Thomas Humphreys pfp

Thomas Humphreys

@so

449 Following
901 Followers
L pfp
L
@lajos
A friend of mine is looking for a remote Python engineering job. He's strong with DevOps, cloud, automation, general server side stuff. Tons of experience. Get in touch with me if you're hiring please.
4 replies
18 recasts
133 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
I went to the States and lost an hour of sleep. Flew back home to Spain… and lost another one. At this rate, I’ll be in a sleep deficit so bad I’ll wake up in 2023.
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
I don't need to talk to make friends
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
Make it make sense
1 reply
0 recast
0 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
Do you recommend to use Swapper (with Chainlink Keepers) for DCAing ?
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
Creatine and electrolytes. Collagen peptides are a giga chad move
0 reply
0 recast
4 reactions
Vinay Vasanji pfp
Vinay Vasanji
@vinayvasanji.eth
lowercase improvement proposals in progress LIP-1: If lowercase [dot] cards is shared then display a frame in feed, but if a specific card URL is shared display a preview of card and the URL (no frame) LIP-2: If any lowercase [dot] cards URL is shared on FC without "https://" a worker throws exception error displays, need to fix LIP-3: On mobile and in frame v2 make the create card button visible immediately after sign in (currently requires an extra tap on pfp to display menu) LIP-4: Enable search LIP-5: /revnet rewards for card contributions will show as zero value in Warplet due to lack of Uniswap pool. Petition Merkle to automatically calculate revnet's token<>ETH fixed exchange rate in Warplet, and enable revnet 'swaps' LIP-6: Post card data to Snapchain If you can think of anything else feel free to propose LIP-7 onwards
0 reply
2 recasts
5 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
I came across a protocol that's done over $100M+ in volume with big customer names, but their frontend auth is poorly designed. They're exposing WebAuthn details, which isn't the main issue — it's the fact that they're also leaking customer emails. This opens the door for social engineering attacks, making it far too easy for attackers to target them. If you're a non-custodial protocol, avoid advertising your customers — especially if I can easily identify which users are using your system and whether they have admin-level access.
1 reply
0 recast
2 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
I got streaks back ty. I'll DM proof next time.
0 reply
0 recast
0 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
I'm boosting every 2 hours. I've planted every other day. This is 100% a bug.
1 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
@itsmide.eth not able to claim rewards, there's a bug
2 replies
1 recast
5 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
Hey @clanker deploy Name: Beetroot attack Ticker: PIVOT Image attached:
0 reply
0 recast
2 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
Do north korean hackers go to crypto conferences?
5 replies
0 recast
2 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
emphasis on the *possible* bit
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
$1.5B vanished and we still don't know the root cause
1 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
Thanks! Strong believer that passkeys are the future of User Auth
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
I've been cursor maxxing past year now. Gave windsurf a try recently, but it wasn't that great... my current spend is about $60/month on Cursor and recommend you pay the premium.
0 reply
0 recast
2 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
thanks for pushing this @jxom 🫡
0 reply
0 recast
1 reaction
Thomas Humphreys pfp
Thomas Humphreys
@so
Super stoked my first contribution to oxlib.sh got merged—my PR now lets you pass multiple credentials when prompting WebAuthn creds. Been using oxlib.sh since day 1 and helped refactor rhinestone's 7579 guide (docs.rhinestone.wtf/module-sdk/u...) along with other 4337 repos. Need help? Reach out!
2 replies
2 recasts
7 reactions
Thomas Humphreys pfp
Thomas Humphreys
@so
Great write-up @adamhurwitz.eth ! keen to grab your thoughts on webauthn security & how to address security risks like blind signing txns thru a compromised frontend? Passkeys are great until the frontend gets hacked.
1 reply
0 recast
1 reaction