jtgi on Warpcast

jtgi pfp

just had my first wallet drained, lost 20k after making old github code public. made some mistakes: - the project had an old commit w/ a private key for a wallet i was using on rinkeby - I unknowingly reused this account in @metamask 1mo ago to trade clankers on base funds were drained within 10m of making it public

13 replies

8 recasts

68 reactions

jtgi pfp

couple things of note: - i checked the repo before making it public, the private key was in an old commit. - that commit was from 3y ago (on rinkeby no less), when i created a new account in @metamask, it looked brand new because a) i switched computers and metamask doesn't preserve accounts, b) it had no activity on base/mainnet just deprecated rinkeby. something to be careful of for devs, please reshare!

1 reply

4 recasts

27 reactions

Zenigame pfp

Sorry to hear this but thanks for the retrospective and the reminder :( 6000 $DEGEN is all I have today

1 reply

0 recast

6 reactions

adrienne pfp

Holy cow this story is blowing my mind key was in commit history so missed on a scan 😢 damn, add that to long list of things to check for When you created the “new” account in metamask, how does it use the same key as the 3 year old one you were using on a testnet? Thats the part I’m not familiar with Really makes me appreciate the risks all you good people take when you share your code publicly 💜 Why isn’t there a white hat hacker group that does this better than the bad guys 😢

1 reply

0 recast

0 reaction

Ox Bid pfp

I always curious how did they know? Did they follow all your action? Did they see that you have money on your accounts? (Maybe you shared transactions / screenshots of the balance)? I still remember the time when all traders were so scared to connect their public profiles with their wallet profiles because they were followed and regularly rugged

1 reply

0 recast

0 reaction

Alexander Iv pfp

@youzzzerneim.eth

Sorry to hear that. I've had 10k drained a month ago. Lesson learned but still hurts.

0 reply

0 recast

1 reaction

Leo pfp

Ouch that hurts, it would be good it GitHub scanned for that like they do for api keys

0 reply

0 recast

1 reaction

Rch 🎩 pfp

that is brutal. sorry to hear that.

0 reply

0 recast

1 reaction

hellno the optimist pfp

hellno the optimist

oof that sucks! Thanks for the reminder

0 reply

0 recast

1 reaction

Kat 🎩🔥 pfp

I’m sorry to hear this. Thank you for sharing. We all need to stay diligent with trading on here

0 reply

0 recast

1 reaction

MetaEnd🎩🚨 pfp

MetaEnd🎩🚨

0 reply

0 recast

1 reaction

The Dude Bart🐘🌳 ⌐◨-◨ pfp

The Dude Bart🐘🌳 ⌐◨-◨

oh man noooo I'm sooo sorry to hear this :(

0 reply

0 recast

0 reaction

Burak Colak pfp

0 reply

0 recast

0 reaction