Is UltraSafe Coin ultra-safe?

I love a good moonshot. A fellow Redditor asked me today what I thought about the UltraSafe Project. I hadn’t heard about it yet and I liked the name. It almost sounds like a crypto-wallet company, no? (There is another coin called Ultra token out there, but let’s not digress.) Its price-point is extremely affordable, it has a decent Twitter following with just under 10k followers. No recent tweets though. Okay, it’s an official moonshot with the potential Crypto Coin Mentor purchase to follow. (I haven’t pulled the trigger yet)

Reading through the whitepaper, I stumbled back to the homepage of the project where I noticed the images of the “company” prominently there. I was struck by that, but I also couldn’t click on anyone, nor is there any last name associated with their first names… I suppose this is okay, but why can’t they link to their social media accounts or even a group one? I suppose I must join the Telegram group. Alright, I won’t judge. Remind me to join yet another Telegram group. I did join their Reddit sub–there is a lively and timely discussion there, with about 4500 members. I did find a reference to Dave Haggard, who is the CEO–so he’s real. At least according to this Forbes article where he is mentioned.

The article doesn’t mention any project details, but that’s understandable. The question is how did Dave Haggard, get interviewed by Forbes?

Okay, back to the whitepaper. It’s short, five pages. I’ve uploaded it here so it won’t go away, even if the UltraSafe site does:

The first thing to note. It’s a fork of SAFEMOON. I got that info by watching the video (I’ll include it below). What that means is that it uses the same code that SAFEMOON does except for a couple of changes that the current development team has performed. I have looked at both of the codebases side-by-side. The interesting thing is that the UltraSafe contract is only about 40 lines of code less than SAFEMOON. Which is consistent with the video statement about the contract. But what is Matt doing? Matt is the software engineer on the project–I’ll have to dig more.

UltraSafe Video

A Redditor posted that UltraSafe is “unruggable” because of the differences it has with SAFEMOON but I’ll leave that to your better judgement and interpretation. I am going to put both codebases in a single repo and check the differences. I’ll post that later as well. From a quick glance it doesn’t look like there is much difference between them… This is normal for these types of coins IMO, better to use tested and open source code. But, how are updates being done? Why don’t they have a link to their code on their website?

The other feature is this, taken from the webpage:

“Buy and hold UltraSafe to reap the rewards of its frictionless yield protocol, earning passive income and enjoying price appreciation as the community-driven hype achieves dynamic milestones!”

Here is part of the overview from CoinMarketCap

“ULTRASAFE charges an 8% fee on each transaction: one half (4%) is redistributed among holders, and the other half (4%) is added into liquidity. From piggy banks to interplanetary vaults, tear through progressive security-related milestones and join the newest community-driven frictionless yield protocol on the Binance Smart Chain.”

I have not verified that this is actually happening but we can probably assume that the contract is working as programmed–it seems to be getting traded.

Here are the GitHub repositories that hold the code:



On Github: (I’m not sure that this is Matt’s Repo)

On the Binance Smart Chain

Security Audits

The UltraSafe code is written in Solidity, the language of smart contracts for the Ethereum blockchain. It passed all of tests for a DeFi smart contract like this. That’s legit.

I got into the Certik assessment for UltraSafe, it looks good. Nothing to raise an eyebrow at–a little shout out to Certik for doing manual reviews of code btw.

The bottom line

Does the project have a significant social media presence or marketing?

Yes–but, the hiatus on Twitter is concerning. I haven’t done a lot of deep digging there but I will before I buy. The Redditors say that the ceo and others on the project are “doxxed”, but that’s just hearsay at this point. You’d think they’d want to keep the flow of info going.

Are the top ten holders holding more than 50% of the token?

Nope. That’s confirmed here. It looks pretty good in regards to decentralization. 42k hodlers at the time of writing.

Does the project have liquidity?

It’s looking pretty good. You can trade it Ledger Bank Exchange or on PancakeSwap. This is a token that lives on the Binance Smart Chain, not the Ethereum Chain. So it’s a little different to acquire if you haven’t worked with BSC tokens.

Can you trust the project?

On paper, this project looks solid. What I mean is that there obviously is something behind this project, a real startup? Maybe. I think it might be something to keep your eye on, but I’m going to have to dig some more before I toss some BNB at it.

