A place for developers to talk about building on Farcaster.

/dev

I'm eth newbie..just learning
(working on @farcaster)

terminally.online

AMA with @horsefacts.eth starts now!

What questions do you have for him?

/toc Onchain strategy at terminallyonchain.xyz | co-host /latenightcrew

No questions, but I’m grateful that you ordered some candles and took a chance on me. Thanks so much! 💜

🕯️they/them, candlemaker at https://humankind.place

Okay I lied I do have a question. We’re both in the security space - I’m focused on supply chain attacks. 

What do you think the number one security threat is to web3 atm in time?

Yeesh, there's a lot to worry about. We're subject to all the threats of the conventional web plus all the stuff that's unique to smart contracts. And the tools we use leave a lot of breadcrumbs.

Supply chain attacks and targeted spearphishing have both been scary lately, we shouldn't ignore offchain fundamentals.

I don't know about the #1 threat, but a big challenge I think about a lot is that it's impossible to audit/verify every contract someone yeets onchain, but that's the degree of care we really need. 

So in the long term the big question for me is how we can educate and build good tools faster than we produce bad code.

I don't think she's here, but tayvano_.twitter is a great follow for on and offchain web3 security, especially some of the recent and scary Lazarus stuff.

Thanks for answering! I actually haven’t heard about spearfishing, that’s reading content for me 🤓