Key Takeaways:

Another hack. This time was different. This is a doozy.

Why? Nomad got exploited for $190m. It was crypto's 5th-biggest hack. Ouch.

It wasn't hackers, but random folks. What happened:

A Nomad smart contract flaw was discovered. They couldn't drain the funds at once, so they tried numerous transactions. Rookie!

People noticed and copied the attack.

They just needed to discover a working transaction, substitute the other person's address with theirs, and run it.

In a two-and-a-half-hour attack, $190M was siphoned from Nomad Bridge.

Nomad is a novel approach to blockchain interoperability that leverages an optimistic mechanism to increase the security of cross-chain communication.  — nomad.xyz

This hack was permissionless, therefore anyone could participate.

After the fatal blow, people fought over the scraps.

Cross-chain bridges remain a DeFi weakness and exploit target. When they collapse, it's typically total.

$190M...gobbled.

Unbacked assets are hurting Nomad-dependent chains. Moonbeam, EVMOS, and Milkomeda's TVLs dropped.

This incident is every-man-for-himself, although numerous whitehats exploited the issue... 

But what triggered the feeding frenzy?

How did so many pick the bones?

After a normal upgrade in June, the bridge's Replica contract was initialized with a severe security issue. The  0x00 address was a trusted root, therefore all messages were valid by default.

After a botched first attempt (costing $350k in gas), the original attacker's exploit tx called process() without first 'proving' its validity.

The process() function executes all cross-chain messages and checks the merkle root of all messages (line 185).

The upgrade caused transactions with a'messages' value of 0 (invalid, according to old logic) to be read by default as 0x00, a trusted root, passing validation as 'proven'

Any process() calls were valid. In reality, a more sophisticated exploiter may have designed a contract to drain the whole bridge.

Copycat attackers simply copied/pasted the same process() function call using Etherscan, substituting their address.

The incident was a wild combination of crowdhacking, whitehat activities, and MEV-bot (Maximal Extractable Value) mayhem.

For example, 🍉🍉🍉. eth stole $4M from the bridge, but claims to be whitehat.

Others stood out for the wrong reasons. Repeat criminal Rari Capital (Artibrum) exploited over $3M in stablecoins, which moved to Tornado Cash.

The top three exploiters (with 95M between them) are:

$47M: 0x56D8B635A7C88Fd1104D23d632AF40c1C3Aac4e3

$40M: 0xBF293D5138a2a1BA407B43672643434C43827179

$8M: 0xB5C55f76f90Cc528B2609109Ca14d8d84593590E

Here's a list of all the exploiters:

The project conducted a Quantstamp audit in June; QSP-19 foreshadowed a similar problem.

The auditor's comments that "We feel the Nomad team misinterpreted the issue" speak to a troubling attitude towards security that the project's "Long-Term Security" plan appears to confirm:

Concerns were raised about the team's response time to a live, public exploit; the team's official acknowledgement came three hours later.

"Removing the Replica contract as owner" stopped the exploit, but it was too late to preserve the cash.

Closed blockchain systems are only as strong as their weakest link.

The Harmony network is in turmoil after its bridge was attacked and lost $100M in late June.

What's next for Nomad's ecosystems?

Moonbeam's TVL is now $135M, EVMOS's is $3M, and Milkomeda's is $20M.

Loss of confidence may do more damage than $190M.

Cross-chain infrastructure is difficult to secure in a new, experimental sector. Bridge attacks can pollute an entire ecosystem or more.

Nomadic liquidity has no permanent home, so consumers will always migrate in pursuit of the "next big thing" and get stung when attentiveness wanes.

DeFi still has easy prey...

Sources: rekt.news & The Milk Road.

James Howells lost 8,000 bitcoins. He has $11 million to get them back.

His life altered when he threw out an iPhone-sized hard drive.

Howells, from the city of Newport in southern Wales, had two identical laptop hard drives squirreled away in a drawer in 2013. One was blank; the other had 8,000 bitcoins, currently worth around $181 million.

He wanted to toss out the blank one, but the drive containing the Bitcoin went to the dump.

He's determined to reclaim his 2009 stash.

Howells, 36, wants to arrange a high-tech treasure hunt for bitcoins. He can't enter the landfill.

