basics tutorials or Cryptochicks Academy, founded by the mother of Ethereum's inventor to get more women utilizing and working in crypto.

Discord and Web3 communities

Discord communities are web3's opposite. Discord communities involve personal communications and group involvement.

Online audience growth begins with community building. User personas prefer 1000 dedicated admirers over 1 million lukewarm followers, and the language is much more easygoing. Discord groups are renowned for phishing scams, compromised wallets, and incorrect information, especially since the crypto crisis.

White papers and Discord increase industry insularity. White papers are complicated, and Discord has a high risk threshold.

Web3 and writing ads

Copywriting is emotional, but white papers are logical. It uses the brain's quick-decision centers. It's meant to make the reader invest immediately.

Not bad. People think sales are sleazy, but they can spot the poor things.

Ethical copywriting helps you reach the correct audience. People who gain a following on Medium are likely to have copywriting training and a readership (or three) in mind when they publish. Tim Denning and Sinem Günel know how to identify a target audience and make them want to learn more.

In a fast-moving market, copywriting is less about long-form content like sales pages or blogs, but many organizations do. Instead, the copy is concise, individualized, and high-value. Tweets, email marketing, and IM apps (Discord, Telegram, Slack to a lesser extent) keep engagement high.

What does web3's messaging lack? As DAOs add stricter copyrighting, narrative and connecting tales seem to be missing.

Web3 is passionate about constructing the next internet. Now, they can connect their passion to a specific audience so newcomers understand why.

UST depegs and LUNA crashes 99.999% in a fraction of the time it takes the Moon to orbit the Earth.

Fat Man, a Terra whistle-blower, promises to expose Do Kwon's dirty secrets and shady deals.

The Terra community has voted to relaunch Terra LUNA on a new blockchain. The Terra 2.0 Pheonix-1 blockchain went live on May 28, 2022, and people were airdropped the new LUNA, now called LUNA, while the old LUNA became LUNA Classic.

Does LUNA deserve another chance? To answer this, or at least start a conversation about the Terra 2.0 chain's advantages and limitations, we must assess its fundamentals, ideology, and long-term vision.

Whatever the result, our analysis must be thorough and ruthless. A failure of this magnitude cannot happen again, so we must magnify every potential breaking point by 10.

Will UST and LUNA holders be compensated in full?

The obvious. First, and arguably most important, is to restore previous UST and LUNA holders' bags.

Terra 2.0 has 1,000,000,000,000 tokens to distribute.

• 25% of a community pool

• Holders of pre-attack LUNA: 35%

• 10% of aUST holders prior to attack

• Holders of LUNA after an attack: 10%

• UST holders as of the attack: 20%

Every LUNA and UST holder has been compensated according to the above proposal.

According to self-reported data, the new chain has 210.000.000 tokens and a $1.3bn marketcap. LUNC and UST alone lost $40bn. The new token must fill this gap. Since launch:

LUNA holders collectively own $1b worth of LUNA if we subtract the 25% community pool airdrop from the current market cap and assume airdropped LUNA was never sold.

At the current supply, the chain must grow 40 times to compensate holders. At the current supply, LUNA must reach $240.

LUNA needs a full-on Bull Market to make LUNC and UST holders whole.

Who knows if you'll be whole? From the time you bought to the amount and price, there are too many variables to determine if Terra can cover individual losses.

The above distribution doesn't consider individual cases. Terra didn't solve individual cases. It would have been huge.

What does LUNA offer in terms of value?

UST's marketcap peaked at $18bn, while LUNC's was $41bn. LUNC and UST drove the Terra chain's value.

After it was confirmed (again) that algorithmic stablecoins are bad, Terra 2.0 will no longer support them.

Algorithmic stablecoins contributed greatly to Terra's growth and value proposition. Terra 2.0 has no product without algorithmic stablecoins.

Terra 2.0 has an identity crisis because it has no actual product. It's like Volkswagen faking carbon emission results and then stopping car production.

A project that has already lost the trust of its users and nearly all of its value cannot survive without a clear and in-demand use case.

Do Kwon, how about him?

Oh, the Twitter-caller-poor? Who challenges crypto billionaires to break his LUNA chain? Who dissolved Terra Labs South Korea before depeg? Arrogant guy?

That's not a good image for LUNA, especially when making amends. I think he should step down and let a nicer person be Terra 2.0's frontman.

The verdict

Terra has a terrific community with an arrogant, unlikeable leader. The new LUNA chain must grow 40 times before it can start making up its losses, and even then, not everyone's losses will be covered.

