Warplets guy | Cofounder @ Resolve (YC) - spatial tech for construction. FC tinkering: @livecaster @harmonybot |  I just want us to have fun.

Pi-chi.eth artist of /animeoutcasts
Hosting: /kyoto /anime-manga /farcasterunion

https://portrait.so/pichi

pichi

jc4p

Hyperliquid

software engineer. exploring ai agents, decentralisation, internet culture. generative ai.

upcoming generative AI art mint [SOON] @arches

le $BLEU elefant dev

LeBleuElefant

I mean the Farcaster bug claim.

Compromised DB makes sense.

I think people like saying grandiose things on here :)

@jc4p we got a wild west bughunter lololol

the bug bounty is for the wallet not for mini apps, this won't quality at all

it’s actually broad, if you can use a mini app to steal funds it counts

but ofc there are more criteria / has to actually be exploit and not just a mini app leaking notif tokens

it’s just triggering a tx the second the mini app loads and the eth provider is available, no exploit on mini app at all — nothing on FC’s side, just a leak of webhook urls

This might be a combo of 1. Leaked key to send out notif 2. Exploit that allows tx straight from notification

I didn’t see what happened if you clicked. Anyone got details?

oopsie

i think its prob a leaked key anyways