Invest wisely, my friends. This obviously isn’t financial advice–and I’m not hodling ULTRA just yet.

Would you trade 1 ETH for 63 Billion Hanzo Inu tokens? I hope so.

Just when you thought investing couldn’t get more outlandish, I present to you yet another Shiba Inu. Meet Hanzo Inu. Yes, another Shiba story. Could this token be the one? Could this be the dog that eats all the others? This dog is Asian, just like me. This dog loves social media, just like me. This dog hates scams, just like me. Sounds perfect right? Read this:

“In a whirlwind of sakura pedals, Hanzo Inu was called into existence by his creators on May 6th 2021. He knew exactly why he was summoned.

Leaders in the Decentralized Finance (DeFi) realm had malicious intents and were taking advantage of their loyal supporters without retribution. Communities that once felt they could invest safely, were now left with feelings of confusion and mistrust from all the fraudulent schemes.

Being an honourable Samurai, Hanzo Inu knew he could not let the dishonesty and theft continue.

He vowed to work closely with his creators to build a safe space in the DeFi realm. A space where creativity and diversity are embodied by the community; and trust and transparency promised by their leaders.”

Hanzo Inu Whitepaper

After reading these deeply moving and inspirational lines. I felt it my duty to invest in this project. No, this isn’t financial advice. This is wealth building in 2021. If you don’t like it, then check out some of these Cat currencies.

So let’s go down this to the dog pound and figure out what’s going on.

Hanzo Inu is a deflationary meme token that is based on a MMO (Massive Multiplayer Online) game and a social media application. And yes, it passes my smell test for buying these moonshot coins that will obviously make someone a lot of money, sorry, I mean bones.

Yesterday, I traded 3 Trillion Kishu Inu tokens for 1 Ethereum. So during the dog days of summer, I decided to become a dog catcher and try to find the next Dogecoin hiding in the proverbial suburbs of the internet. I laid out my approach to finding and catching the dog that will be worth thousands; indeed, I have a bone to pick (pun achieved) with these cryptocurrency projects. And I am confident that I will pick a bone that still has a little meat left on it.

A quick google search to, for “best meme tokens” will present you with a list of 42 of the finest meme coins in the world–and 25 of them listed on this page are based on dogs. Yes, 25 dog crypto projects. Woof woof. If you were to tell me last year I’d be writing an article today about investing in dog-based cryptocurrencies, I would have laughed myself into a group home for the clinically insane.

I really am starting to think that people have lost it.

So let’s do this. It’s a Friday after all–we all love dogs, that’s clear. Let’s pull the fur back and try to understand what’s really happening here. First of all, what is a deflationary token?

A deflationary token that decreases in total supply every time a token transfer happens. As with every transfer, a percentage of the transferred amount will be burned.

Hanzo Inu has an interesting deflationary approach = 5% Tax = 2% Redistribution + 2% Marketing + 1% Burn

Every time someone trades or transacts Hanzo Inu tokens, 2% of the transaction gets redistributed BACK to the other holders, 2% gets sent to a marketing wallet, and 1% gets burned. That’s pretty straightforward and when we do our due diligence we can see that yes indeed, this is happening. Over 3 million USD worth of Hanzo has been burned, and the tokens are getting redistributed.

Already up from yesterday–the distribution is working as well.

Even more compelling about this dog, is that it just started. It’s in phase 1 of its moonshot. As I mentioned in the last article about these moonshots, getting in early is always better than bag holding at the end. I’m not suggesting that this is a clear rug pull, part of the idea for this token is that it is based on the fact that there are so many potential rug pulls out there–this one is the diamond dog in the dog pound, with locked liquidity to prove it.

Marketing, check. Liquidity, check. Trustworthiness, well, check. But we’re still at the beginning of this dog’s growth cycle, but based on the strong community presence on Telegram, Twitter, Instagram, and Facebook, this dog looks like it will certainly hunt. Are 50% of the tokens being held by the top ten? Nope. The “dog’s share” of the tokens are being held in the burn wallet, and thanks to the beauty of the blockchain, we can verify that as a fact as well.

With all of these items in place. I took my 1 ETH and swapped it on Uniswap V2.

The Hanzo Inu project has reached 20 million in market cap in the past and according to @HanzoInu from Twitter has settled to around 2 million USD. It has over 4,000 holders, and 3,000+ members in its Telegram channel. Aside from these numbers, the game that it will be based on will include in-game NFTs that will be tradeable–this is genius considering that the NFT space just seems to be getting bigger and bigger each day.

