FOMC MEDIAN FORECAST SHOWS 75 BPS [3 RATE CUTS] OF RATE CUTS IN 2024 TO 4.6%
😱4🔥3
infinityhedge
Odds for a March rate cut now above 60%. “This is very dovish to me,” says Win Thin, global head of currency strategy at BBH. “Instead of 1-2 cuts next year, they upped it to 3. Now I doubt whether Powell will even try to sound hawkish in the press conference.”…
Powell: Our policy rate is likely at or near its peak for this tightening cycle.
infinityhedge
Powell: Our policy rate is likely at or near its peak for this tightening cycle.
Powell: I think you can say that there's little basis for thinking that the economy is in a recession now I would say that I think there's there's always a probability that there will be a recession in the next year and it's a meaningful probability no matter what the economy is doing.
🤡10🤬3
infinityhedge
Powell: I think you can say that there's little basis for thinking that the economy is in a recession now I would say that I think there's there's always a probability that there will be a recession in the next year and it's a meaningful probability no matter…
Powell: "Maybe people bought so much stuff they temporarily don't want to buy more stuff"
🤡19🤣6🔥1
infinityhedge
Odds for a March rate cut now above 60%. “This is very dovish to me,” says Win Thin, global head of currency strategy at BBH. “Instead of 1-2 cuts next year, they upped it to 3. Now I doubt whether Powell will even try to sound hawkish in the press conference.”…
^tldr Powell speech was dovish.
Powell "Pivots", Sends Dow To Record High With Election-Year Rate-Cut Projection
The Fed kept signaled a pivot point that suggests its next move would be lower as it kept rates on hold, as expected: BBG
Powell "Pivots", Sends Dow To Record High With Election-Year Rate-Cut Projection
The Fed kept signaled a pivot point that suggests its next move would be lower as it kept rates on hold, as expected: BBG
ZeroHedge
Powell "Pivots", Sends Dow To Record High With Election-Year Rate-Cut Projection
"We don't think about political events, we just can't do that..."
🔥4
New Zealand Q3 GDP Falls
Q/Q: -0.3% (exp 0.2%; prev 0.9%)
Y/Y: -0.6% (exp 0.5%; prev 1.8%)
Q/Q: -0.3% (exp 0.2%; prev 0.9%)
Y/Y: -0.6% (exp 0.5%; prev 1.8%)
😱5👎1
No Gas for Gamers: Immutable zkEVM Will Let Developers Cover Fees: decrypt
Players who use the upcoming universal gamer profile system Immutable Passport will be able to avoid gas fees for games sponsored by their developers. Immutable says that it will sponsor gas fees for all games itself for a "limited time" when the zkEVM mainnet launches early next year.
Players who use the upcoming universal gamer profile system Immutable Passport will be able to avoid gas fees for games sponsored by their developers. Immutable says that it will sponsor gas fees for all games itself for a "limited time" when the zkEVM mainnet launches early next year.
🔥14
zapper, SushiSwap and RevokeCash frontend compromised: officercia
⚠️ Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps: MatthewLilley
⚠️ Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps: MatthewLilley
😱5
infinityhedge
zapper, SushiSwap and RevokeCash frontend compromised: officercia ⚠️ Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps:…
A potential supply chain attack on ledgerconnect kit. 🚨 The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps.
This currently affects a couple of popular dapps.
X (formerly Twitter)
Blockaid (@blockaid_) on X
🚨 We've detected a potential supply chain attack on ledgerconnect kit 🚨
The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps including but not limited to https://t.co/2QJmKIGv9T
The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps including but not limited to https://t.co/2QJmKIGv9T
😱3
infinityhedge
A potential supply chain attack on ledgerconnect kit. 🚨 The attacker injected a wallet draining payload into the popular NPM package. This currently affects a couple of popular dapps.
ledger library confirmed compromised and replaced with a drainer. wait out interacting with any dapps till things become clearer: banteg
Do NOT use your Ledger for now ⚠️
Do NOT use your Ledger for now ⚠️
😢7
infinityhedge
ledger library confirmed compromised and replaced with a drainer. wait out interacting with any dapps till things become clearer: banteg Do NOT use your Ledger for now ⚠️
Ledger Library Exploit Explainer for Average Folks:
Hudson Jameson
What is going on with the recent alerts not to use dapps?
A library that is used by many dapps that is maintained by Ledger was compromised and a wallet drainer was added.
What do I do as a normal user?
Do not interact with any dapp front ends on websites for now. This is an ongoing situation and it is risky to use dapps currently if you don't understand what backend libraries they use.
How does this drain your money?
If you visit the website you won't get automatically drained or your funds. However, prompts from your browser wallet (like MM) will display that give your assets to the malicious actors.
Does Ledger know about this?
Yes they do and are working on it.
Note: Even after Ledger corrects the bad code in their library, projects using and deploying that library will need to update things before it is safe to use dapps that use Ledger's web3 libraries.
Hudson Jameson
What is going on with the recent alerts not to use dapps?
A library that is used by many dapps that is maintained by Ledger was compromised and a wallet drainer was added.
What do I do as a normal user?
Do not interact with any dapp front ends on websites for now. This is an ongoing situation and it is risky to use dapps currently if you don't understand what backend libraries they use.
How does this drain your money?
If you visit the website you won't get automatically drained or your funds. However, prompts from your browser wallet (like MM) will display that give your assets to the malicious actors.
Does Ledger know about this?
Yes they do and are working on it.
Note: Even after Ledger corrects the bad code in their library, projects using and deploying that library will need to update things before it is safe to use dapps that use Ledger's web3 libraries.
Ledger: We have identified and removed a malicious version of the Ledger Connect Kit.
