Criminals have recently been found creating modified Trezor wallets

TheDinarian

News • Business • Investing & Finance

May 16, 2023

(Dinarian Note: This is why it's worth paying a few extra dollars at the manufacturers website, versus buying a used-refurbished unit on the secondary markets.These theives are getting smarter and smarter unfortunately...)

Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.

Easy to steal and cash out, сryptocurrency is one of the most attractive digital assets for attackers. Accordingly, serious investors often use hardware cryptowallets to protect their crypto-investments. Such a wallet stores private keys away from vulnerable computers and smartphones and makes it much safer to sign transactions. But unfortunately, owning a hardware wallet doesn’t guarantee the safety of your funds, as one of our clients has learned the hard way.

Hack symptoms

Attackers worked stealthily: on a fateful day in the transaction history of a cryptowallet there appeared an operation in which a large sum of money was transferred to someone else. However, no transactions were performed on that day by the victim at all. Moreover, the cryptowallet wasn’t even plugged into a computer!

Aaand… It’s gone!

Dissecting the wallet

The victim had purchased the rather popular hardware wallet Trezor Model T. It uses fully open-source code — both software and hardware-wise — and is based on the popular STM32F427 microcontroller.

The Trezor Model T vendor has undertaken a wide range security measures that, in theory, should reliably protect the device from attackers. Both the box and the unit housing are sealed with holographic stickers, the microcontroller is in flash memory read-out protection mode (RDP 2). The bootloader checks the digital signature of the firmware and, if an anomaly is detected, displays an unoriginal firmware message and deletes all the data in the wallet. Accessing the device and confirming transactions require a PIN code that — even though it doesn’t protect the master access key (a base for generating the mnemonic seed phrase) — is used to encrypt the storage where it’s kept. Optionally, in addition to the PIN, you can protect your master access key with a password as per the BIP-39 standard.

At first cursory glance, the wallet we examined appeared to be exactly the same as a genuine one, and showed no signs of tampering. The unit was bought from a trusted seller through a popular classifieds website, and the holographic stickers on the box and the wallet itself were all present and undamaged. When started-up in update mode, the wallet displayed firmware version 2.4.3 and bootloader version 2.0.4.

When handling the wallet, nothing felt suspicious either: all the functions worked as they should, and the user interface was no different from the original one. However, mindful of the theft that had occurred via it, we delved deeper. And that’s where our interesting discoveries began.

Right off the bat, we found that the vendor had never released bootloader version 2.0.4. The project change history at GitHub concisely states that this version was “skipped due to fake devices”. After such an intriguing statement, we just had to reach for the scalpel and begin our dissection, of course…

What on earth is version 2.0.4?

The housing was difficult to open: its two halves were held together with liberal quantities of glue and double-sided adhesive tape instead of the ultrasonic bonding used on factory-made Trezors. Even more curiously, inside there was an entirely different microcontroller showing traces of soldering! Instead of the original STM32F427, the unit had an STM32F429 with fully deactivated microcontroller flash-memory read-out protection mechanisms (RDP 0 instead of RDP 2 in genuine Trezors).

It looked perfectly genuine from the outside; however… (left — original, right — fake)

Thus, the fake cryptowallet theory was proved true: it was a classic supply-chain attack in which an unsuspecting victim buys an already-hacked device. But the actual cryptocurrency stealing mechanism was still unclear…

Trojan firmware

We won’t repeat the commonplace truths about cryptowallets that we covered earlier, but we’ve just one little reminder for you: a cryptowallet contains your private key, and whoever knows that key can sign any transaction and spend your money. The fact that the attackers were able to conduct a transaction while the offline wallet was stashed in its owner’s strongbox means that they either copied the private key after it was generated, or… they knew it all along!

Thanks to the deactivated flash-memory read-out protection, which our attackers decided not to turn on after the new microcontroller was soldered in, we easily extracted the wallet firmware and, by reconstructing its code, discovered that the attackers indeed knew the private key in advance. But how?

