cryptonews

How many times is it:

a) White-hat hacker, found out there was a problem, wanted to exploit before anyone else did, so they could return. Maybe they don't follow some rules of convention proposed by others on how to do it safely like https://jumpcrypto.com/writing/safu-creating-a-standard-for-whitehats/ . Maybe they aren't aware or just don't have the time to set it all up.

b) White-hat hacker, same as above, but believes they really should get paid somewhat. So if there's no bug bounty yet, will wait until offered a 10% bounty.

c) Black-hat hacker that would totally keep all of this, but someone just came to the door where they live with all kinds of details on them and their love ones.

We'll probably never know.

I mean, if you are able to completely track down the exploiter, and could thus contact them by non-public means, would you then telegraph that information to the world as a blockchain message and thus lose a bit of that leverage? Or even after the funds were returned, and the leverage wasn't need any more, reveal what was done to get the funds back, as that could kind of backfire with the crypto community (Arkham Intelligence)?

I like to think this is rare. Except for when it is state sponsored, most of these exploiters, I think, are fine with just a small bounty because, yeah, they just alerted you to a bug before someone who might just keep it all found that bug. Funds can generally always be returned rather quickly and easily. Also, in many cases, it's not even so easy to say when exploiting is even unethical. For one, in many ways, DeFi is about code being law. And that code likely doesn't have a EULA in it (would be awfully spammy for the chain if it did and really, who likes EULAs?).

That said, I do like the idea of standard for whitehats. But it's a bit ironic that Jump Crypto should care about ethics, after they bailed out Terra Luna. Afterwards, they told no one, they just let everyone hear Do Kwon's lies about the algorithm working, and not the truth that the ponzi only stayed barely afloat a little longer thanks to their TradFi backroom shenanigans.

I like most of these arguments, and I can easily agree on security (but that's as easy as acknowledging how centralized staking has been). But there is no statistical evidence regarding the environmental "debunk." GPUs being reused for other uses is not a slam. If anything, more uses would mean if existing hardware didn't exist more would be created AND use the same energy. As for MEV, he has no stats for how much was done prior to merge, thus to way to prove. I'd been hearing about the Dark Forest long before the Merge. A technological advance on MEV could fix regardless of PoS or PoW--or it can fail regardless (looking at you PoH Solana https://www.coindesk.com/tech/2023/02/24/for-solana-users-priority-fees-mean-paying-up-to-skip-the-line/ - nail in the coffin for me as killing MEV was my main hope for the chain). No stats = weaker argument. It definitely should require weasel words, not absolutes, like environmental impact is definitely not better with PoS. Again, the arguments on security and profitability are fine.

This is the image: Late Stage Crapitalism

Hello! Welcome to the CorpoMegaMetaverse! Let's play a game where you hear our advertising pitches in this dead, soulless wasteland.

Do you want to try our new McNeftee Burger? All the pixels and none of the taste! It's like an advertisement in your virtual mouth. Yum!