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
Your Ledger device and Ledger Live were not compromised.
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
Your Ledger device and Ledger Live were not compromised.
🔥8🙏4
infinityhedge
Ledger: We have identified and removed a malicious version of the Ledger Connect Kit. A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.…
If you’re a MetaMask user: Please ensure that you have the Blockaid feature turned on in MetaMask Extension [available in "Experimental" tab] before performing any transactions on MetaMask Portfolio. The MetaMask Portfolio team is on it and has a fix in place that will be rolled out today.
🙏6👍4
The ledger issue is now fixed: Mudit Gupta
To make sure you don't have the malicious library cached, go to https://cdn.jsdelivr.net/npm/@ledgerhq/connect-kit@1 and ensure the version is 1.1.8.
If it's not, clear your cache. chrome- F12> Chrome Developer Tools > Application tab > Storage in left tree> Clear site data
⚠️ Do NOT interact with any dApp till you have ensured you have the fix. Reload/restart the dApp after ensuring you have the right version and then feel free to use it.
If you used any dApp in last ~6 hours, go check if you still have all your money. If you have, you are fine: MuditGupta
To make sure you don't have the malicious library cached, go to https://cdn.jsdelivr.net/npm/@ledgerhq/connect-kit@1 and ensure the version is 1.1.8.
If it's not, clear your cache. chrome- F12> Chrome Developer Tools > Application tab > Storage in left tree> Clear site data
⚠️ Do NOT interact with any dApp till you have ensured you have the fix. Reload/restart the dApp after ensuring you have the right version and then feel free to use it.
If you used any dApp in last ~6 hours, go check if you still have all your money. If you have, you are fine: MuditGupta
infinityhedge
The ledger issue is now fixed: Mudit Gupta To make sure you don't have the malicious library cached, go to https://cdn.jsdelivr.net/npm/@ledgerhq/connect-kit@1 and ensure the version is 1.1.8. If it's not, clear your cache. chrome- F12> Chrome Developer…
Update: Do NOT interact with any dApp till you have ensured you have the fix.
Some apps might be bundling the malicious library and serving directly. Although unlikely, but it's best to wait for the Apps to confirm they are safe before using them.
Some apps might be bundling the malicious library and serving directly. Although unlikely, but it's best to wait for the Apps to confirm they are safe before using them.
👍10😱1
infinityhedge
Size context for why $GBTC is a big deal ^
James Seyffart: "Grayscale Hit Hardest If SEC Doesn't Allow In—Kind Bitcoin ETFs given they have sitting on tons of bitcoin they bought at lower prices that they'd have to sell"
Eric Balchunas: "The reason the SEC wants cash creates only is this means only the ETF issuer handles btc and not the intermediaries (registered broker dealers can't). They prob also not comfy w them having unregistered broker dealer subsidiaries handle either (bc they not registered).
Cash creates are worse for taxes bc cash changes hands vs in-kind is simply a trade and no cash exchanges hands. Thus, cash create only bitcoin ETFs are not ideal and screw up one major advantage of ETF structure. Still better than nothing and hopefully they solve in-kind soon."
Eric Balchunas: "The reason the SEC wants cash creates only is this means only the ETF issuer handles btc and not the intermediaries (registered broker dealers can't). They prob also not comfy w them having unregistered broker dealer subsidiaries handle either (bc they not registered).
Cash creates are worse for taxes bc cash changes hands vs in-kind is simply a trade and no cash exchanges hands. Thus, cash create only bitcoin ETFs are not ideal and screw up one major advantage of ETF structure. Still better than nothing and hopefully they solve in-kind soon."
infinityhedge
Ledger: We have identified and removed a malicious version of the Ledger Connect Kit. A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.…
Ledger Connect Kit genuine version 1.1.8 is being propagated now automatically. We recommend waiting 24 hours until using the Ledger Connect Kit again.
The investigation continues, here is the timeline of exploit: https://twitter.com/Ledger/status/1735326240658100414
The investigation continues, here is the timeline of exploit: https://twitter.com/Ledger/status/1735326240658100414
X (formerly Twitter)
Ledger (@Ledger) on X
FINAL TIMELINE AND UPDATE TO CUSTOMERS:
4:49pm CET:
Ledger Connect Kit genuine version 1.1.8 is being propagated now automatically. We recommend waiting 24 hours until using the Ledger Connect Kit again.
The investigation continues, here is the timeline…
4:49pm CET:
Ledger Connect Kit genuine version 1.1.8 is being propagated now automatically. We recommend waiting 24 hours until using the Ledger Connect Kit again.
The investigation continues, here is the timeline…
👍5
cyber.Fund, an early backer in Ethereum, is committing $100m to projects that intersect blockchain technology with AI and IoT: Coindesk
Ledger Connect Kit Hack:
Malicious approval addresses *list:
https://github.com/RevokeCash/approval-exploit-list/blob/main/exploits/ledger-connect-kit.json
List of affected projects:
https://sourcegraph.com/search?q=context:global+@ledgerhq/connect-kit&patternType=standard&sm=1&groupBy=repo
Check if your address is affected: https://revoke.cash/exploits/ledger-connect-kit?chainId=1
*Affected users remain at risk as long as they haven't revoked their approvals: RevokeCash
Malicious approval addresses *list:
https://github.com/RevokeCash/approval-exploit-list/blob/main/exploits/ledger-connect-kit.json
List of affected projects:
https://sourcegraph.com/search?q=context:global+@ledgerhq/connect-kit&patternType=standard&sm=1&groupBy=repo
Check if your address is affected: https://revoke.cash/exploits/ledger-connect-kit?chainId=1
*Affected users remain at risk as long as they haven't revoked their approvals: RevokeCash