The original bootloader and wallet firmware received only three modifications:

First, the bootloader-checks for protection mechanisms and digital signatures were removed, thus getting rid of the “red screen” problem during the firmware originality check at startup.

Second, at the initialization stage or when resetting the wallet, the randomly generated seed phrase was replaced with one of 20 pre-generated seed phrases saved in the hacked firmware. The owner would begin using it instead of a new and unique one.

Third, if the user chose to set an additional master-seed protection password, only its first symbol (a…z, A…Z, 0…9 or ! for any special character) was used, which, together with the no-password option, gave just 64 possible combinations. Thus, to crack a given fake wallet, only 64*20=1280 variants were to be considered.

The fake cryptowallet would operate as normal, but the attackers had full control over it from the very beginning. According to the transaction history, they were in no hurry, waiting a whole month after the wallet was credited for the first time before they grabbed the money. The owner had no protection whatsoever: the game was lost from the very moment the money first arrived in the Trojan wallet.

How to prevent the fake device threat

It’s not easy to tell a fake cryptowallet from a real one without special knowledge and experience. The main safeguard is to buy your wallet directly from the official vendor and choose models with special versions of protected microcontrollers (even original Trezors aren’t ideal in this sense: there are other brands’ wallets with better protected chips and extra protection mechanisms).

It should be remembered that even an authentic and unmodified wallet can be vulnerable to a number of threats. The priority measures include the use of a password (if supported by your wallet), and, of course, protection for all computers and smartphones.

Link

Join the TheDinarian Community

To read more articles like this, sign up and join my community today

What else you may like…

Videos

Podcasts

Posts

Articles

thedinarian@thedinarian

15 hours ago

🚨NEW: Watch @BoHines sit down with @CryptoAmerica_

Watch @BoHines sit down with @CryptoAmerica_ to discuss key details of the White House crypto report including anticipated new DOJ guidance, as well as fresh commentary on the @rstormsf trial, and the nomination of @BrianQuintenz to lead the @CFTC.

00:28:43

thedinarian@thedinarian

16 hours ago

Why Invest In XRP?

Because Ripple Is EVERYWHERE!

This is on Wall Street... NY

00:00:06

thedinarian@thedinarian

16 hours ago

👉"You're gonna be told that there is a craft on its way to Earth.

"That 100 fxxxing percent is the lie you are going to be told."

Jeremy Corbell in January 2025

00:02:38

thedinarian@thedinarian

October 31, 2024

👉 Coinbase just launched an AI agent for Crypto Trading

Custom AI assistants that print money in your sleep? 🔜

The future of Crypto x AI is about to go crazy.

👉 Here’s what you need to know:

💠 'Based Agent' enables creation of custom AI agents
💠 Users set up personalized agents in < 3 minutes
💠 Equipped w/ crypto wallet and on-chain functions
💠 Capable of completing trades, swaps, and staking
💠 Integrates with Coinbase’s SDK, OpenAI, & Replit

👉 What this means for the future of Crypto:

1. Open Access: Democratized access to advanced trading
2. Automated Txns: Complex trades + streamlined on-chain activity
3. AI Dominance: Est ~80% of crypto 👉txns done by AI agents by 2025

🚨 I personally wouldn't bet against Brian Armstrong and Jesse Pollak.

thedinarian@thedinarian

6 hours ago

🚨 Hedera $HBAR , $XDC Network, and $QNT have been chosen by SWIFT to join this year's Sibos 2025 as discovered exhibitors. Seems SWIFT chose these tokens, which are all DLTs, were chosen specifically for the event, signifying key institutional interest in these ecosystems. This is very good news.

