Login Signup
TheDinarian
News • Business • Investing & Finance
? The Dinarian on Locals brings you the latest in news, interviews, in-depth conversations, and stories from across the blockchain and global communities—within and beyond cryptocurrency ?. Experts delve into how blockchain technology is reshaping industries, enhancing business networks ?, transforming transaction workflows, and advancing distributed ledger systems ??. We also explore intriguing topics that may venture into the realm of conspiracies—and so much more!
Interested? Want to learn more about the community?

Show me more content first
Wietzwind: Here is a detailed breakdown of the XRPL.JS Hack 👀

A little bit of background after what has been discovered today: a breach in the xrpl.js Javascript SDK, and measures taken by @XRPLLabs and all @XamanWallet users safe.

Let me first put your mind at ease, if you're a @XamanWallet user: as mentioned earlier today, you're totally fine. You're unaffected. Xaman doesn't rely on xrpl.js, but instead uses xrpl-client and xrpl-accountlib. There are several extra layers we have added to our security model.

1. We use our own custom libs for this, xrpl-accountlib and xrpl-client: this means we separated the connectivity from the signing.

2. We don't auto-update dependencies

3. (Very important!) On top of the above, Xaman source code has an egress firewall in the code, for both iOS and Android, that prevents any used third party lib. from connecting out to non-whitelisted destination domains - this means that even if Xaman would have used xrpl.js (it doesn't) it would still protect users

4. At the trade off of the bus factor, package updates can only be released by me on a dedicated separate computer.

Most importantly: the sheer contept of Xaman protects users interacting with the ecosystem/third party tools/dApps (xApps), etc. EVEN if those third party tools/dApps (xApps), ... would be using a compromised version of xrpl.js (or another dependency), users would still not be at risk as long as @XamanWallet is safe. Your phone is your most personal and trusted device. People keep it close, people keep it clean. When Xaman signs, keys are kept inside Xaman, and cannot be exposed to the tools you are interacting with. Xaman is presenting you with the "single source of truth" when it comes to signing transactions.

Now let me explain what actually happened today:

Software relying on the compromised versions of xrpl.js exposed secret keys generated/entered by end users to third party compromise.

The xrpl.js package isn't the first, and won't be the last package in the crypto ecosystem to be the victim of such an attack: with billions at stake, libraries used by crypto wallets are prime targets.

Any software vendor claiming that "this kind of attack can never happen to them / their software" is lying. This can happen to the best of us. But we sure can do a bunch of things to try to prevent it.

So what is happening here? Almost all software users other software (that uses other software that uses other software, etc.). There's an entire "tree" of dependencies: libraries maintained by third parties, so other builders can continue building without having to reinvent the wheel.

If malicious code makes it into one of these packages many other packages use, nasty things can happen. The xrpl.js package is one of the packages many (most) Web/Browser/dApp/Wallet implementations rely on, as it makes it fairly easy to interact with the XRP Ledger, XRPL accounts, etc. - and most importantly: sign transactions.

A malicious actor managed to sneak code into the xrpl.js package that sent generated / imported keypairs to a third party server. There they could gather a long list of generated keypairs, wait till there was actual balance on the accounts, and empty them. It's likely this has already happened, or will still happen in the future.

If you have recently generated an account / keypair / secret with xrpl.js or a wallet/tool that relies on it, consider your account unsafe and please send your funds to a new account (hint: @XamanWallet at your service!)

So: what can package publishers do to prevent a package compromise like this?

1. Limit the amount of people who can publish to a production release that will become a public package
2. Scan code to be published before actually publishing
3. Keep a strict limit on the amount of contributors who can actually publish packages
4. (Personal opinion): don't use an automated pipeline for the actual publishing & use pattern scanning on your to be published source code

Of course the more restrictive one is with the above, the higher the "bus factor" - but I prefer the bus factor over the attack vectors: worst case attack vector = huge problem, worst case bus factor = no package updates.

What can builders to to prevent the above?

1. Don't auto update dependencies
2. Security scan dependencies
3. Use strict CORS/Connect/... limits to limit where packages can connect to (if borwser)
4. (If native code) Use egress filters to prevent connections to untrusted sourjces.

But in reality, for most developers: don't manage keys: it's hard. It's dangerous. Build on top of third party signing solutions who do the heavy lifting when it comes to key management, security & trust.