Newport's city council has rebuffed Howells' requests to dig for his hard drive for almost a decade, stating it would be expensive and environmentally destructive.

I got an early look at his $11 million idea to search 110,000 tons of trash. He expects submitting it to the council would convince it to let him recover the hard disk.

110,000 tons of trash, 1 hard drive

Finding a hard disk among heaps of trash may seem Herculean.

Former IT worker Howells claims it's possible with human sorters, robot dogs, and an AI-powered computer taught to find hard drives on a conveyor belt.

His idea has two versions, depending on how much of the landfill he can search.

His most elaborate solution would take three years and cost $11 million to sort 100,000 metric tons of waste. Scaled-down version costs $6 million and takes 18 months.

He's created a team of eight professionals in AI-powered sorting, landfill excavation, garbage management, and data extraction, including one who recovered Columbia's black box data.

The specialists and their companies would be paid a bonus if they successfully recovered the bitcoin stash.

Howells: "We're trying to commercialize this project."

Howells claimed rubbish would be dug up by machines and sorted near the landfill.

Human pickers and a Max-AI machine would sort it. The machine resembles a scanner on a conveyor belt.

Remi Le Grand of Max-AI told us it will train AI to recognize Howells-like hard drives. A robot arm would select candidates.

Howells has added security charges to his scheme because he fears people would steal the hard drive.

He's budgeted for 24-hour CCTV cameras and two robotic "Spot" canines from Boston Dynamics that would patrol at night and look for his hard drive by day.

Howells said his crew met in May at the Celtic Manor Resort outside Newport for a pitch rehearsal.

Richard Hammond's narrative swings from banal to epic.

Richard Hammond filmed the meeting and created a YouTube documentary on Howells.

Hammond said of Howells' squad, "They're committed and believe in him and the idea."

Hammond: "It goes from banal to gigantic." "If I were in his position, I wouldn't have the strength to answer the door."

Howells said trash would be cleaned and repurposed after excavation. Reburying the rest.

"We won't pollute," he declared. "We aim to make everything better."

After the project is finished, he hopes to develop a solar or wind farm on the dump site. The council is unlikely to accept his vision soon.

A council representative told us, "Mr. Howells can't convince us of anything." "His suggestions constitute a significant ecological danger, which we can't tolerate and are forbidden by our permit."

Will the recovered hard drive work?

The "platter" is a glass or metal disc that holds the hard drive's data. Howells estimates 80% to 90% of the data will be recoverable if the platter isn't damaged.

Phil Bridge, a data-recovery expert who consulted Howells, confirmed these numbers.

If the platter is broken, Bridge adds, data recovery is unlikely.

Bridge says he was intrigued by the proposal. "It's an intriguing case," he added. Helping him get it back and proving everyone incorrect would be a great success story.

Who'd pay?

Swiss and German venture investors Hanspeter Jaberg and Karl Wendeborn told us they would fund the project if Howells received council permission.

Jaberg: "It's a needle in a haystack and a high-risk investment."

Howells said he had no contract with potential backers but had discussed the proposal in Zoom meetings. "Until Newport City Council gives me something in writing, I can't commit," he added.

Suppose he finds the bitcoins.

Howells said he would keep 30% of the data, worth $54 million, if he could retrieve it.

A third would go to the recovery team, 30% to investors, and the remainder to local purposes, including gifting £50 ($61) in bitcoin to each of Newport's 150,000 citizens.

Howells said he opted to spend extra money on "professional firms" to help convince the council.

What if the council doesn't approve?

If Howells can't win the council's support, he'll sue, claiming its actions constitute a "illegal embargo" on the hard drive. "I've avoided that path because I didn't want to cause complications," he stated. I wanted to cooperate with Newport's council.

Howells never met with the council face-to-face. He mentioned he had a 20-minute Zoom meeting in May 2021 but thought his new business strategy would help.

He met with Jessica Morden on June 24. Morden's office confirmed meeting.

After telling the council about his proposal, he can only wait. "I've never been happier," he said. This is our most professional operation, with the best employees.

The "crypto proponent" buys bitcoin every month and sells it for cash.

Howells tries not to think about what he'd do with his part of the money if the hard disk is found functional. "Otherwise, you'll go mad," he added.

This post is a summary. Read the full article here.

It’s only a loss if you sell, right?

