Okay, hello, welcome to Alpha Drop. My name is Ron. I'm an analyst of Box Mining and I'm joined with Nat here today. Hi! So back again, we're doing some news and this is a very big one because this happened, I think about 16 hours ago, pump. fun was hacked, but it was clarified several hours later that this was done by a former employee. So this guy right here, Stack Overflow, he's fully docks, man got balls of steel doing this, by the way. So, um, why this title of the video Hero or Villain is because he stole a bunch of Solana from Pump Da Fun essentially and he apparently airdropped to various old communities. So if you're a Sol surf holder, Stack holder, Saga holder, risk law holder, check your Phantom wallet. And I think this is like the weirdest airdrop that I've ever seen so far. But yeah, I mean like he just reposted whoever thanked Stack Overflow. Apparently, someone got 600 Sol too. I don't know if that's real, but these accounts look organic. All right, so what do you think? Do you think he's a hero or a villain? In fact, 'cause villain, because I didn't get any from him. Yeah, that's true. A lot of people are hating because it certainly does damage the meme coin scene. And people who are praising him obviously got the airdrop. But whether that's... That's, I think overall meme coins will still survive. This is just a matter of internal conflict, which we'll get into later on in the video.
And if you do decide to continue with Pump Dafon and there's also so many other platforms that are out there that are copying Pump Dafon. Should you be doing those? So I'll also show you a bit of good habit to form. If you do decide to play around with those meme coin platforms where there's a bonding curve, essentially. So what really drew my eye was here. When Pumdond says that Stack Overflow, who's the former employee, taken access of the withdraw authority. So normally you do not want to see projects having any sort of authority over the dApps. Like, but that's not the perfect world. The team has to have some sort of authority over the platform. Otherwise, there's not much going to be going on, right? They need to have some sort of control, but it has to be checked. Okay, even until now, there's no really like 100% fully decentralized, right? Some argue even Bitcoin is not even fully centralized. Black Rock, but the optimum way, the ideal way, the best compromise is to make sure that there is some sort of check of decentralization when it comes to ownership. So not one person or the team themselves especially have unilateral control over smart contracts. So that's the danger of smart contracts that you need to be aware of.
And it also brings me to the point, because even after the hack, Stack Overflow was giving feedback to Pump Dafon, okay? He's saying, 'Yo, Pump Dafon, you have Stack Overflow issues 'cause you're using an outdated version of Solana's command line interface and then say, 'Hey, use Box Accounts, use Box Accounts.' So you're not able to actually check this unless you really brute force it on Soul Scan. Because the problem with Pump. fund is that they are closed source and they have closed API. And I fact check this, right? If you go to Telegram to Pump Support, if you go, if you type SL API, normally other projects have this function where you can, it redirects you to GitHub. Their automated response is, 'We don't have a public API or closed source.' Okay, so the question here is, are you still, I would you want to do Pump Offf? Is it safe? So I think for Pump Offf, it's not safe. Okay, even though it is pretty attractive that in the next seven days, they'll have 0% trading fees. By the way, Pump. fund is making a lot of, I was about to curse, but they cannot curse 'cause we don't want to get banned again. They make a lot of money from fees. And if we're looking at the top protocols that are generating fees, you can see Pump. fund is rank 11th. They're making $800,000 per day in fees. So that's a lot of money. Okay, so you can tell just by the fee generation that even after they attack, people are still playing with Pump. fund. So I think for Pump. fund, it's not safe because if it's close, you are at their mercy. Right? Then you come, this brings us to, okay, there are other options that are competitors to Pump. fund. People are shilling D Gen. fund now, which is apparently another Pump. fund. People are like, 'Yo, don't go to Pump. fund. Go to D Gen. fund.' Right? On base, there's Ape Store and then previously we talked about Start Cooking on Osmosis. So, how do you know it's safe? Well, relatively safe that the, these platforms are relatively safe is they have to be at least open source. Right? Like you got to, they got to have a GitHub. Okay, so as an example, we'll just use Radium as an example. How do you know what sort of code do you want to be looking at? So essentially, if you're swapping tokens at these AMM, right? You got to look at their infrastructure. So for GitHub, it's an AMM and if you're familiar with Rust programming language, I think the most important file, if you go to SRC, this is where all the contract addresses are. The most important file, if you're a beginner and you want to be involved, is to do your research. Basically, state.RS file is like the, I'd say the most important file because this mostly contains a lot of the ownership and the author functions out of every other RS file. So if you scroll down, I'm not really good with Rust either, but the key, the key, um, the key lines of coding that you want to look for is load checked. Okay, and you can tell that, this is under target ORD, so target orders is essentially what is it? State of order placements in liquidity pools, okay? So why state the state.RS files is important is because it shows the data structures of state management logic for the AMM, okay? And under load checked here, it says that the account is in line with the program ID. So this basically verifies an account's data belong to the correct program and, you know, preventing unauthorized access, right? So it just checks ownership basically. That's what the state.RS file. So if you're going to be looking at Solana protocol state.RS files is a very important resource to check in with. For start.cooking, when I talked about this airdrop last month, they are open source, they do have a GitHub. Okay, but I'm not familiar with the Goang programming language, but you can see here that they have all of the chain registries. So this tells me that this protocol is checked by the validators and the nodes across all of these IBC chains. So if you want to do more research, I'd say, you know, knowing some sort of programming language and being able to read GitHub is a very valuable tool indeed. So yeah, TLDR for Pump Off fun, I wouldn't play on it now, like to be honest. I'll just stick to the OG. I would say just trade on, Bona, no, not even Bona. I think now it's Trojan. So we'll talk about that later because Trojan will be doing an airdrop as well. But yeah, you know, what do you think about Nat? You know, is this guy, do you think he's a hero or a villain?
