Parsec Weekly #40
RLB moves their buy backs on chain and Friend Tech security measures
-kezfourtwez
I don’t know about you guys but I am really feeling the bear market vibes, not in price action but in lack of attention and happenings. My once bustling group chats are now going hours without a single message, the most interesting thing that happened yesterday wasn’t a $60m DeFi hack but a $3000 exploit on a contract where the exploiter was paying more in gas than they were profiting. A good measure and maybe most of all is the fact that I’ve been actively looking for anything else to write about other than Friend Tech for the last 4 weeks.
“Markets bottom on apathy, not when everyone is tuning in and asking if the bottom is in.”
The biggest things that happened within my realm this week off the top of my head was the Friend Tech security fud, the avax fork and subsequent “exploit”, and RLB switching to on-chain buyback and burns.
RLB buybacks
Rollbit is no stranger to fud, from shady KPI influenza token deals to accusations of csgo marketplace ruggings, to multiple high profile accounts dropping them on the same day. CT has always been very divided on the casino, some love them, some absolutely despise them, regardless there is never a lack of RLB conspiracy theories on the timeline. One of the bigger theories was their real revenue, many think there’s no way they are earning as much as they say they are, that the reason many big accounts put an end to their deals is they weren’t being paid, and that one day we’ll wake up with an DOJ logo slapped on the homepage because of the shady dealings they were doing to stay afloat.
Well a few days ago Rollbit dispelled some of that fud by moving their buy backs on chain, indicating that they are indeed making big money. The buy backs are conducted hourly from rollbot.eth and are a measure of their revenue over the last hour.
According to their docs the amount is derived from their revenue (not profit), from three sectors of their company:
30% of crypto futures
20% of sports book
10% of casino
In a little over two days the casino has spent 438e buying back $RLB.
The only strange thing I can see about it so far is that they are aren’t burning out of the same rollbot.eth wallet that buys, but instead a Rollbit hot wallet 0xef88. But the co-founder Razer has said in their discord server that’s the next step.
If you want to mess around with these charts yourself and keep up with $RLB and the burns, you can do so using this layout.
Friend Tech security
The topic of security has been a common theme in discussions around the app these past few weeks with many calling for better measures. Friend Tech users experienced a number of sim swaps in the last few days to the tune of $385k which zachxbt detailed in this tweet.
Friend Tech has historically let the user sign up using either a mobile number, apple ID or gmail account without the ability to change your sign in method after the fact. Sign ups using a mobile number are inherently more dangerous as the app does not support native 2fa. Yesterday and following the attacks, the team announced they had changed this and allowed users to switch their log in methods. The safest method currently stands as anyway that you can have an authenticator app behind your sign in method, which is using gmail. Just be aware that gmail uses your phone number as a recovery method by default, so be sure to remove that.
It’s widely known that sms 2fa is not a safe method of security when significant amounts of money are on the line. A little more concerning part of this story is that some users reported getting phishing texts to their phone even if their number was in no way connected to their friend tech account. This means there is a data leak somewhere. In my opinion this would be a more wide spread issue and likely many more accounts drained if it was on Friend Tech’s side. It’s more likely this data came from something like twitter as it’s the only way the attackers would have been able to match the phone number to the account. So not a huge concern at the moment, but ideally we get native 2fa on Friend Tech asap.
As always we appreciate your readership, if you enjoyed this article please leave a like and share it around. Have a good weekend and we’ll see you next week!
YES
great