Nayib Bukele proclaimed himself “the world’s coolest dictator”.

His jokes aren't clear.

El Salvador's 43rd president self-proclaimed “CEO of El Salvador” couldn't be less presidential.

His thin jeans, aviator sunglasses, and baseball caps like a cartel lord.

He's popular, though.

Bukele won 53% of the vote by fighting violent crime and opposition party corruption.

El Salvador's 6.4 million inhabitants are riding the cryptocurrency volatility wave.

They were powerless.

Their autocratic leader, a former Yamaha Motors salesperson and Bitcoin believer, wants to help 70% unbanked locals.

He intended to give the citizens a way to save money and cut the country's $200 million remittance cost.

Transfer and deposit costs.

This makes logical sense when the president’s theatrics don’t blind you.

El Salvador's Bukele revealed plans to make bitcoin legal tender.

Remittances total $5.9 billion (23%) of the country's expenses.

Anything that reduces costs could boost the economy.

The country’s unbanked population is staggering. Here’s the data by % of people who either have a bank account (Blue) or a mobile money account (Black).

According to Bukele, 46% of the population has downloaded the Chivo Bitcoin Wallet.

In 2021, 36% of El Salvadorans had bank accounts.

Large rural countries like Kenya seem to have resolved their unbanked dilemma.

An economy surfaced where village locals would sell, trade and store network minutes and data as a store of value.

Kenyan phone networks realized unbanked people needed a safe way to accumulate wealth and have an emergency fund.

96% of Kenyans utilize M-PESA, which doesn't require a bank account.

The software involves human agents who hang out with cash and a phone.

These people are like ATMs.

You offer them cash to deposit money in your mobile money account or withdraw cash.

In a country with a faulty banking system, cash availability and a safe place to deposit it are important.

William Jack and Tavneet Suri found that M-PESA brought 194,000 Kenyan households out of poverty by making transactions cheaper and creating a safe store of value.

2016 Science paper

Mobile money, a service that allows monetary value to be stored on a mobile phone and sent to other users via text messages, has been adopted by most Kenyan households. We estimate that access to the Kenyan mobile money system M-PESA increased per capita consumption levels and lifted 194,000 households, or 2% of Kenyan households, out of poverty.

The impacts, which are more pronounced for female-headed households, appear to be driven by changes in financial behaviour — in particular, increased financial resilience and saving. Mobile money has therefore increased the efficiency of the allocation of consumption over time while allowing a more efficient allocation of labour, resulting in a meaningful reduction of poverty in Kenya.

Currently, El Salvador has 2,301 Bitcoin.

At publication, it's worth $44 million. That remains 41% of Bukele's original $105.6 million.

Unknown if the country has sold Bitcoin, but Bukeles keeps purchasing the dip.

It's still falling.

This might be a fantastic move for the impoverished country over the next five years, if they can live economically till Bitcoin's price recovers.

The evidence demonstrates that a store of value pulls individuals out of poverty, but others say Bitcoin is premature.

You may regard it as an aggressive endeavor to front run the next wave of adoption, offering El Salvador a financial upside.

Scaling your startup requires answering customer demands, not growth tricks.

I cofounded Freedo Rentals in 2019. I reached 50 lakh+ ARR in 6 months before quitting owing to the epidemic.

Freedo aimed to solve 2 customer pain points:

• Users lacked a reliable last-mile transportation option.

• The amount that Auto walas charge for unmetered services

Solution?

Effectively simple.

Build ports at high-demand spots (colleges, residential societies, metros). Electric ride-sharing can meet demand.

We had many problems scaling. I'll explain using the AARRR model.

• Brand unfamiliarity or a novel product offering were the problems with awareness. Nobody knew what Freedo was or what it did.

• Problem with awareness: Content and advertisements did a poor job of communicating the task at hand. The advertisements clashed with the white-collar part because they were too cheesy.

• Retention Issue: We encountered issues, indicating that the product was insufficient. Problems with keyless entry, creating bills, stealing helmets, etc.

• Retention/Revenue Issue: Costly compared to established rivals. Shared cars were 1/3 of our cost.

• Referral Issue: Missing the opportunity to seize the AHA moment. After the ride, nobody remembered us.

Once you know where you're struggling with AARRR, iterative solutions are usually best.