Op: Realallincrypto

thedinarian@thedinarian

6 hours ago

‼️JUST IN JULY 2025 REPORT REVEALS PUBLICLY TRADED COMPANY IMMUTABLE HOLDINGS WILL BEGIN STRATEGICALLY ACCUMULATING HBAR TOKENS‼️

Massive signal.💎

Corporate treasuries are actively seeking ISO 20022 compliant assets as the foundation of their long term digital asset strategy.🔑

“The Company believes HBAR is a high-quality digital asset with long-term potential, distinguished by the Hedera network's enterprise-grade performance, low transaction costs, carbon-negative operations, and growing adoption among enterprise and public sector applications.”✅

“HBAR = a compelling candidate for long-term digital asset treasury management.”✅

Documented below.📝👇

Op: Smqkedqg

thedinarian@thedinarian

6 hours ago

Remember, Harvard revealed that the Road Map to the Digital Dollar INVOLVES XRP AND XLM.🎯

Documented.📝💨

Op: Smqkedqg

thedinarian@thedinarian

July 28, 2025

PYTH: We'll Always Have Coldplay

Welcome back to The Epicenter, where crypto chaos meets corporate cringe.

But surprisingly, crypto has not been the most chaotic corner of the internet as of late.

That honor goes to the startup Astronomer, whose CEO’s cheating scandal broke the web in a glorious meme-fueled media frenzy. The company’s damage control? Hiring Gwyneth Paltrow as a “temporary spokesperson.” Do we think they’re grasping at straws or setting a new standard for PR?

Meanwhile, the markets didn’t blink. BTC is still flexing near its all-time highs. Michael Saylor’s bringing a bitcoin-adjacent money-market product to Wall Street. A pharma company just earmarked $700M to stack BNB, and analysts are calling time of death on the four-year crypto cycle. It’s a steady boom now, kittens.

A few things that are also worth noting: Winklevoss vs. JPMorgan, Visa’s take on stablecoins, and Robinhood’s Euro drama that defies the chillness of eurosummer.

Let’s get into it 👇

⛓️ The On-Chain Pulse: What’s Happening on the Front Lines of Finance

This week’s biggest news in crypto and all things digital assets

PR crisis? Just add Gwyneth; data company Astronomer tapped Gwyneth Paltrow as its “temporary spokesperson” amid a workplace cheating scandal—because nothing says damage control like Chris Martin’s ex-wife
Winklevoss twins claim JPMorgan blocked Gemini onboarding in retaliation for criticizing its new data access fees—JPM says it’s just trying to protect consumers
Michael Saylor is backing a new money-market-style fund that doesn’t hold Bitcoin directly, but taps its return profile to deliver high yields to Wall Street investors
Windtree Therapeutics—a Nasdaq-listed drug company—plans to buy up to $700M in BNB after the token hit a new ATH, raising eyebrows as it adds the fifth-largest crypto to its balance sheet
The 4-year crypto cycle is “officially dead,” according to experts, who now see a steadier boom driven by ETFs, institutional demand, and macro tailwinds
Bitcoin Cash surged past $580 this weekend, with analysts eyeing a breakout toward the $620–$680 range amid bullish chart patterns
Two brokers are battling to become Asia’s Robinhood as Hong Kong’s new stablecoin bill sparks optimism around a boom in regional crypto trading
Visa’s head of crypto says the payments giant isn’t sweating stablecoins, despite growing momentum across blockchain-based payment rails
Senator Elizabeth Warren slammed the GENIUS Act (to absolutely no one’s surprise) warning that crypto lobbying is setting up Americans to "pay the price" like they did before the 2008 financial crisis
XRP Mining just launched a mobile app that turns your smartphone into a passive income machine—no hardware, no skills, just daily mining rewards from your pocket

🗣️ Word on the Street: What the Experts are Saying

Stuff you should repost (or maybe even cough reword and take credit for)

Doug Colkitt argues that DeFi’s obsession with decentralization at all costs sacrifices performance, and what the space really needs is minimum viable decentralization (MVD)
Kinjal Shah of Blockchain Capital points to the latest charts showing that DEXs are flipping CEXs and the “DeFi mullet” is officially in style; think slick frontends, protocol backends, and a market moving at warp speed
David Sacks says this week marked a turning point for US AI policy, with Trump’s first major AI speech, a new White House Action Plan, and three executive orders signed into law
Emilie Choi of Coinbase says she doesn’t want to be the best female COO—just the best COO
Boring Business reminds us that em dashes have been ruined forever (we should probably hold a funeral)