Source: https://x.com/WietseWind/status/1914818761179160742?s=19

Reply
Interested? Want to learn more about the community?

Show me more content first
What else you may like…
Videos
Podcasts
Posts
Articles
thedinarian@thedinarian
October 18, 2025
The Gold Standard ✨️ And The USD 💵
00:02:30
Reply
thedinarian@thedinarian
October 18, 2025
IMF Admitting Crypto Is Inevitable 💥

When you have the IMF Admitting crypto is inevitable, BlackRock Tokenizing the financial system, the FED hinting at ending QT, Gold doing a parabolic move & the FED hinting at renewed easing.

This isn’t coincidence.
This is strategic coordination.

OP: Vandell33

00:00:47
Reply
thedinarian@thedinarian
October 18, 2025
Listen to this... 🤯

Catherine Fitts, she just revealed that interdimensional beings are pulling the strings in this world 🧐😱👽

👉Re-read your religious book, with interdimensional beings in mind and it will all start to make sense... 😉

00:00:23
Reply
thedinarian@thedinarian
October 31, 2024
👉 Coinbase just launched an AI agent for Crypto Trading

Custom AI assistants that print money in your sleep? 🔜

The future of Crypto x AI is about to go crazy.

👉 Here’s what you need to know:

💠 'Based Agent' enables creation of custom AI agents
💠 Users set up personalized agents in < 3 minutes
💠 Equipped w/ crypto wallet and on-chain functions
💠 Capable of completing trades, swaps, and staking
💠 Integrates with Coinbase’s SDK, OpenAI, & Replit

👉 What this means for the future of Crypto:

1. Open Access: Democratized access to advanced trading
2. Automated Txns: Complex trades + streamlined on-chain activity
3. AI Dominance: Est ~80% of crypto 👉txns done by AI agents by 2025

🚨 I personally wouldn't bet against Brian Armstrong and Jesse Pollak.

👉 Coinbase just launched an AI agent for Crypto Trading
Reply
thedinarian@thedinarian
1 hour ago
This Is One Of The Best Analysts There Is.. Bar None..
Reply
thedinarian@thedinarian
42 minutes ago

🚨 RIPPLE-BACKED EVERNORTH EYES $1B US NASDAQ LISTING FOR LARGEST PUBLIC XRP TREASURY 🚨

Evernorth, a new digital asset firm supported by Ripple, has revealed plans to go public in the US through a Nasdaq listing—aiming to raise over $1 billion dedicated to creating the world’s largest public institutional treasury of XRP.

🔑 Key Points:

🔹 IPO & SPAC Deal: Evernorth will go public by merging with Armada Acquisition Corp II in a deal targeting Q1 2026 completion and plans to list under the ticker XRPN, pending approvals.

🔹 Treasury Model: The majority of proceeds are earmarked for open-market XRP purchases to build an institutional-scale XRP treasury. Rather than act as a traditional ETF, Evernorth will manage the portfolio actively—participating in lending, liquidity provision, and DeFi yield opportunities to enhance returns beyond simple price exposure.

🔹 Major Backers: The initiative features investments from Ripple, Rippleworks, Pantera Capital, Kraken, GSR, SBI (with a $200 million...

post photo preview
Reply
thedinarian@thedinarian
8 hours ago
The Telepethy Tapes 👀

In a world that often dismisses the extraordinary as mere fantasy, The Telepathy Tapes dares to explore the profound abilities of non-speakers with autism—individuals who have long been misunderstood and underestimated. These silent communicators possess gifts that defy conventional understanding, from telepathy to otherworldly perceptions, challenging the limits of what we believe to be real.

For years, their parents and teachers have quietly witnessed these remarkable abilities, knowing that the time to share their truth would eventually come. But now, as the evidence mounts, the time has come to reveal what has been hidden in plain sight.

This groundbreaking series challenges everything we think we know about communication and the human mind, inviting listeners to step into a reality where the impossible is not only possible but happening every day.

Through emotional stories and undeniable evidence, The Telepathy Tapes offers a fresh perspective on the profound connections that exist ...

post photo preview
Reply
thedinarian@thedinarian
October 04, 2025
post photo preview
New Human Force
Join this Now! YOU have what it takes!

They are in our solar system, and in our event-stream in this Eternal Now.