Once you have nailed the AARRR model, most startups use paid channels to scale. This dependence, on paid channels, increases with scale unless you crack your organic/inbound game.

Over-index growth loops. Growth loops increase inflow and customers as you scale.

When considering growth, ask yourself:

• Who is the solution's ICP (Ideal Customer Profile)? (To whom are you selling)

• What are the most important messages I should convey to customers? (This is an A/B test.)

• Which marketing channels ought I prioritize? (Conduct analysis based on the startup's maturity/stage.)

• Choose the important metrics to monitor for your AARRR funnel (not all metrics are equal)

• Identify the Flywheel effect's growth loops (inertia matters)

My biggest mistakes:

• not paying attention to consumer comments or satisfaction. It is the main cause of problems with referrals, retention, and acquisition for startups. Beyond your NPS, you should consider second-order consequences.

• The tasks at hand should be quite clear.

Here's my scaling equation:

Growth = A x B x C

A = Funnel top (Traffic)

B = Product Valuation (Solving a real pain point)

C = Aha! (Emotional response)

Freedo's A, B, and C created a unique offering.

Freedo’s ABC:

A — Working or Studying population in NCR

B — Electric Vehicles provide last-mile mobility as a clean and affordable solution

C — One click booking with a no-noise scooter

Final outcome:

FWe scaled Freedo to Rs. 50 lakh MRR and were growing 60% month on month till the pandemic ceased our growth story.

How we did it?

We tried ambassadors and coupons. WhatsApp was our most successful A/B test.

We grew widespread adoption through college and society WhatsApp groups. We requested users for referrals in community groups.

What worked for us won't work for others. This scale underwent many revisions.

Every firm is different, thus you must know your customers. Needs to determine which channel to prioritize and when.

Users desired a safe, time-bound means to get there.

This (not mine) growth framework helped me a lot. You should follow suit.

Failures inspire young developers

Jason citron created many products.

These products flopped.

Microsoft offered $10 billion for one of these products.

He rejected the offer since he was so confident in his success.

Let’s find out how he built a product that is currently valued at $15 billion.

Early in his youth, Jason began learning to code.

Jason's father taught him programming and IT.

His father wanted to help him earn money when he needed it.

Jason created video games and websites in high school.

Jason realized early on that his IT and programming skills could make him money.

Jason's parents misjudged his aptitude for programming.

Jason frequented online programming communities.

He looked for web developers. He created websites for those people.

His parents suspected Jason sold drugs online. When he said he used programming to make money, they were shocked.

They helped him set up a PayPal account.

Florida higher education to study video game creation

Jason never attended an expensive university.

He studied game design in Florida.

“Higher Education is an interesting part of society… When I work with people, the school they went to never comes up… only thing that matters is what can you do…At the end of the day, the beauty of silicon valley is that if you have a great idea and you can bring it to the life, you can convince a total stranger to give you money and join your project… This notion that you have to go to a great school didn’t end up being a thing for me.”

Jason's life was altered by Steve Jobs' keynote address.

After graduating, Jason joined an incubator.

Jason created a video-dating site first.

Bad idea.

Nobody wanted to use it when it was released, so they shut it down.

He made a multiplayer game.

It was released on Bebo. 10,000 people played it.

When Steve Jobs unveiled the Apple app store, he stopped playing.

The introduction of the app store resembled that of a new gaming console.

Jason's life altered after Steve Jobs' 2008 address.

“Whenever a new video game console is launched, that’s the opportunity for a new video game studio to get started, it’s because there aren’t too many games available…When a new PlayStation comes out, since it’s a new system, there’s only a handful of titles available… If you can be a launch title you can get a lot of distribution.”

Apple's app store provided a chance to start a video game company.

They released an app after 5 months of work.

Aurora Feint is the game.

Jason believed 1000 players in a week would be wonderful. A thousand players joined in the first hour.

Over time, Aurora Feints' game didn't gain traction. They don't make enough money to keep playing.

They could only make enough for one month.

Instead of buying video games, buy technology

Jason saw that they established a leaderboard, chat rooms, and multiplayer capabilities and believed other developers would want to use these.

They opted to sell the prior game's technology.

OpenFeint.

Assisting other game developers

They had no money in the bank to create everything needed to make the technology user-friendly.

