Welcome to Issue #84 of Bitfinity Weekly for our #BITFINIANS community. If this newsletter was forwarded to you, sign up here.
What's in Today's Email?
- Global Crypto News
- This Week in our Blog
- NFT Market Bytes
- Tweet of the Week
- Meme Time
- A Matter of Opinion
Global Crypto News
⛓️ Off the Chain: Ethereum L2 Arbitrum suffered a temporary, 1.5 hour outage this Friday as the blockchain experienced a surge in network traffic. Offchain Labs, the company behind Arbitrum, confirmed that the reason for the increased network activity was because of Arbitrum "inscriptions", which inscribe data onto the blockchain, a concept borrowed from Bitcoin's Ordinals.
🏏 Going Bonkers: $BONK, a memecoin on Solana, has seen a 130% rise in price over the last week, triggering a wave of copycat coins as well as a total U.S. sellout of the Solana Saga smartphone. The Saga, which was released in April, did not see much demand from buyers until $BONK's run; the phone comes with an aidrop claim of 30 million $BONK tokens, which meant an arbitrage opportunity of roughly $200 more than the cost of the phone at the time of the phone's sellout.
🐟 Go Phish: On Thursday a "potential supply chain attack" on ledgerconnect kit was discovered by Web3 security firm BlockAid, who identified a malicious injection of a wallet draining payload into Ledger's popular NPM package, affecting numerous popular dapps. Ledger confirmed that the exploit began because a former employee "fell victim to a phishing attack". The news drew the ire of the entire crypto community as Ledger, a crypto hardwallet manufacturer, has seen numerous criticism regarding its security practices in the past few months.
🌋 Eruptive Tech: El Salvador's Bitcoin bonds (named "Volcano Bonds" in reference to the country's proposed use of the Conchagua volcano to power Bitcoin mining rigs) is set to go live in Q1 2024. Despite regulatory framework having been passed by legistation in January of this year, the issuance of Bitcoin-backed bonds have been met with some resistence both inside the nation and out.
This Week in our Blog
Block explorers are an important tool to utilize when you're working with blockchains, whether you're a dev or a trader. In this article we go over the basics so that you know how to be your own on-chain explorer:
Decentralization can bring great things to all fields, not just computer science. Blockchain technology could potentially reshape the scientific field through leveraging the ability to verify data in an open and unbiased manner.
NFT Market Bytes
💃 Not A Gentleman: NFT Trader, a p2p trading platform, suffered a massive security breach on Saturday. The attack targeted old smart contracts, which meant valuable 'blue chip' NFTs were vulnerable. In the ensuing hours, roughly $3 million worth of NFTs were stolen, including Bored Apes, Mutant Apes and Veefriends. In a bizarre twist, one attacker sent a public message offering a ransom deal to those who wanted to recover their lost NFTs for a fee, claiming that she was not the original attacker and only "came here to pick up residual garbage".
🐧 Touching Ice: Pudgy Penguins, a popular Ethereum NFT project, unveiled a trailer for Pudgy World at Art Basel Miami this week. The 3D browser game experience is expected to launch in alpha next year. Pudgy World will allow NFT holders and Pudgy Penguin plushie owners to 'adopt' a virtual collectible, but also stand as a free-to-play game with an emphasis on storytelling.
🧸 Next In Line: Line Next, the NFT-focused subsidiary of Japanese SMS/messaging service giant Line, has raised $140 million in funding. Line Next plans to launch Dosi, a global NFT marketplace, in January 2024. Line is no stranger to the western market or to the NFT world: they are so popular throughout Asia that their cast of cartoon characters, Line Friends, is even seen in merchandising in America; earlier this year, Line announced a collaboration with Chiru Labs, the creators of popular Ethereum collection Azuki.
Tweet of the Week
A Matter of Opinion
The Ledger library compromise, which affected a number of popularly used dapps, teaches some hard lessons that the entire web3 industry needs to learn: namely, one regarding best practices and security hygiene on a individual level. Although Ledger acted quickly to mitigate issues, deploying a fix within 40 minutes of being notified of the breach, the malicious package was live for five hours, which is an incredibly long time in the world of cybersecurity.
The exploit unfolded because of one employee at one company fell victim to a phishing attack. If Ledger's claim is true, then what happened is that an employee with NPMJS credentials was targeted, which the attacker then used to push a malicious version of the widely used Ledger Connect Kit, which then potentially left the entire crypto ecosystem vulnerable. This obviously raises some questions about the fragility of the web3 ecosystem as well as broader concerns about the security of decentralized applications trusting an open source library implicitly.
The Ledger debacle, if anything, should serve as a reminder to us all that we must always be vigilant. Despite the numerous warnings one often runs across in web3 of not clicking on suspicious links, phishing attacks continue to be responsible for some of the most devastating losses to this day. Whether it's via social engineering (as Kevin Rose of PROOF fell prey to in January of this year), or simply a misclick on a malicious link, anyone can be susceptible to phishing.
Connect with Bitfinity Network
*Important Disclaimer: While every effort is made on this website to provide accurate information, any opinions expressed or information disseminated do not necessarily reflect the views of Bitfinity itself. The information provided here is for general informational purposes only and should not be considered as financial advice.