Hanzo Inu is also developing a social media application that will connect its users and allow them to trade the NFTs within and with other meme token projects that are out there. They have plans to be able to onboard other projects into the social media app–after the community itself has voted and accepted them as “Honourable.”

Stay safe out there! Invest well.

“The better I get to know men, the more I find myself loving dogs.”

– Charles De Gaulle

Why did I just buy 3.7 Trillion Kishu Inu tokens?

I love volatility. Over the last year, we have seen some incredible volatility in crypto markets. I might be addicted to it and I can’t get enough. But there is a method to my madness and I want to share that with you today.

First of all, I’m not suggesting that you buy these tokens, especially if you’re afraid to lose money. This isn’t financial advice, it’s just my take on how to make money in the current market. I’ve made money, I won’t go into the list of coins that I’ve made money on recently, but I’ve cleared five figures on more than a couple of my trades and I seem to have a nose for sh*tcoins. So, if anything, I look at buying these tokens a lot like buying a lottery ticket from the local gas station.

I have told friends that if they can’t handle the volatility, get back into the stock market and make it the old-fashioned way–take long positions on companies that pay dividends, choose companies that you buy products from today and see buying more of in the future. Think Coke and Pepsi products, or oil, or electricity. These are all things I’ve invested in in the past, and also still invest in today. You can’t go wrong really with this approach to buying stocks.

Crypto is Exciting

We’ve seen the rise and fall of different coins that have made us shake our heads in confusion. I can’t tell you the number of garbage articles I’ve read recently that are just all clickbait and reading them is nearly impossible with all of the advertisements interwoven throughout. But, as promised, I want to share my “guide” for evaluating and buying these tokens–how do you know a good project from a bad one? Why would you even try? Well… you can make some serious cash.

If you had invested $1000.00 bucks into Dogecoin less than 1.5 years ago, that 1000.00 USD would be worth over 300,000 USD. What about Twitter’s new baby coin, SafeMoon? 1000.00 USD would have made you about the same 300k–in only about 4 weeks. SafeMoon is something I looked at but I didn’t buy–I missed on that one. There’s a reason why though.

What kind of crypto are you buying?

This should be the first question you should ask. I break it down into two main categories. Traditional Crypto Projects and Moonshot Projects.

Traditional crypto projects are like Bitcoin, Ethereum, Chia Network, Helium Network, Machine Exchange Coin, and others. They have professional development teams working on them, they are well established with actual functionality in the real world. Now their products might not be that great or interest you, that’s not the point. They might fail faster than some shitcoin project, but they have whitepapers, companies, and other real-world entities involved with them.

Moonshot Projects are projects like Shibu Inu, SafeMoon, Australian Safe Shepherd and Dogelon Mars, these projects remind me of people who buy Star Wars toys and store them in their basements for years and years. Yes, some of them have pros working with them on some level, but a lot of them have nonsense whitepapers, or “woof-papers”, and are based on simple popularity. They don’t have much value other than what some Redditor might be telling you. Remember Beanie Babies? Yep, they went to the moon for a while years ago… Worthless as they may be, they got traded for thousands at one time.

Is the token you’re holding valuable because of the social media presence they command? Yep, you’re dealing with a Moonshot Project in my opinion. My advice is to get in when the getting is good and get out as soon as you’ve made a profit. I’ve held more bags than I care to divulge here–and they’ve been expensive lessons. If I’d sold them off when they made me a great return, I wouldn’t have cracked 1,000,000 USD–but I would have had healthy returns and would have had more money to play with later. Moral of the story: Don’t be greedy. If you do pick a Moonshot that is mooning, cash out on the upswing.

Methodology for Buying Traditional Crypto

For traditional crypto, I like the traditional “long” approach. Buy it now and hold it for a long time. You have to do some research first though, even if it sounds like a winner from that article you just read on it from your favorite source. Ask yourself a few questions.