Meme of the Week

🏦 Kiss my SaaS: What’s Changing the Game for Fintech

Things you should care about if you want to impress your coworkers

Estonia’s top tech founders are backing Lightyear, a European Robinhood rival that just raised $23M and dropped new AI features to help retail investors decode stock moves
Fintech and crypto groups are urging Trump to safeguard open banking rules, warning that rollbacks could jeopardize access to wallets, DeFi apps, and stablecoins amid mounting pressure from traditional banks
Robinhood stock is up 280% as the company leans into crypto and wealth management—but analysts are cooling off, citing overvaluation risks despite the growth
Meta is investing $14.3B into Scale AI and hiring its CEO, Alexandr Wang, as part of a sweeping AI push that marks one of the biggest talent acquisitions in the space this year
Mastercard’s 2024 Impact Report spotlights its efforts across financial inclusion, climate action, and digital access, framed around its “People, Prosperity & Planet” pillars

Closing Thoughts

From meme-fueled PR stunts to Bitcoin-backed money-market funds, this week reminded us that markets move fast—and headlines move faster. With Wall Street automating itself, fintechs beefing with banks, and even your smartphone becoming a miner, anything is possible. Stay curious, stay cynical, and as always—stay sharp and stay liquid. We’ll see you back here in two weeks.

— The Epicenter, powered by Pyth Network

Source

🙏 Donations Accepted 🙏

If you find value in my content, consider showing your support via:

💳 PayPal:
1) Simply scan the QR code below 📲
2) or visit https://www.paypal.me/thedinarian

🔗 Crypto – Support via Coinbase Wallet to: [email protected]

Read full Article

thedinarian@thedinarian

July 27, 2025

4 Fintech Companies 💸& Things To Know About 🤔

The fintech revolution is reshaping the way we manage, invest, and move money, breaking down traditional barriers and empowering individuals worldwide. As financial technology continues to evolve at a rapid pace, a select group of innovative companies are leading the charge by offering groundbreaking solutions that redefine banking, payments, and digital assets. Whether you’re a savvy investor, an industry professional, or simply curious about the future of finance, discovering these trailblazing fintech companies is essential to understanding today’s dynamic financial landscape.

Alina Invest - The AI Wealth Manager for GenZ Women

Alina is aimed at women under 25 who identify as beginner investors. They're an SEC-registered investment advisor that charges $120/year for membership. The service "buys and sells for you" and gives up notification updates of recent transactions like a wealth manager would.

👉 Getting people to invest early is crucial to building long-term wealth. One thing that holds them back is a lack of confidence and experience. Being targetted "for beginners" and people who live on TikTok should appeal. I love the sense of "we're buying and selling for you." Funds always do that, but making it an engagement mechanic is very smart. The risk here is that building a wealth business will take decades for the AUM to compound. But the next generations, Wealthfront or Betterment, will look something like Alina.

2. Blue layer - The Carbon project funding platform

Bluelayer allows Carbon project developers to take from feasibility studies to issuing credits, tracking inventory, and managing orders. Developers of reforestation, conservation, direct air capture, and other projects can also directly report to industry registries.

👉 Carbon investing and tax credits are heavily incentivized but need transparent data. By focusing on the developers, Bluelayer can ensure the data, reporting, and credits lifecycle is all managed at the source. This is smart.

3. Akirolabs - Modern Procurement for enterprise

Akiro is a "strategic" procurement platform aiming to help enterprise customers identify risks, value drivers, and strategic levers before issuing an RFP. It aims to bring in multiple stakeholders for complex purchasing decisions at multinationals.

👉 Procurement is a great wedge for multinational corporate transformation. Buying anything in an enterprise that uses large-scale ERPs is a nightmare of committees and spreadsheets. Turning an oil tanker-sized organization around is difficult, but the right suppliers can have a meaningful impact in the short term. That only works if you can buy from them. Getting people on the same page with a single platform is a great start.

4. NeoTax - Automated Tax R&D Credits

NeoTax allows companies to connect their engineering tools to calculate available tax advantages automatically. Once calculated, the tax fillings are clearly labeled with supporting evidence for the IRS.

