top of page
Search

27th January 2022 > > Hardware wallets & yield farming.

tl;dr

Hardware wallets have problems too whilst we take a look into Luna and yield farming.


Market Snap (at time of writing)









Market Wrap

The US Federal Reserve finished their 2-day meeting with the comment that an increase in rates “will soon be appropriate”, the first such rise in more than 3 years. Risk assets took a tumble, whilst leveraged shorts against BTC are building up once more.


Any positive market moving news (Putin declaring world peace for example) should result in a short squeeze higher.


Remarkably I am travelling to France tonight for a spot of skiing. The CCC will be back next Wednesday.


Occasional Series – Boris Johnson

The Spectator is running with a story that despite earlier denials, Johnson did in fact authorise the evacuation of pets from Kabul in the last few days before that benighted capital fell to the murderous Taliban.


Occasional Series – the Winter Olympics

Rumour has it that Winne the Pooh is going to loom rather larger than expected …


Resembling a USB these little beauties have been specifically designed for handling private and public keys. Plug into a USB socket, fire up the appropriate app and it becomes intuitively easy to receive and send cryptos. Your private key NEVER leaves the device and to all intents and purposes they are un-hackable.


There is a 24-word seed which you need to create and recover your private keys. Access to the device is then via a PIN of up to 8 digits. If you lose or break your hardware wallet, you need the 24-word seed to recreate your private keys on a new device. I have 4 Ledger Nanos in case of a hardware fault, but that’s probably overkill.


There are different hardware wallet options, the most frequently encountered are manufactured by Ledger and Trezor. There are others too including KeepKey, Opendime, Coldcard, CoolWallet, BlochsTech, BitLox, Secalot, ELLIPAL, D’CENT, Cobo Vault, and Pi.


Curious Cryptos’ Commentary – Trezor is hackable after all

Dan Reich and an unnamed friend had bought Theta for an undisclosed sum at an indeterminate date which by 2018 had grown in value to $50,000. Wanting to cash out, they had both lost or forgotten the security PIN, and had failed to store the 24-word seed phrase. This was, frankly, a schoolboy error.


After 12 unsuccessful attempts at guessing the PIN, they were left with just 4 to go before the device wiped itself. Note that my preferred hardware wallet, Ledger Nano, wipes itself after just 3 failed attempts.


Fast forward to 2020 and the value of the cryptos associated with the lost seed phrase had grown to $2mm.


Joe Grand – hacker alias “Kingpin” who testified before Congress years ago on internet related issues – was brought in to help hack the Trezor to regain access to the lost coins.


The firmware on this particular Trezor had not been updated and was subject to a vulnerability:


“The key to this hack was that during a firmware update the Trezor One wallets temporarily move the PIN and key to RAM, only to later move them back to flash once the firmware is installed. Grand found that in the version of firmware installed on Reich’s wallet this information was not moved but copied to the RAM, which means that if the hack fails and RAM is erased the information about the PIN and key would still be stored in flash.”


Joe described his hack like this:


“We are basically causing misbehavior on the silicon chip inside the device in order to defeat security. And what ended up happening is that I was sitting here watching the computer screen and saw that I was able to defeat the security, the private information, the recovery seed, and the pin that I was going after popped up on the screen."


This story, which has clearly ended well, reinforces the need to keep tight control over your hardware wallets, PINs, and seed phrases.


If you wish to know more:



Curious Cryptos’ Commentary – An example of yield farming

A close collaborator of the CCC has put forward this example of how to use yield farming in a low-risk manner to receive yields unavailable elsewhere.


I’ve got another strategy – this time on Luna.


Let’s say you have Luna.

You can bond your Luna on Anchor to get bLuna which you can provide as collateral. If you borrow against this collateral, sometimes the net APY is positive sometimes negative, but say on average you pay 0% to borrow against your Luna for arguments sake.

You can borrow up to 60% but I’d stay safe-ish at 50%. The strategy looks like this:

Assuming Luna remains at the same price for a year you get:

7% on your $1,000 of bLuna: $70 in UST

20% on your $250 UST in Anchor: $50 in UST

19% on your aUST – UST pair on Loop: $100 in LOOP (note you’re getting 19% on your aUST which is already generating 20%)

So an effective 22% on your Luna with almost no risk if you watch your liquidation price. The benefit is that you effectively retain your Luna and the returns on your Luna are much higher than the standard 7% rewards you would otherwise get for staking Luna.

I like this strategy because if liquidation creeps close, you can withdraw your aUST-UST LP from Loop, split them and use the UST to repay the loan to stave off liquidation. If further risk arises, you can withdraw the aUST from Anchor and reverse the overall position. No Impermanent Loss, no exposure to coin price (other than the Luna you had at the beginning).

As an alternative, if you just have US$, it’s even better:

Now you are getting annually

· $100 UST in Anchor

· $189 in Loop

· TOTAL: $289 or a 28.9% APY on stable coin UST


Reserve Treasury Protocols (before they all go to zero)

Reminder – Olympus and Wonderland are, to the best of my knowledge, live viable projects. XEUS, FORT and JADE turned out to be scams, though they are still live scams. Scams are not uncommon in these Wild West fringes of Decentralised Finance (DeFi).


Photon appears to have won the prize for being the most extraordinary scam. In under 18 hours it went to zero. And as far as I can tell – and I am no blockchain analytics expert – they walked away with less than $30k.


It is very upsetting we have scumbags like that around.


Open positions:



Closed positions:


10 views0 comments

Recent Posts

See All

20th July 2024 > > IT issues & US politics.

tl;dr Cryptos prove their resilience as TradFi struggles with some IT issues. US politics again, and not for the last time. Market Snap Market Wrap Despite shorts being liquidated in size, they keep c

18th July 2024 > > Pension Funds.

tl;dr A quick revisit of Wallet Guard. The pension fund tsunami can be spied on the horizon. Fraudster Dr Craig S. Wright finally tells the world the truth for a change. Market Snap Market Wrap Early

Comments


bottom of page