  1. Does the technology it’s based on do something meaningful? What I mean here is does it solve some scaling problem? Does it help transactions go faster or more securely? Does it provide some service that hasn’t been addressed yet? Bitcoin is a new technology in that it uses blockchain technology to store value in a way that hadn’t happened in the past. Ethereum is more like a platform, I think of it like an operating system that other programs can be built on. I stay away from projects that are just copies of these two, like Bitcoin Gold, or Ethereum Classic–and both have underperformed. When you’re buying a crypto that you want to hold for a long time, read the whitepaper, figure out if the product is valuable to you and if you’d buy it 30 years from now. If the answer is yes, then maybe it’s a project worth investing your money into for the long game.
  2. Who is developing it? Is the development team made up of people that have never developed a cryptocurrency before? Who are they? Did they just copy some code from some other project and renamed it? If so, that code may never be updated. If you have heard of the developer behind the project on CNN, then you probably have a serious project with a serious team. Do your due diligence and figure out if they are the real deal or not. It won’t be that hard to figure out if it’s a traditional crypto or a moonshot.
  3. Do they have a marketing team? No marketing team in my mind means it’s a no go. All legitmate coins usually have a marketing team that’s being funded independently and/or by an ICO that happened well before you heard about the coin. If it’s not doing B2B marketing then I’d stay away, you want to buy into projects that are working with other companies, period.
  4. Is it being added to exchanges like Coinbase? If you’re not seeing mass adoption by legit exchanges then you’re probably dealing with a moonshot. I like using Coinbase as a bellweather. If they are adopting the coin, then I know their research unit has checked it out. Now, Coinbase is just an example–lots of legitimate projects aren’t being traded on Coinbase–but if it is, then they’ve probably at least covered the first three requirements that I’ve listed above.

Methodology for Buying Moonshot Crypto

First of all, there is way more chaff than wheat in my opinion so a healthy dose of caution must be exercised when getting involved with what many FUDders will call, sh*tcoins. Be careful out there–again, do what research you can and be ready to sell. Most of these projects are based on getting in early and getting out at the expense of those who got in late. So if you’re playing in this game, be early. The early bird definitely will get the worm.

Don’t be too cynical. Dogecoin was a “joke coin” back when it started, look where it is today. It’s one of the top-ten most held and traded cryptocurrencies in the world. People have made serious money on Dogecoin and there are now hundreds of dogecoin millionaires. Now, I’m not saying anything more than sh*tcoins happen!

The other general advice I might give to crapcoin investors is to go small. I already told you I love volatility and I love the idea of making a fortune on a relatively small amount of money, but you shouldn’t be putting in 10, 15 or 20 percent of your holdings into these coins… you should be thinking more like 10, 15 or 20 USD at a time. Spread out your investments and watch Twitter like a hawk. LOL, if Elon starts tweeting… get ready to travel to the moon. You can do a little more, this is what I like to do before I get involved. Ask yourself these questions before you go forth and buy these coins.

  1. Does the project have significant social media presence or marketing? Shibu Inu does, you can see the number of holders from Etherscan, look for numbers in the tens of thousands of users/holders. If you go on Twitter and see that it’s mainly bots and morons tweeting about it, stay away. Do you like the coin? I love dogs and the dogcoin markets–so I’m into them. I like the marketing on them and so that’s why I own some Shibu. Does it mean I’m going to make millions on it? Well… probably not. But at least I like the project–and I like the community.
  2. Are the top ten holders holding more than 50% of the token? Ever hear the term “rug-pull?” Well most rug-pulls are pulled by crapcoin purveyors after they’ve made their money. You don’t want to get involved in a project where half of the tokens are being held by just a handful of people. Why? Well, that would defeat the major point of blockchains and the whole cryptocurrency movement–decentralization. You want to look for projects that have a good number (think more than 1000) of actual holders that aren’t all on the same team. Make sure that the project token holders are decentralized. That’s going to limit the chance that your funds get pulled.
  3. Does the project have liquidity? All projects need money to start and survive. If the project has less that 100k of liquidity, then I’d probably look elsewhere. It costs real money to get coins going. The more money involved within a project, the more serious that the development efforts are behind them… more money means more serious investment. You have to have money to make money after all, the same holds true for these moonshots… A wise meme once said, “No money, no funny.” It’s not funny when your coin goes up and there is no money left in the cookie jar to cash out with.
  4. Can you trust the project? Looking for trustworthiness isn’t always easy. But, are the developers out in the public talking about their project? Has the project been audited by a group like Certik? Maybe it’s being onboarded by Certik. If it is, I like it much more. That probably means the code is sound and is community-driven like open source software. Scams don’t usually happen when there are prominent developers listed on the webpage of the project and it’s being led by a strong online community.