Jason and Daniel designed a website saying:

“If you’re making a video game and want to have a drop in multiplayer support, you can use our system”

TechCrunch covered their website launch, and they gained a few hundred mailing list subscribers.

They raised seed funding with the mailing list.

Nearly all iPhone game developers started adopting the Open Feint logo.

“It was pretty wild… It was really like a whole social platform for people to play with their friends.”

What kind of a business model was it?

OpenFeint originally planned to make the software free for all games. As the game gained popularity, they demanded payment.

They later concluded it wasn't a good business concept.

It became free eventually.

Acquired for $104 million

Open Feint's users and employees grew tremendously.

GREE bought OpenFeint for $104 million in April 2011.

GREE initially committed to helping Jason and his team build a fantastic company.

Three or four months after the acquisition, Jason recognized they had a different vision.

He quit.

Jason's Original Vision for the iPad

Jason focused on distribution in 2012 to help businesses stand out.

The iPad market and user base were growing tremendously.

Jason said the iPad may replace mobile gadgets.

iPad gamers behaved differently than mobile gamers.

People sat longer and experienced more using an iPad.

“The idea I had was what if we built a gaming business that was more like traditional video games but played on tablets as opposed to some kind of mobile game that I’ve been doing before.”

Unexpected insight after researching the video game industry

Jason learned from studying the gaming industry that long-standing companies had advantages beyond a single release.

Previously, long-standing video game firms had their own distribution system. This distribution strategy could buffer time between successful titles.

Sony, Microsoft, and Valve all have gaming consoles and online stores.

So he built a distribution system.

He created a group chat app for gamers.

He envisioned a team-based multiplayer game with text and voice interaction.

His objective was to develop a communication network, release more games, and start a game distribution business.

Remaking the video game League of Legends

Jason and his crew reimagined a League of Legends game mode for 12-inch glass.

They adapted the game for tablets.

League of Legends was PC-only.

So they rebuilt it.

They overhauled the game and included native mobile experiences to stand out.

Hammer and Chisel was the company's name.

18 people worked on the game.

The game was funded. The game took 2.5 years to make.

Was the game a success?

July 2014 marked the game's release. The team's hopes were dashed.

Critics initially praised the game.

Initial installation was widespread.

The game failed.

As time passed, the team realized iPad gaming wouldn't increase much and mobile would win.

Jason was given a fresh idea by Stan Vishnevskiy.

Stan Vishnevskiy was a corporate engineer.

He told Jason about his plan to design a communication app without a game.

This concept seeded modern strife.

“The insight that he really had was to put a couple of dots together… we’re seeing our customers communicating around our own game with all these different apps and also ourselves when we’re playing on PC… We should solve that problem directly rather than needing to build a new game…we should start making it on PC.”

So began Discord.

Online socializing with pals was the newest trend.

Jason grew up playing video games with his friends.

He never played outside.

Jason had many great moments playing video games with his closest buddy, wife, and brother.

Discord was about providing a location for you and your group to speak and hang out.

Like a private cafe, bedroom, or living room.

Discord was developed for you and your friends on computers and phones.

You can quickly call your buddies during a game to conduct a conference call. Put the call on speaker and talk while playing.

Discord wanted to give every player a unique experience. Because coordinating across apps was a headache.

The entire team started concentrating on Discord.

Jason decided Hammer and Chisel would focus on their chat app.

Jason didn't want to make a video game.

How Discord attracted the appropriate attention

During the first five months, the entire team worked on the game and got feedback from friends.

This ensures product improvement. As a result, some teammates' buddies started utilizing Discord.

The team knew it would become something, but the result was buggy. App occasionally crashed.

Jason persuaded a gamer friend to write on Reddit about the software.

New people would find Discord. Why not?

Reddit users discovered Discord and 50 started using it frequently.

Discord was launched.

Rejecting the $10 billion acquisition proposal

Discord has increased in recent years.

It sends billions of messages.

Discord's users aren't tracked. They're privacy-focused.

Purchase offer

Covid boosted Discord's user base.

Weekly, billions of messages were transmitted.

Microsoft offered $10 billion for Discord in 2021.

Jason sold Open Feint for $104m in 2011.

This time, he believed in the product so much that he rejected Microsoft's offer.

“I was talking to some people in the team about which way we could go… The good thing was that most of the team wanted to continue building.”