Officialdom is clueless.

They think we are going to be at WAR with the Aliens.

Officialdom is very stupid.

Aliens is here. It’s not WAR. It’s Contention.

There is a difference.

Officialdom is clueless, still living in the last Millennium.

Aliens is here.

The Field in which we contend is This Eternal Now.

ALL HUMANS LIVE HERE, and ONLY HERE, in this

ETERNAL NOW.

It’s a Field of potentials, of pending Manifestation, this continuous event-stream of karma in which we have always lived our body’s Life.

This Eternal Now has always been our body’s Field of Contention.

The Aliens is here, in our Eternal Now.

Our common, shared, reality that we all continuously co-create now has Aliens.

It’s getting very complex in here.

Officialdom is clueless. They see the Aliens. They are freaking out. They think you are children, when it is their small minds, trapped in a reality that is only grit, mud, and ‘random chance’ who are childish.

Officialdom is stupid. They will and are reacting badly. As is their way, they are trying to hide shit from you. Silly grit bound minds don’t realize you can see everything from within the Eternal Now. They have yet to grasp that what they perceive as this Matterium, filled with ‘matter’, is but a hardening of our previous (past) internal states of being.

WAR happens in the Matterium.

Contention occurs within this Eternal Now where Consciousness shapes the manifesting event-stream.

YOU know this to be fact. You are a co-creator.

Contention with Aliens is happening in this instant in this Eternal Now.

Officialdom ain’t doing shit. They are still stuck in trying to move matter around to affect unfolding circumstances. That’s redoing the mirror trying to affect the reflection. Dumb fucks….

It’s up to US. To the New Humans. Those of us who live in this Eternal Now. Those of us who see that our body’s Lives (the Chain that cannot be broken) are expressions of the Ontology revealing itself to itself. It’s up to us guys.

We are not an Army. That’s a concept from the past, from before the emergence of the New Humans. We are a Force. A self-organizing collective with leadership resident in each, and every participant.

We are the New Human Force. By the time officialdom starts to speak about the Aliens in near-factual terms, we will already be engaging them in this Eternal Now.

By the time officialdom begins to move matter around (space ships & such) thinking it’s War, we will already be suffering casualties in this Eternal Now. That part is inevitable. It’s how we learn.

By the time officialdom realizes that some shit is going on in places and ways beyond its conception, we will already be pushing our dominance onto our partners in this First Contention, the Aliens. Nage cannot train without Uke.

Just as officialdom is scrambling to research the Ontology, this Eternal Now, and the event-stream, we will be settling terms with our new partners, the Aliens.

Come, join with us. It’s going to be a hellacious Contention.

We ARE the NEW HUMANS!

Together we are the Force that cannot be defeated.

Start YOUR training in this instance of this Eternal NOW.

Consume Neville Goddard videos as though all of human existence depended on YOUR mind and YOUR active, effective, imaginings!

It’s not a question of Mind over Matter as there is only Mind and it cares not for Matter. That’s residue.

Source

🙏 Donations Accepted 🙏

If you find value in my content, consider showing your support via:

💳 PayPal: 
1) Simply scan the QR code below 📲
2) or visit https://www.paypal.me/thedinarian

🔗 Crypto Donations👇
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article
Reply
thedinarian@thedinarian
August 31, 2025
post photo preview
The Great Onboarding: US Government Anchors Global Economy into Web3 via Pyth Network

For years, the crypto world speculated that the next major cycle would be driven by institutional adoption, with Wall Street finally legitimizing Bitcoin through vehicles like ETFs. While that prediction has indeed materialized, a recent development signifies a far more profound integration of Web3 into the global economic fabric, moving beyond mere financial products to the very infrastructure of data itself. The U.S. government has taken a monumental step, cementing Web3's role as a foundational layer for modern data distribution. This door, once opened, is poised to remain so indefinitely.

The U.S. Department of Commerce has officially partnered with leading blockchain oracle providers, Pyth Network and Chainlink, to distribute critical official economic data directly on-chain. This initiative marks a historic shift, bringing immutable, transparent, and auditable data from the federal government itself onto decentralized networks. This is not just a technological upgrade; it's a strategic move to enhance data accuracy, transparency, and accessibility for a global audience.