So, to answer my question above about Kishu Inu. Let’s run it through my Moonshot requirements.

Kishu Inu for the Win!

  1. Can you trust the project?
    1. It has an independent security audit, you can read it here–and it’s also being onboarded by Certik.
    2. It has a whitepaper and is community based you can donate funds to the development team.
  2. Does the project have liquidity?
    1. Yes, check out the historical data on CoinMarketCap its daily volume is in the millions of dollars
    2. You can trade it on Uniswap, Bitrue, ShibaSwap, and dozens of other exchanges.
  3. Are the top ten holders holding more than 50% of the token?
    1. Nope, at the time of writing Kishu Inu has over 200,000 unique address holders with about 25% being held by the top 10 holders. It’s still a lot, but not enough IMO for a rug pull.
  4. Does the project have significant social media presence or marketing?
    1. Right now on Twitter, Kishu Inu has 141,000 followers
    2. There is significant marketing and public events scheduled, and I personally like to project. It’s website is well made and it’s not full of typos and garbage. There’s even a promotion that is happening with the Red Sox in Fenway park coming up.

My theory on how the Poly Network was hacked

5 years ago I could have been sitting around and joking about, “how one blockchain would rule them all”, and many of us back then, including me, would have smiled and looked around hoping that no one realized that we didn’t know what the heck they were talking about.

Now, Reddit is on fire with the latest hack–this time it’s a technology called Poly Network. I think it’s about time we dig in our heels and get to the bottom of exactly what happened. Today, I spent 7 hours after hearing about how Poly was hacked trying to understand it… These are those seven hours translated into this mostly unedited prose–my theory of how Poly was hacked. But before, let’s lay some groundwork as to the building blocks of this challenge ahead of us. Let’s make sure we understand it all. From the beginning.

So what do we know about blockchain technology?

We all know that blockchain is a decentralized digital ledger that can’t be altered after a transaction has been entered, and we all know that there is some cryptography involved in that transaction. What we didn’t know and what many of us still don’t know is exactly how this is all being accomplished. And, why is it even important?

Now, we all have thousands of dollars invested into these “blockchains” and I suspect, that many of us still don’t know exactly how these things work. I’m with you in this. Even though I have years of experience with computers and programming, truly understanding blockchain is a challenge.

I don’t understand every project and if you corner me and get me to explain exactly what blockchain is, down to the 1s and 0s, I might stutter a little. So let’s start there. Let’s clarify exactly what Blockchain and let’s go over the past. Let’s take a hard look at our understanding of blockchain.

Why is blockchain important?

Blockchain is becoming the tool in which we, a global people, are using to reshape the way that social-economic operations are performed.

We are using it as a reshaping mechanism for how we store assets, how we define our identities, how we perform online data storage, and, maybe the most important and relevant: in how we perform financial operations.

Think about the implications of this. We don’t need banks for loans, we don’t need Fort Knox to send us gold, we don’t need credit scores, we don’t need the current financial system anymore. If I want to loan a buddy in Slovakia 1000.00USD, I can send it to him in a second without him having to show anyone ID.

And even better, we can mine money out of thin air and electricity.

We are doing this all with a tool that is much like a database, but instead of the database being stored in an Amazon data center, it’s being stored on thousands of computers spread around the world. Those computers are owned by citizens usually, governments definitely, and hackers as well.

“Public” blockchains like the one that stores Bitcoin data, can be hosted by anyone. There is full transparency of the records that are stored and public blockchains can provide security, a degree of anonymity, and have no formal rules other than a read and write functionality.

There are “private” blockchains that are run by specific organizations in specific industries–those are hosted on private servers that restrict outside access… Think about a blockchain that Walmart might use to record all of its supply chain activities. Target probably has a different one, and then there is the Amazon blockchain storing its information.

The real power of blockchain is that it’s open-source (anyone can use it freely), it’s decentralized (nobody owns it) and it’s powerful AF (united we stand, indeed.)

Not to mention we are using it to change our fortunes, secure our identities, and NO ONE can regulate how it works. Think about that. We can create laws on how to tax it, but a true public blockchain can’t be controlled by any single entity–it’s a computer program that runs like a virus, independent of the original host.