👉 AWS and GCP log files and data are a goldmine. Last week, I covered Bilanc, which uses log files to figure out per-account unit economics. Now, we calculate R&D tax credits. The unlock here is LLM's ability to understand unstructured data. The hard part is understanding the moat, but time will tell.

In an era where technology and finance are increasingly intertwined, these four fintech companies stand out as catalysts for positive change. By driving progress in digital payments, asset management, lending, and decentralized finance, they are not only making financial services more accessible and efficient—they are also paving the way for a more inclusive and empowered global economy. Staying informed about their innovations can help you seize new opportunities and take part in the future of finance.

👀Things to know 👀

1. PayPal’s Q4 Results are weak sauce / Adyen’s revenue up 22%

PayPal issued low guidance and warned of a “transition year.” The stock is down 8% in extended trading despite PayPal reporting a 9% growth in revenue and 23% EBITDA. Gross profit is down 4% YoY. PayPal's total revenues were $29Bn for the year

Adyen reported 22% revenue growth and an EBITDA margin of 46% for the full year. Adyen's total revenues were $1.75bn for the full year. The margin was down from 55% the previous year, impacted by hiring ahead of growth.

🤔 PayPal’s Braintree (unbranded) is losing market share in the US, while Adyen is winning it. eCommerce is growing ~9 to 10% YoY, and PayPal’s transaction revenue grew by 6.7%. The higher interest rate environment meant interest on balances dragged up the total revenue figure. Their core business is losing market share. Adyen is outgrowing the market by ~12%.

🤔 The PayPal button (branded) is losing to SHOP Pay and Apple Pay. The branded experience from Apple and Shopify is delightful for users; it’s fast and helps with small details like delivery tracking. That experience translates to higher conversion (and more revenue) for merchants.

🤔 The lack of a single global platform hurts PayPal, but it helps Adyen. In the earnings call, the new CEO admitted their mix of platforms like Venmo, PayPal, and Braintree are holding them back. They aim to combine and simplify, but that’s easier said than done.

🤔 Making a single platform from PayPal, Venmo, and Braintree won’t be easy. There’s a graveyard of payment company CEOs who tried to make “one platform” from things they acquired years ago. It’s crucial if they’re going to grow that they get their innovation edge back. Adyen has one platform in every market.

🤔 PayPal’s UK and European acquiring business is a bright spot. The UK and EU delivered 20% of overall revenue, growing 11% YoY. Square and Toast don’t have market share here, while iZettle, which PayPal acquired in 2018, is a strong market player. Overall though, it’s yet another tech stack and business that’s not part of a single global platform.

2. Iran used Santander and Lloyds Bank to evade sanctions.

The two banks provided accounts to UK front companies secretly owned by an Iranian petrochemicals company. PCC has used these entities to receive funds from Iranian entities in China, concealed with trustee agreements and nominee directors.

🤔 This is the headline every bank CEO fears. Oof. Shares of both banks have been down since the news broke, but this will no doubt involve crisis calls, committees, appearing in front of the regulator, and, finally, some sort of fine.

🤔 The "risk-based approach" has been arbitraged. A UK company with relatively low annual revenue would look "low risk" at onboarding. One business the FT covered looked like a small company at a residential address to compliance staff. They'd likely apply branch-level controls instead of the enterprise-grade controls you'd see for a large corporation.

🤔 Hiring more staff won't fix this problem; it's a mindset and technology challenge. In theory, all of the skill and technology that exists to manage risks with large corporate customers (in the transaction banking divisions) are available to the other parts of a bank. In practice, they're not. Most banks lack a single data set and the ability for compliance officers in one team to see data from another part of the org. Getting the basics right with data and tooling is incredibly hard and will involve a multi-year effort.

🤔 These things are rarely the failure of an individual or department; the issue is systemic. While two banks are named in this headline, the issue is everywhere. Banks need more data and better data to train better AI and machine learning. That all needs to happen in real-time as a compliment to the human staff. Throwing bodies at this won't solve the visibility issue teams have.