Yeah, that's a very tricky. I think villain for sure because this is not an excuse for him to behave this way, right? But people, he is, no, he's not robbing people. He's robbing the platform because he's doing a flash loan attack. He borrowed money from Margin Pi and I don't know why Margin F is always appearing in these S environments. But he borrowed a lot of money and then he pumped a lot of the new coins that are on Pump. fun. And then he used the withdrawal authority to basically rug the LP. So it cannot get listed on Radium. So normally the withdrawal authority from Pum Dond is used to seed the LP on Radium. But he just used it for himself. So if you look at his wallet, he has many, many, many of these tokens and they're worth like hundred. But you know, there's yeah, he's pumping those tokens essentially, right? So I think still, still a villain because like he's just airdropping it to random people who own certain tokens. If he's donating to charity, then maybe this will be a harder question to answer. Well, it did get this guy's sister to college. Where did it go? So if I got 600 Soul, I'll, you know, I'll make up something like crazy. You'll make up something crazy? Yeah, like I have 10 kids. I'm a single mom. Thank you for sending me 600 Soul so I can finally feed my kids. Oh, really? A warm meal. No, right? Everyone can make this up. Sure. But you know, pH, this could be an ad for mental health because this boy, his boss did like, I don't know, you know what happened behind the scene. This is the drama aspect. And even now, if you look at his Twitter account, he's still tweeting. And there's a lot of mental health issues they could be. Who knows? Do you have like a mental health hotline here, maybe could include? But this guy, Alan, he's one of the co-founders of Pump Da Fon, and he didn't tweet anything. He just reposted Pump Da Fon speechless. Yeah. What I want to know is what's happening, you know, what's what's the beef going on? So there's an engineer that worked at Pump One, and he worked with Stack Overflow. So he says, he's also docks, by the way. He says he'll be, he'll be like describing what the heck happened. So yeah, maybe give Valerio a follow. Took him some encouragement to go public with this. V2 Full Tea. Full Team Transparency. Yeah. I don't know, man, but yeah, I would praise him if I got the Airdrop. Me too. Yeah, me too, because that is a lot of air. Kind of horrible bosses that witness you wreck your head. I'll ask you, what happened? Last table got you is the excuses, excuses. But I'm not surprised. Not surprised about like there are people. There are bosses out there that don't care about their employees. Maybe this guy went over like his feud shorted. He had enough. He had enough. But he's also damaging like the community, like the crypto community. Yeah, exactly. So, you know, what do you guys think? Do you think he's a villain? Do you think he's a hero? Villain, right? 200%. Keep saying villain. I'm salty because I didn't get it. But yeah, if you do have these tokens, okay, in your Solana wallet, check. Maybe you might have had enough Sol to get you through college. I didn't read the news thoroughly. And I, I only see that, oh, you know, this guy hacked Pump Da Fun and then sent a lot of souls to random people. I immediately checked my wallet, like all my wallets to see if I got 400 souls. Yeah. So guys, smash up the like button and subscribe to the channel.
Q: What happened during the Pump.fun Hacking Incident?
A: A former employee hacked Pump.fun and stole Solana tokens, airdropping them to various communities.
Q: What are the concerns about platform security and transparency after the incident?
A: There are concerns about projects having authority over dApps, and the importance of decentralization in ownership.
Q: What security measures should be taken and how can AMM platforms be evaluated?
A: It's advised to avoid closed-source platforms like Pump.fun, and to look for open-source projects with public APIs and GitHub repositories for transparency.
Q: What are the ethical considerations and mental health implications of the incident?
A: The hacker is seen as a villain for damaging the platform and community, although there are discussions around his motivations and mental health issues.