What is the problem with Blockchain in 2021?

Blockchain is exploding. There are massive projects within it and this has created massive development efforts with thousands of programmers, millions of lines of code, and thousands of different public, private and alliance blockchains. The problem that projects like the Poly Network are trying to solve is obvious. How do we get these blockchains to work together in true, inter-operation? How do we get ETH and BTC to work together? How do we get DOGE and SHIB to play nicely? More specifically, if I have 1000.00 USD in value in DOGECOIN, how do I convert it safely into SHIB tokens?

These are the types of questions that come to mind immediately, and it is this curiosity that I hope will fuel your mind to go in deeper still. Yes, we do have protocols out there that do this nicely, exchanges as well… but even those aren’t a true IBC protocol.

Back to The Future Part 4

The problem that we are seeing today is similar to the one that we had in the 1990s. Islands of Data with oceans of garbage in between them. We’ve got Ethereum. On top of Ethereum, we are now starting to build projects that are distinct and different from each other–and for good reason. Each new project built on Ethereum is doing so for its own purposes… Some projects focus on security, some focus on efficiency and fast transactions, some focus on the ability to execute contracts, and some are focused on things like identity management. The point is, it’s obvious why we have projects for specific industries in the Ethereum space. What’s not obvious is how we coordinate all of that so they can work together somehow.

Enter the Poly Network

The Poly Networklink to whitepaper here— resolves trust, security, and transactions between blockchains. It was created as a safe and easy-to-use tool to bridge the gap between the different “chains”, and to be a “cross-chain” system. The Poly Network provides a number of features:

  1. Easy to join.
  2. Supports Atomic Transactions.
  3. It can support digital asset data and arbitrary data (You can use it to transact between things like BTC, ETH, NEO, Ontology Network, and Cosmos)
  4. Its security is cryptography based, so it’s strong.
  5. It is ECO and compliance friendly, you can use it to interact with private, public and alliance blockchains.

Think of the Poly Network as a separate, side-chain, blockchain that is used to coordinate transactions between the many different protocols. Its goal is to be a universal protocol and to fill the inter-blockchain communications (IBC protocol) gap.

As I was reading through the whitepaper, I had to poke around the internet to find references for things and to make sure I’m telling it to you straight. There is some good information there–and a lot of that information I put into this article already–specifically about the need for an inter-blockchain communications protocol.

While I was making sure I knew what every notation means in a Moore State Machine, I came across a few reddit posts that show a Q and A from the Poly Hacker his/herself.

If I’m trying to understand the Poly hack, why not first read what he had to say. He tells you exactly how he did it, but you need to understand it the way I do now. Let’s go through it line-by-line.

Thoughts on the above.


This simply means he probably couldn’t find a pre-existing hack that someone else already has created. The dark web has quite a lot of resources available if you want to be a bad “script-kitty” and play a hacker. This guy is just telling us in sarcastic hacker talk, “I had to do actual work and hack this baby with my own bare hands.” He had to write code to hack this… he had to do work. On to the second paragraph.


This is where he tells us how he did it, even though he doesn’t tell us directly. He says he tried to build a local testing system, but he couldn’t. Let’s unpack that bit of information.

The local testing system would have been three systems, so yes, it would be complicated. It would require two blockchains, and then a third blockchain running the Poly protocol. Let’s say he was trying to exploit the interaction between say, SHIB, and DOGE, both shitcoin tokens with open-source code, and both are different blockchains (SHIB is an ERC-20 token on Ethereum, and DOGE is like Bitcoin, only it doesn’t use SHA-256 for its PoW). He mentions SHIB for some reason as well, but let’s not get off the topic.

To hack the real cryptocurrency systems, he needed a testing system (virtually or physically) that could mimic real-world shitcoin systems.

“I FAILED TO PRODUCE A POC AT THE BEGINNING.” On one server, he was running his version of SHIB, and on another server, he was running his own DOGE chain. Then he was trying to run the Poly Network code on a third system, the system that would facilitate the cross-chain interactions. He says that he almost gave up, but then had an “AH-HA” moment.

Authors Note: Now I believe that the time it might take someone to setup this system could be hours or days. So, it’s interesting to me how he phrased this part. It leads me to believe that there was more time that passed than what he might want to lead others to believe. This is just my intuition on it, and I’m not sure why I find it important right now.