🙏 Donations Accepted 🙏

If you find value in my content, consider showing your support via:

💳 PayPal:

1) Simply scan the QR code below 📲
2) or visit https://www.paypal.me/thedinarian

🔗 Crypto – Support via Coinbase Wallet to: [email protected]

Or Buy me a coffee: https://buymeacoffee.com/thedinarian

Your generosity keeps this mission alive, for all! Namasté 🙏 Crypto Michael ⚡ The Dinarian

Read full Article

thedinarian@thedinarian

July 27, 2025

What is XAH and Xahau?

If you're new to XRP, you may have noticed some of us discussing another network named 'Xahau'.

It's Like XRP ... But Different

The Xahau network was created in 2023, and its starting point was the open-source code for the XRP Ledger. A small team of researchers and entrepreneurs decided to add smart contracts to the network code.

The XRP Ledger has no smart contract capabilities, by default.

To integrate smart contracts, the team decided to use an architecture that includes 'WASM' or 'web assembly' code. Each account can have up to 10 'hooks' installed that are triggered for transactions that match specific criteria. They can run before or after a transaction is processed. This enables a variety of use cases that do not involve the need to change the network's core code.

Hooks

A 'hook' is what is known as a smart contract that can be triggered in relation to a specific account and its transactions.

The term arises from the programming world, where it generally means "code that runs based on triggering conditions." In Xahau's case, it indicates code that is run before, or after, a transaction is processed.

Each hook must be installed on a specific account by the party that controls the account - i.e., the secret key holder.

What Can XAH Do That XRP Cannot?

The primary benefit from the use of hooks, is that the core network code does not need to be changed every time a new use case is identified. This means that additional use cases can be addressed immediately, with no requirement for intervening steps, such as:

Community review
Community approval
Amendment voting

All of those steps are eliminated with the use of hooks; new use cases can be addressed as fast as the code can be developed.

To read more about how hooks enables Xahau to handle more use cases than even the XRPL, you can read this article:

XAH: King of Use Cases

Key Differences From XRP

Other unique differences from the XRP Ledger include:

Much smaller supply ~612 million coins vs. 100 billion coins
XAH hodlers are rewarded at 4% of their account balance. There are no rewards for XRP.
Governance participants are incentivized
Payment channels available for user-created tokens (IOUs)
URI tokens instead of NFT tokens

Who's Who of Xahau?

The list of those that are either founders, or closely associated with the founding organizations, is extensive. Here are the names of three organizations mentioned in the whitepaper, or their current moniker:

Xaman (a.k.a. XRPL Labs)
Gatehub
InFTF (Inclusive Financial Technology Foundation)

There exists a long list of impressive developers, architects, and technologists among the Xahau inner circle. But the three names that people associate most prominently with the leadership of the Xahau network are Wietse Wind, Richard Holland, and Denis Angell. The links to their 'X' accounts are:

Wietse Wind

Richard Holland

Denis Angell

Friend Or Foe?

This topic is one of the most contentious.

While Ripple, the company with the largest stake of XRP, showed interest in hooks early on, they ultimately decided to advocate for a different approach; the use of an EVM-based solution (Ethereum Virtual Machine) to handle smart contracts on the XRP Ledger. This decision was met with consternation by the Xaman team that had worked with them for several years to advocate for the use of hooks.

You can read more about the 'business politics' part of this topic here:

Peanut Butter Manifesto Revisited

So how do Xahau fans view the relationship between XRP and XAH?

The Xahau team - and many of its community members - advocate for the use of a 'dual-chain' solution to implement smart contracts. This can be accomplished by the use of 'listener' software, along with native Xahau hooks.

A proof of concept, developed by Denis Angell, has demonstrated that bi-lateral communication can work with a simple approach.

From an economic standpoint, every chain that has its own digital asset is a competitor; but the simple way to think about Xahau, is that a 'bunch of XRP geeks' decided to implement smart contracts on their own version of the XRP Ledger.