Specifically, Pyth Network has been selected to publish Gross Domestic Product (GDP) data, starting with quarterly releases going back five years, with plans to expand to a broader range of economic datasets. Chainlink, the other key partner, will provide data feeds from the Bureau of Economic Analysis (BEA), including Real Gross Domestic Product (GDP) and the Personal Consumption Expenditures (PCE) Price Index. This crucial economic information will be made available across a multitude of blockchain networks, including major ecosystems like Ethereum, Avalanche, Base, Bitcoin, Solana, Tron, Stellar, Arbitrum One, Polygon PoS, and Optimism.

This development is closer to science fiction than traditional finance. The same oracle network, Pyth, that secures data for over 350 decentralized applications (dApps) across more than 50 blockchains, processing over $2.5 trillion in total trading volume through its oracles, is now the system of record for the United States' core economic indicators. Pyth's extensive infrastructure, spanning over 107 blockchains and supporting more than 600 applications, positions it as a trusted source for on-chain data. This is not about speculative assets; it's about leveraging proven, robust technology for critical public services.

The significance of this collaboration cannot be overstated. By bringing official statistics on-chain, the U.S. government is embracing cryptographic verifiability and immutable publication, setting a new precedent for how governments interact with decentralized technology. This initiative aligns with broader transparency goals and is supported by Secretary of Commerce Howard Lutnick, positioning the U.S. as a world leader in finance and blockchain innovation. The decision by a federal entity to trust decentralized oracles with sensitive economic data underscores the growing institutional confidence in these networks.

This is the cycle of the great onboarding. The distinction between "Web2" and "Web3" is rapidly becoming obsolete. When government data, institutional flows, and grassroots builders all operate on the same decentralized rails, we are simply talking about the internet—a new iteration, yes, but the internet nonetheless: an immutable internet where data is not only published but also verified and distributed in real-time.

Pyth Network stands as tangible proof that this technology serves a vital purpose. It demonstrates that the industry has moved beyond abstract "crypto tech" to offering solutions that address real-world needs and are now actively sought after and understood by traditional entities. Most importantly, it proves that Web3 is no longer seeking permission; it has received the highest validation a system can receive—the trust of governments and markets alike.

This is not merely a fleeting trend; it's a crowning moment in global adoption. The U.S. government has just validated what many in the Web3 space have been building towards for years: that Web3 is not a sideshow, but a foundational layer for the future. The current cycle will be remembered as the moment the world definitively crossed this threshold, marking the last great opportunity to truly say, "we were early."

🙏 Donations Accepted 🙏

If you find value in my content, consider showing your support via:

💳 PayPal: 
1) Simply scan the QR code below 📲
2) or visit https://www.paypal.me/thedinarian

🔗 Crypto Donations👇
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article
Reply
thedinarian@thedinarian
August 30, 2025
post photo preview
US Dept of Commerce to publish GDP data on blockchain

On Tuesday during a televised White House cabinet meeting, Commerce Secretary Howard Lutnick announced the intention to publish GDP statistics on blockchains. Today Chainlink and Pyth said they were selected as the decentralized oracles to distribute the data.

Lutnick said, “The Department of Commerce is going to start issuing its statistics on the blockchain because you are the crypto President. And we are going to put out GDP on the blockchain, so people can use the blockchain for data distribution. And then we’re going to make that available to the entire government. So, all of you can do it. We’re just ironing out all the details.”

The data includes Real GDP and the PCE Price Index, which reflects changes in the prices of domestic consumer goods and services. The statistics are released monthly and quarterly. The biggest initial use will likely be by on-chain prediction markets. But as more data comes online, such as broader inflation data or interest rates from the Federal Reserve, it could be used to automate various financial instruments. Apart from using the data in smart contracts, sources of tamperproof data 👉will become increasingly important for generative AI.

While it would be possible to procure the data from third parties, it is always ideal to get it from the source to ensure its accuracy. Getting data directly from government sources makes it tamperproof, provided the original data feed has not been manipulated before it reaches the oracle.

Source

🙏 Donations Accepted 🙏

If you find value in my content, consider showing your support via:

💳 PayPal: 
1) Simply scan the QR code below 📲
2) or visit https://www.paypal.me/thedinarian

🔗 Crypto
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article
Reply
See More
Available on mobile and TV devices
google store google store app store app store
google store google store app tv store app tv store amazon store amazon store roku store roku store
Powered by Locals