Last time, Discord was valued at $15 billion.

Discord raised money on March 12, 2022.

The $15 billion corporation raised $500 million in 2021.

Don't overcomplicate to-do lists. DWTS (Done, Waiting, Top 3, Soon) organizes your to-dos.

How Are You Going to Manage Everything?

Modern America is busy. Work involves meetings. Anytime, Slack communications arrive. Many software solutions offer a @-mention notification capability. Emails.

Work obligations continue. At home, there are friends, family, bills, chores, and fun things.

How are you going to keep track of it all? Enter the todo list. It’s been around forever. It’s likely to stay forever in some way, shape, or form.

Everybody has their own system. You probably modified something from middle school. Post-its? Maybe it’s an app? Maybe both, another system, or none.

I suggest a format that has worked for me in 15 years of professional and personal life.

Try it out and see if it works for you. If not, no worries. You do you! Hopefully though you can learn a thing or two, and I from you too.

It is merely a Google Doc, yes.

It's a giant list. One task per line. Indent subtasks on a new line. Add or move new tasks as needed.

I recommend using Google Docs. It's easy to use and flexible for structuring.

Prioritizing these tasks is key. I organize them using DWTS (Done, Waiting, Top 3, Soon). Chronologically is good because it implicitly provides both a priority (high, medium, low) and an ETA (now, soon, later).

Yes, I recognize the similarities to DWTS (Dancing With The Stars) TV Show. Although I'm not a fan, it's entertaining. The acronym is easy to remember and adds fun to something dull.

What each section contains

Done

All tasks' endpoint. Finish here. Don't worry about it again.

Waiting

You're blocked and can't continue. Blocked tasks usually need someone. Write Person Task so you know who's waiting.

Blocking tasks shouldn't last long. After a while, remind them kindly. If people don't help you out of kindness, they will if you're persistent.

Top 3

Mental focus areas. These can be short- to mid-term goals or recent accomplishments. 2 to 5 is a good number to stay focused.

Top 3 reminds us to prioritize. If they don't fit your Top 3 goals, delay them.

Every 1:1 at work is a project update. Another chance to list your top 3. You should know your Top 3 well and be able to discuss them confidently.

Soon

Here's your short-term to-do list. Rank them from highest to lowest.

I usually subdivide it with empty lines. First is what I have to do today, then week, then month. Subsections can be arranged however you like.

Inventories by Concept

Tasks that aren’t in your short or medium future go into the backlog. 
Eventually you’ll complete these tasks, assign them to someone else, or mark them as “wont’ do” (like done but in another sense).

Backlog tasks don't need to be organized chronologically because their timing and priority may change. Theme-organize them. When planning/strategic, you can choose themes to focus on, so future top 3 topics.

More Tips on Todos

Decide Upon a Morning Goal

Morning routines are universal. Coffee and Wordle. My to-do list is next. Two things:

• As needed, update the to-do list: based on the events of yesterday and any fresh priorities.

• Pick a few jobs to complete today: Pick a few goals that you know you can complete today. Push the remainder below and move them to the top of the Soon section. I typically select a few tasks I am confident I can complete along with one stretch task that might extend into tomorrow.

Finally. By setting and achieving small goals every day, you feel accomplished and make steady progress on medium and long-term goals.

Tech companies call this a daily standup. Everyone shares what they did yesterday, what they're doing today, and any blockers. The name comes from a tradition of holding meetings while standing up to keep them short. Even though it's virtual, everyone still wants a quick meeting.

Your team may or may not need daily standups. Make a daily review a habit with your coffee.

Review Backwards & Forwards on a regular basis

While you're updating your to-do list daily, take time to review it.

Review your Done list. Remember things you're proud of and things that could have gone better. Your Done list can be long. Archive it so your main to-do list isn't overwhelming.

Future-gaze. What you considered important may no longer be. Reorder tasks. Backlog grooming is a workplace term.

Backwards-and-forwards reviews aren't required often. Every 3-6 months is fine. They help you see the forest as often as the trees.

Final Remarks

Keep your list simple. Done, Waiting, Top 3, Soon. These are the necessary sections. If you like, add more subsections; otherwise, keep it simple.

I recommend a morning review. By having clear goals and an action-oriented attitude, you'll be successful.