The team emphasized transparency along the way, and initially received support from the primary XRP stakeholder, Ripple. They published Xahau as open-source code that could, in theory, be back-engineered and integrated with the XRP Ledger. You can clearly observe the team's idealistic mindset in early marketing mistakes, where they named their digital asset 'XRP Plus' in an effort to emphasize the way that they viewed their creation. While this resulted in confusion - and even suspicion - in its early days, the team quickly pivoted, and named their digital asset 'XAH', which became its ticker symbol.

Synergy effects between the two camps speak to a genuine camaraderie, with many Xahau developers being open and willing to help with changes to the core XRP Ledger protocol. You can find many examples of this open dialogue on the 'X' platform.

How To Purchase XAH

If you wish to speculate by buying XAH directly, it is available in a variety of convenient locations, depending on where you are located. If you're in a country that is supported by Bitrue, you can directly purchase or trade XAH by using that exchange.

On January 20th, 2025, Bitmart announced that it supports trading of XAH for customers in their list of supported countries; And in late March, another major exchange announced that they would be supporting XAH trading pairs: Coinex.

If you're located in the United States, you can purchase XAH directly from a vendor known as 'C14'. The xApp for C14 is located in the Xaman wallet.

XRP Ledger geeks can also purchase XAH IOUs on the XRPL Dex and then convert them to 'real' XAH using a Gatehub bridge. This is available in countries that Gatehub supports.

Which XAH Accounts Should I Follow?

On the 'X' platform, there exists two major community groups for XAH fans:

In addition to the Xahau notables I've already mentioned in this article, my advice is to take a look at who is posting in the above two communities. There are many impressive leaders and entrepreneurs included. You should be able to find multiple 'X' accounts that reflect your interests.

Xahau Development Roadmap

Xahau leaders have published a roadmap for 2025 that lists their various goals for the ecosystem:

To read a detailed explanation for each item, refer to this: Xahau Roadmap Super Thread

One of the most incredible waypoints listed is 'JavaScript Hooks Implementation.' 🤯

JavaScript!

With the 'JavaScript Hooks Implementation', Xahau is making history; it will enable anybody that knows JavaScript to easily create and install a smart contract. While networks like Ethereum are impressive early movers, they require developers to learn a new language and syntax.

Xahau will soon open 'crypto smart contracts' to a group of developers that number in the tens of millions.

Project L-10K

Project L-10K is one of the most important items in the pipeline. L-10K refers to the effort to boost the throughput of Xahau consensus to over 10,000 transactions per ledger! This will benefit hosted projects such as Evernode, and future issued assets. Heading up the effort is Richard Holland, who provided a progress update to the community in late May of 2025:

To learn more about this ambitious effort, you can watch his full presentation here:

https://x.com/Hodor/status/1925266688653787619

The Future Of Defi And Payments

Once you've seen the extensive list of use cases that XAH easily handles, it's truly inspiring. Xahau is everything that you love about XRP, plus a long list of more things to love. ❤️

Be an early adopter of XAH and the Xahau network! Join the community groups listed and follow the accounts that seem to reflect your own interest - speculator, developer, or crypto fan. You have a place in our community, no matter what your background or interests are. Welcome to the future of crypto Defi and Payments.

Sources:

https://en.wikipedia.org/wiki/WebAssembly

https://docs.xahau.network/readme/what-is-different

https://xahau.network/Xahau-Whitepaper.pdf

https://docs.xahau.network/

NOTE: Payment channels for IOUs is currently in amendment status for the XRP Ledger, authored by Denis Angel here:

https://github.com/XRPLF/XRPL-Standards/discussions/287

https://x.com/angell_denis/status/1826617270552191040

https://c14.money/blog/xaman-c14

https://www.bitrue.com/trade/xah_usdt

https://coinex-announcement.zendesk.com/hc/en-us/articles/36042461173780-CoinEx-Will-List-XAH-Xahau-on-Mar-27-2025

https://support.gatehub.net/hc/en-us/articles/15282264784530-How-to-transfer-GateHub-issued-tokens-between-the-XRP-Ledger-and-Xahau-network