I won't invest in Terra 2.0 or other algorithmic stablecoins in the near future. I won't be near any Do Kwon-related project within 100 miles. My opinion.

Can Terra 2.0 be saved? Comment below.

Tesla Q2 earnings revealed unethical dealings.

As of end of Q2, we have converted approximately 75% of our Bitcoin purchases into fiat currency

That’s OK then, isn’t it?

Elon Musk, Tesla's CEO, is now untrustworthy.

It’s not about infidelity, it’s about doing the right thing

And what can we learn?

The Opening Remark

Musk tweets on his (and Tesla's) future goals.

Don’t worry, I’m not expecting you to read it.

What's crucial?

Tesla will not be selling any Bitcoin

The Situation as It Develops

2021 Tesla spent $1.5 billion on Bitcoin. In 2022, they sold 75% of the ownership for $946 million.

That’s a little bit of a waste of money, right?

Musk predicted the reverse would happen.

What gives? Why would someone say one thing, then do the polar opposite?

The Justification For Change

Tesla's public. They must follow regulations. When a corporation trades, they must record what happens.

At least this keeps Musk some way in line.

We now understand Musk and Tesla's actions.

Musk claimed that Tesla sold bitcoins to maximize cash given the unpredictability of COVID lockdowns in China.

Tesla may buy Bitcoin in the future, he said.

That’s fine then. He’s not knocking the NFT at least.

Tesla has moved investments into cash due to China lockdowns.

That doesn’t explain the 180° though

Musk's Tweet isn't company policy. Therefore, the CEO's change of heart reflects the organization. Look.

That's okay, since

Leaders alter their positions when circumstances change.

Leaders must adapt to their surroundings. This isn't embarrassing; it's a leadership prerequisite.

Yet

The Man

Someone stated if you're not in the office full-time, you need to explain yourself. He doesn't treat his employees like adults.

This is the individual mentioned in the quote.

If Elon was not happy, you knew it. Things could get nasty

also, He fired his helper for requesting a raise.

This public persona isn't good. Without mentioning his disastrous performances on Twitter (pedo dude) or Joe Rogan. This image sums up the odd Podcast appearance:

Which describes the man.

I wouldn’t trust this guy to feed a cat

What we can discover

When Musk's company bet on Bitcoin, what happened?

Exactly what we would expect

The company's position altered without the CEO's awareness. He seems uncaring.

This article is about how something happened, not what happened. Change of thinking requires contrition.

This situation is about a lack of respect- although you might argue that followers on Twitter don’t deserve any

Tesla fans call the sale a great move.

It's absurd.

As you were, then.

Conclusion

Good luck if you gamble.

When they pay off, congrats!

When wrong, admit it.

• You must take chances if you want to succeed.

• Risks don't always pay off.

Mr. Musk lacks insight and charisma to combine these two attributes.

I don’t like him, if you hadn’t figured.

It’s probably all of the cheating.

Quitting your job for a side gig isn't smart.

A few years ago, I would have laughed at the idea of starting a side business.

I never thought a side gig could earn more than my 9-to-5. My side gig pays more than my main job now.

You may then tell me to leave your job.  But I don't want to gamble, and my side gig is important. Programming and web development help me write better because of my job.

Yes, I share work-related knowledge. Web development, web3, programming, money, investment, and side hustles are key.

Let me now show you how to make one.

Create a side business based on your profession or your interests.

I'd be direct.

Most people don't know where to start or which side business to pursue.

You can make money by taking online surveys, starting a YouTube channel, or playing web3 games, according to several blogs.

You won't make enough money and will waste time.

Nitin directs our efforts. My friend, you've worked and have talent. Profit from your talent.

Example:

College taught me web development. I soon created websites, freelanced, and made money. First year was hardest for me financially and personally.

As I worked, I became more skilled. Soon after, I got more work, wrote about web development on Medium, and started selling products.

I've built multiple income streams from web development. It wasn't easy. Web development skills got me a 9-to-5 job.

Focus on a specific skill and earn money in many ways. Most people start with something they hate or are bad at; the rest is predictable.

Result? They give up, frustrated.

Quietly focus for a year.

I started my side business in college and never told anyone. My parents didn't know what I did for fun.

The only motivation is time constraints. So I focused.

As I've said, I focused on my strengths (learned skills) and made money. Yes, I was among Medium's top 500 authors in a year and got a bonus.

How did I succeed? Since I know success takes time, I never imagined making enough money in a month. I spent a year concentrating.

I became wealthy. Now that I have multiple income sources, some businesses pay me based on my skill.

