Mon May 22

22 May, 9 AM

Good Morning. Our Referral program is live. Please see the bottom of the letter for more details 😀 .

In the news today; Crypto Exchanges' Access To UPI May Be Back, Attacker Takes Over Tornado Cash DAO With Vote Fraud, Token Drops 40%, Ledger’s New Phrase Recovery Feature Is Bad News, Jack Dorsey-Backed TBD Releases Toolkit To Decentralize The Internet.

⛔️ Crypto Exchanges' Access To UPI May Be Back: Proposals have been submitted to the Indian government and central bank requesting the restoration of access to UPI for the cryptocurrency industry. CoinDesk reports that two proposals have already been made, and a third proposal is expected to be presented by the Bharat Web3 Association (BWA), a newly formed crypto policy advocacy group, in the coming weeks. These proposals, although not coordinated, mark a significant effort by India's crypto stakeholders to advocate for policy changes governing the growing industry. One of the proposals argues that denying a specific group of investors access to their chosen instruments via UPI while allowing access to another group (e.g., IPOs) might violate Article 14, which pertains to equality before the law.

Obvious just launched an Account Abstraction based Smart wallet powered by Biconomy, that lets users pay for gas fees in stables such as USDC, USDT & DAI and execute multi-step complex transactions with just a single click. With Obvious you can transact on chain with confidence anytime, anywhere!!

💻 Attacker Takes Over Tornado Cash DAO With Vote Fraud, Token Drops 40%: The privacy-focused crypto mixer Tornado Cash had its DAO, responsible for handling operations, funds, and future plans, effectively taken over by an unidentified attacker or group on Saturday. The attacker(s) submitted a malicious proposal that hid a code function granting them fake votes, giving them control over aspects of Tornado Cash, such as the governance contract and locked torn tokens. By mimicking an earlier version of the proposal with added malicious code, the attacker(s) gained access to all governance votes. This allowed them to freely manipulate the system. They withdrew 10,000 votes as TORN and sold them. The Tornado Cash community is now proposing changes to reverse the modifications made by the attacker(s). It was also discovered that the attacker(s) minted over 1 million torn tokens for themselves, valued at over $4 million.

🙅🏻‍♂️ Ledger’s New Phrase Recovery Feature Is Bad News: Ledger has introduced a new feature called Ledger Recover, which allows users to recover their secret recovery phrase by submitting their ID. This has sparked concerns among Ledger users, who are worried that this could be a new attack vector for hackers. Ledger has responded by saying that the feature is optional and that users should only use it if they are absolutely sure that they have lost their recovery phrase. A Reddit post pointed out the dangers of sharing seed phrases online — referencing Ledger’s 2020 data breach. “Again, I’m in disbelief about this. Apart from the risks that they’re hacked again, apart from it flying in the face of never sharing your seed, and never storing it online, it opens the door to a whole new level of crypto scammers!

🧰 Jack Dorsey-Backed TBD Releases Toolkit To Decentralize The Internet: TBD, a division of Jack Dorsey's fintech company Block, has launched a new open-source toolkit for its Web5 project. The toolkit includes tamper-proof, self-owned identifiers similar to email addresses or usernames called decentralized identifiers (DIDs); secure digital certificates called verified credentials (VCs) that provide legal proof of things like name, age, and ownership of assets; and decentralized web nodes (DWNs) that store data in a decentralized way. One of the first applications TBD will launch on their Web5 platform will be a remittance app for Africa and Mexico that uses bitcoin (BTC) and stablecoins as payment rails. The app will be based on another TBD open source project called TBDex – a protocol for discovering liquidity and exchanging assets.

What Is A DAO And How Do They Work?: A DAO, or “Decentralized Autonomous Organization,” is a community-led entity with no central authority. It is fully autonomous and transparent: smart contracts lay the foundational rules, execute the agreed-upon decisions, and at any point, proposals, voting, and even the very code itself can be publicly audited.

21