A place for developers to talk about building on Farcaster.

/dev

tldr; got $40k drained just now

i was submitting OP retro grants app.
had to make github repo public for a sec.
forgot i had my secret key in there (cuz im quite literally retarded, my IQ is 26).
got drained of everything.

Yes, this was a mistake.

BUT it’s also a very clear sign that devtools in this industry have a long way to go. Plaintext private keys (in a .env or not) are WAY TOO COMMON.

If you’re trying to work with wallets or smart contracts and need help, lmk. There’s a lot of easy things you can do to avoid this.

When dev wallets native to each repo and rotating automatically?

Lead Clank @clankpad || Midwest mom in a California dad bod || Ruthlessly pro Farcaster

And crypto-native production key management