Hacking isn’t glamorous, it’s really getting into the nitty-gritty. We’ve all tried to hack something, maybe not computers, but other systems for sure. It’s about seeing the system for what it is and then doing something else with it. You’re looking for little places that you can stick things in, little gaps… Within the Poly whitepaper, I didn’t see any exact gaps, but I was looking for them and thinking about them–when I read about their write and read solutions, my hacker own internal flags were going off like crazy, I was getting distracted and had to re-read those sections 10x. It took me 3 hours to read through 10 pages of the white paper–and when I started writing this, I knew that I figured out where he did it.

Are the Poly transactions truly atomic? When we think about “atomic transactions” in database-like systems, that’s where the rubber meets the road. All “perfect” database transactions must pass the ACID test.

In computer science, ACID (atomicity, consistency, isolation, durability) is a set of properties of database transactions intended to guarantee data validity despite errors, power failures, and other mishaps. In the context of databases, a sequence of database operations that satisfies the ACID properties (which can be perceived as a single logical operation on the data) is called a transaction. For example, a transfer of funds from one bank account to another, even involving multiple changes such as debiting one account and crediting another, is a single transaction.

It made me have to think of the nature of a transaction. I have money, I walk up to your counter, you have a product. I point at the product, and you go get it from the shelf and give it to me. I’m satisfied with it, so I give you my money. Transaction done. The moment the money left my hand and went into yours, we had a deal. Not a second sooner, and once you had it in your hand… it now is yours. That happened. That happened at a specific time and can’t be changed.

Now let’s think about a transaction on a blockchain.

I decide I want to buy some SHIB with DOGE coin, those are different “markets”, so I need to use a middle-man. I use Poly Network to be the middle-man. I give my DOGE to the Poly Network–this is two transactions though.

  • 1. it locks the DOGE coin into an escrow account wallet and
  • 2. it stores a transaction on the Poly Network.

Next, the Poly Network writes a transaction to the SHIB (destination) token chain after it’s verified that the DOGE is properly escrowed. This results in the SHIB network crediting the amount of SHIB I bought to a SHIB wallet that I’ve previously created.

So, after all of this, you should be asking… WTF. Of course, this is where it happened right? There isn’t any other place for this to happen. What are you trying to say?

What I’m saying is this–he’s a hacker. And, while he might be trying not to get caught or whatever, he’s still a dude that has a lot of money now–and we can’t trust him.

I believe that when he set up his system, he was looking at all the different tokens that could be transacted and was trying different ones. Ones that don’t exist maybe–or even a token that he created himself right there on the fly and then tried to use the Poly Network to accept the transaction. That sounds right to me, in regards to having an “ah-ha” moment, he didn’t have any deep thought, he just found a token that he could create or swap into the real-world system that could extract 600 million.


This I believe is mostly BS, he wasn’t going to attack them all because he couldn’t. What I think it means is that he tried to do the exploit with a bunch of the big cryptocurrencies but it didn’t work. The “RELAYER” is the Poly Network in this example–he goes into some other techno-babble jargon–“THE RELAYER DOES BEHAVE LIKE THE OTHERS…” He’s saying he tried it but without luck. I believe he’s just adding this tidbit to convince other hackers and people that he knows what he’s doing. If it worked on BTC, we’d be having a whole different discussion here–and crypto would be on fire. He would have if he could have is my thought.


Nope. He wants us to think he is a decent person. He is telling us he has a conscious and maybe he does, that’s not for me to judge. But, this whole idea of him giving back money is very interesting. Earning half a billion probably took at least a few minutes to figure out and to roll back. I think once he had his hand in the cookie jar, he was like… “people are going to find out about this.”


This last statement that he put out there is the one that really has me thinking. Where is this guy from? Who would say, “of the crypto world” instead of “in the crypto world” or some other way. I also believe him here that he didn’t want to tank shitcoins since shitcoins are hot right now… super hot. I’m not sure why but this last paragraph just has me thinking. It’s definitely struck a chord in my mind and I’m going to have to think long and hard to understand exactly what he wanted to say or do with this last part. It’s fascinating to me though.

In the end, we will see what happens. This is happening in real-time. Good luck friends! I’m looking forward to hearing what you have to say about these thoughts. I’ll post more on this later.

Featured Photo by Executium on Unsplash