Haz Æ 41
@hazae41
Followers
1,003
Following
232
Media
791
Statuses
3,692
Le diable se cache dans les détails • @BrumeWallet
☀️☀️☀️
Joined May 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#GranHermanoCHV
• 76165 Tweets
#TrainAccident
• 48352 Tweets
Cardiff
• 43915 Tweets
本イベント
• 27573 Tweets
First Indian
• 24959 Tweets
BINI BOYCOTT GENOCIDE FUNDERS
• 24730 Tweets
AL LOVE DELIVERY
• 21744 Tweets
キラーT細胞
• 20874 Tweets
रेल मंत्री
• 20858 Tweets
Sarabjot Singh
• 14834 Tweets
#Wayanad
• 12572 Tweets
Gallagher
• 12449 Tweets
Pinned Tweet
Create immutable webapps that are secure and resilient against server-side attacks and censorship 🗿
3
2
15
@fireship_dev
There had to be 21 iterations to accomplish this
I'm still stuck with Java 8 btw
3
0
175
Dear
@rainbowdotme
🌈
If you could stop injecting local databases in my app, corrupting the data of my users, and leaking their privacy by injecting your telemetry, that would be great
Thanks☁️
9
11
108
don't use Google, Facebook, Twitter ; own your identity and use
@MetaMask
,
@rainbowdotme
,
@WalletConnect
5
16
98
0
5
105
Each time you sign a structured message using Ledger's JavaScript SDK, it does a request to their servers 😳
This means they have the IP address of everyone who signs structured messages through their SDK (almost all wallets on the market 💀)
Even worse, since you often send a
6
9
59
@PR0GRAMMERHUM0R
The world if everyone used milliseconds since epoch instead of randomly timezoned datetime
3
1
57
WalletConnect replied to my 2 critical vulnerabilities
"Thanks for the report. It's a known and accepted issue and outside of the scope of our security bounties. Purpose of this feature is not to prevent such attacks but to make them harder."
- With just one line of code I can
WalletConnect continues to promote its Verify protocol, even though I reported them two critical vulnerabilities, and they won't respond to me
11
0
9
8
5
49
WalletConnect is CRYPTO 😎
- Closed-source software
- Requires listing in order to be used
- Your privacy doesn't matter
- Paid by VC money
- Terrible security
- OFAC zealotry
Learn more👇
8
9
55
Introducing Sighash — The decentralized version of the 4Bytes database (function hash to signature)
Stored on
@gnosischain
and indexed by
@graphprotocol
4
4
39
@EricLarch
Trusting the manufacturer one time when the device is made, is not the same as trusting the manufacturer all the time during the whole device life
1
2
39
@protolambda
You will enjoy
@BrumeWallet
:
- Log of RPC calls, tx hashes, etc? 🚧 Coming soon
- Account management that isolates each account?✅ Yes + multiple seeds per user
- Introspection of signing requests? ✅
- Different RPCs for the same chain.✅ Yes + aggregated responses to know
4
6
35
@TheBTCTherapist
@WhatBitcoinDid
@ODELL
@_pgauthier
- "You do have xpubs but you had them before too on Ledger Live, right?"
- "There is no real information for the IRS on this"
Creepy conversation
1
0
29
I just released
@BrumeWallet
0.4.13
- Revamped "Send" dialog
- Added gas selection
- Better performances
- Fixed dark mode
1
3
29
The next update is going to be SO GOOD
- WalletConnect over Tor
- Badge for active/inactive sessions
- Badge for number of requests
- Lower CPU and RAM usage
- Better resource pooling
- New logo
- Custom nonce
- A lot of bugs fixed
Probably this week 🔥
1
2
27
Sign-only — Sign transactions without sending them
- Works on hardware wallets
- Works on ERC-20 transfers
- Works on custom data
- Still requires internet to fetch gas price (for now)
Available right now on the web version
1
1
26
0
0
23
To people following me in an attempt to fork my stuff and fuck me
You can't
I did in 3 months as a solo dev what your whole company couldn't do in 3 years
You don't have the required skills
6
0
27
Imagine flagging a competitor as unsafe without any particular reason
4
0
24
Here is the first draft of
@BrumeWallet
governance contract 👀
Solidity devs, please take a look at it 🫡
Code:
Spec:
10
5
27
I just released
@BrumeWallet
0.4.15 — Gas gas gas
- New "Send" dialog on ERC-20 tokens
- You can now sign transactions without sending
- You can now use custom gas parameters
4
3
26
You can now use Tor on any website, no installation needed, end-to-end encrypted using TLS
Demo:
2
2
24
All these Ethereum requests used a different Tor circuit and IP address, thanks to a new "just-in-time" pooling mechanism 🤯
This means that when using
@BrumeWallet
, every single wallet address can use a different IP address
When we need to make a request, we take a random
3
7
24
Dapps will soon be able to use Tor without any installation