I recommend learning skills and working quietly for a year. You can do anything with this.

The hardest part will always be the beginning.

When someone says you can make more money working four hours a week. Leave that, it's bad advice.

If someone recommends a paid course to help you succeed, think twice.

The beginning is always the hardest.

I made many mistakes learning web development. When I started my technical content side gig, it was tough. I made mistakes and changed how I create content, which helped.

And it’s applicable everywhere.

Don't worry if you face problems at first. Time and effort heal all wounds.

Quitting your job to work a side job is not a good idea.

Some honest opinions.

Most online gurus encourage side businesses. It takes time to start and grow a side business.

Suppose you quit and started a side business.

After six months, what happens? Your side business won't provide enough money to survive.

Indeed. Later, you'll become demotivated and tense and look for work.

Instead, work 9-5, and start a side business. You decide. Stop watching Netflix and focus on your side business.

I know you're busy, but do it.

Next? It'll succeed or fail in six months. You can continue your side gig for another six months because you have a job and have tried it.

You'll probably make money, but you may need to change your side gig.

That’s it.

You've created a new revenue stream.

Remember.

Starting a side business, a company, or finding work is difficult. There's no free money in a competitive world. You'll only succeed with skill.

Read it again.

Focusing silently for a year can help you succeed.

I studied web development and wrote about it. First year was tough. I went viral, hit the top 500, and other firms asked me to write for them. So, my life changed.

Yours can too. One year of silence is required.

Enjoy!

Everyone wants a scalable startup.

Innovation helps launch a startup. The secret to a scalable business is growth trials (from 1 to 100).

Growth marketing combines marketing and product development for long-term growth.

Today, I'll explain growth hacking strategies popular startups used to scale.

1/ A Facebook user's social value is proportional to their friends.

Facebook built its user base using content marketing and paid ads. Mark and his investors feared in 2007 when Facebook's growth stalled at 90 million users.

Chamath Palihapitiya was brought in by Mark.

The team tested SEO keywords and MAU chasing. The growth team introduced “people you may know”

This feature reunited long-lost friends and family. Casual users became power users as the retention curve flattened.

Growth Hack Insights: With social network effect the value of your product or platform increases exponentially if you have users you know or can relate with.

2/ Airbnb - Focus on your value propositions

Airbnb nearly failed in 2009. The company's weekly revenue was $200 and they had less than 2 months of runway.

Enter Paul Graham. The team noticed a pattern in 40 listings. Their website's property photos sucked.

Why?

Because these photos were taken with regular smartphones. Users didn't like the first impression.

Graham suggested traveling to New York to rent a camera, meet with property owners, and replace amateur photos with high-resolution ones.

A week later, the team's weekly revenue doubled to $400, indicating they were on track.

Growth Hack Insights: When selling an “online experience” ensure that your value proposition is aesthetic enough for users to enjoy being associated with them.

3/ Zomato - A company's smartphone push ensured growth.

Zomato delivers food. User retention was a challenge for the founders. Indian food customers are notorious for switching brands at the drop of a hat.

Zomato wanted users to order food online and repeat orders throughout the week.

Zomato created an attractive website with “near me” keywords for SEO indexing.

Zomato gambled to increase repeat orders. They only allowed mobile app food orders.

Zomato thought mobile apps were stickier. Product innovations in search/discovery/ordering or marketing campaigns like discounts/in-app notifications/nudges can improve user experience.

Zomato went public in 2021 after users kept ordering food online.

Growth Hack Insights: To improve user retention try to build platforms that build user stickiness. Your product and marketing team will do the rest for them.

4/ Hotmail - Signaling helps build premium users.

Ever sent or received an email or tweet with a sign — sent from iPhone?

Hotmail did it first! One investor suggested Hotmail add a signature to every email.

Overnight, thousands joined the company. Six months later, the company had 1 million users.

When serving an existing customer, improve their social standing. Signaling keeps the top 1%.

5/ Dropbox - Respect loyal customers

Dropbox is a company that puts people over profits. The company prioritized existing users.

Dropbox rewarded loyal users by offering 250 MB of free storage to anyone who referred a friend. The referral hack helped Dropbox get millions of downloads in its first few months.

Growth Hack Insights: Think of ways to improve the social positioning of your end-user when you are serving an existing customer. Signaling goes a long way in attracting the top 1% to stay.

These experiments weren’t hacks. Hundreds of failed experiments and user research drove these experiments. Scaling up experiments is difficult.

Contact me if you want to grow your startup's user base.