Imagine a Dapp that's hosted on IPFS, has a domain name on ENS, and has an API on Tor
In other words, a reproducible front-end, a transparent domain, and a fully uncensorable API
4
6
23
Not affecting
@BrumeWallet
😎
🚨 We've detected a potential supply chain attack on ledgerconnect kit 🚨
The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps including but not limited to
49
309
742
4
7
23
I just released
@BrumeWallet
0.4.14
- Revamped "Send" dialog now on native tokens
- You can now add custom data in the "Send" dialog
1
0
23
@davidfowl
CORS was made because browsers sent cookies by default, and instead of fixing the browsers, they made all websites requiring responses headers no one understands
The worse is that now you have to make an OPTIONS request before your actual POST request, and double your bandwidth
5
0
23
Snaps are coming soon to
@BrumeWallet
, with the strongest security thanks to WebAssembly and Rust
This is an example JSON-RPC echo using Rust 😎
4
1
23
How
@BrumeWallet
uses Tor to hide your IP address from Ethereum RPCs
It creates an end-to-end encrypted tunnel between your computer and the Ethereum RPC
This tunnel is in fact a path of 3 Tor nodes that encrypt and route your packets back-and-forth between your computer and
5
4
22
Not enough gas? Get some for free and fully anonymously, powered by Network protocol
Coming soon to
@BrumeWallet
2
0
25
@VitalikButerin
@BigImpactHumans
until your transaction gets stuck and you can't make another for one day because Metamask made a mistake in the fee estimation
18
0
10
WalletConnect continues to promote its shitty "Verify" protocol as "safe", even though it still has a major security hole
And they don't want to pay pentesters to fix it, they don't want to take any action and don't reply to security issues on GitHub and by email
This is not a
2
2
20
GM 🫡
Are you ready to see one of the most stupid vulnerability you will ever see in crypto space?
Here is the first vulnerability I found about the WalletConnect's Verify API 👇
2
4
20
I have no words to say how fast the encoding is ⚡️
Best scenario on the left (bytes-to-bytes) is almost 700x times faster than Ethers 🤯
Worst scenario on the right (bytes-to-hex) is still 5x times faster than Viem 🤯
3
0
19
"So you're telling me you reimplemented Tor, TLS, and various other protocols in JavaScript, made an Ethereum wallet out of it, reimplemented Ledger, WalletConnect, and various other protocols, and still have time to optimize your WebAssembly stuff to be 700x faster than Ethers?"
6
5
19
Just achieved 500 subscribers ☀️
Building in public works, if you find a way to show it
Big thanks to everyone
2
0
19
Brume 0.5.3 — Android
- The wallet is now available as an APK for Android
3
0
17
I just released
@BrumeWallet
0.4 🔥
- WalletConnect over Tor
- New extension logo
- Custom nonce
- Lower CPU and RAM usage
- Many bugs fixed
1
0
17
I just released
@BrumeWallet
0.4.17
- You can now create
@PeanutProtocol
links from native tokens and ERC-20 tokens
- Faster Tor resumption when the device becomes offline
Download 👇
1
0
15
@peer_rich
It's just a function that gets called whenever one of the deps changes
And you can return a cleanup function that will get called on unmount / before the next call
It doesn't require 200 IQ to understand that
1
0
16
Send transactions but you have access to custom data and you can do offline signing
2
1
14
Did you know
@BrumeWallet
is the most liked wallet on
@thedapplist
?
@0xbrileigh
@BrumeWallet
@juicebox_money
Been using
@BrumeWallet
from sometime after they got onto .
Pretty sleek & minimalistic experience. Love it.
0
3
6
1
1
15
End of the game
Here is a HTTPS (HTTP + TLS) request tunneled through Tor, all in the browser
All the TLS stream is sent with Tor's RELAY_DATA cells, the final HTTP response is sent through this TLS stream
Which means it's both end-to-end encrypted and anonymous
This HTTP request has been tunneled via Tor, entirely in the browser, using Fleche (HTTP) over Echalote (Tor) over Cadenas (TLS)
TLS is used to establish an end-to-end encrypted connection between you and a Tor entry node
Soon, TLS will be used over the exiting HTTP request
0
0
0
1
2
15
I just released
@BrumeWallet
0.4.8 🔥
- When transacting, it will display the function, arguments, and slightly decode the data
- It now works on 99% of dapps (sampled from
@thedapplist
)
1
1
15
Some folks at Google Play Store are censoring our Android app with a fake "impersonation" reason
They don't want to explain and don't want to hear anything, besides factual evidence that I'm the official developer
I will publish the app to F-Droid very soon, the APK is already
1
0
14
