Stripe tackles ‘cold start problem’ with the launch of fiat-to-crypto onramp

May 7, 2023 Coin Telegraph

1inch

Web3 companies can utilize the Stripe-hosted fiat-to-crypto onramp to allow their customers to buy crypto at the “precise moment they need it.”

Internet payment processor Stripe has introduced a fiat-to-crypto onramp to address the "cold start problem" faced by Web3 companies, as a result of customers not having “crypto in their wallets to carry out transactions.”

According to a May 4 statement, Stripe’s newly launched fiat-to-crypto onramp – which will be hosted by Stripe itself – will allow Web3 companies to offer US-based customers the ability to purchase crypto "at the precise moment they need it," without the need to embed any code into a website or app.

Instead, customers will be directed to a link to convert their fiat into crypto.

Guillaume Poncin, head of engineering for crypto at Stripe said compliance-related tasks for Web3 companies using the onramp will be handled by Stripe – such as conversion and authorization optimization, identity verification and fraud prevention – in an effort to help "customers start using Web3 services quickly and safely."

It was noted that built-in tools for fraud detection and identity verification were implemented to support companies in meeting its Know Your Customer (KYC) and compliance requirements.

We’re introducing a Stripe-hosted fiat-to-crypto onramp (no code required) and unlocking the waitlist for the embeddable onramp. https://t.co/U9OW2cjFrZ pic.twitter.com/jjmkDUiOqc
— Stripe (@stripe) May 4, 2023

The implementation of the new onramp service is aimed at supporting Web3 companies provide a user-friendly way for customers to top up their crypto wallets. It noted:

“Companies interested in offering cryptocurrency and blockchain-enabled experiences often face a cold start problem: Their customers don't have the crypto in their wallets to carry out transactions.”

Several Web3 companies including privacy-focused browser Brave, decentralized finance (DeFi) protocol 1inch and blockchain protocol Lens Protocol, have implemented Stripe’s fiat-to-crypto onramp, according to the statement.

James Mudgett, vice president of Web3 products at Brave stated that the service will allow the platform to “reach new Web3 users.”

Meanwhile, Sergei Kunz, cofounder at 1inch, highlighted the importance of building “bridges between Web2 and Web3," adding that Stripe's experience with Web3 companies makes it "well positioned to help."

Speaking to Cointelegraph, Ohm Shah, co-founder of Wallet Guard stated that Stripe’s new offering could “allow for many people to easily enter into Web3.”

However, Shah stressed the importance of conducting due diligence before purchasing digital assets, even if the customer is familiar with the company providing the fiat-to-crypto onramp. He noted:

“While on-ramping with Stripe to purchase your very first NFT can be exciting, it’s important to consider how easy it is to lose your assets as all it takes is one malicious signature.”

This comes after mobile payments service Venmo announced its own fiat-to-crypto payment service on April 28.

During an interview at Consensus 2023, PayPal executive Jose Fernandez da Ponte said the new feature would provide a use-case for digital assets, because now crypto will be used for “fast and free near-instant transfers between Venmo wallets and PayPal wallets, which is basically connecting two of the largest networks and wallets in the country.”

Meanwhile, a day earlier at Consensus, Robinhood announced its own fiat-to-crypto on-ramp on April 27 – Robinhood Connect – allowing users to directly purchase and sell crypto using a credit or debit card, either in their self-custody wallet or natively in Decentralized applications (DApps).

Magazine: How to control the AIs and incentivize the humans with crypto

MetaMask denies claims of wallet exploit in ‘massive’ $10M hack

April 19, 2023 Coin Telegraph

MetaMask denies claims of wallet exploit in ‘massive’ M hack

Assets

MetaMask stated its security team is working with others in the Web3 wallet space to uncover the source of the exploit.

Cryptocurrency wallet provider MetaMask has denied claims that an exploit of its wallet is the cause of a “massive wallet draining operation” that has claimed over 5,000 Ether (ETH).

On April 18, MetaMask tweeted in response to a series of tweets posted on April 17 by Taylor Monahan, the founder of Ethereum wallet manager MyCrypto, who explained an unidentified wallet-draining exploit has stolen over $10.5 million in crypto and nonfungible tokens (NFTs) since December 2022.

“Recent reporting on [Monahan’s] thread has incorrectly claimed that a massive wallet-draining operation is a result of a MetaMask exploit,” MetaMask said.

Recent reporting on @tayvano_’s thread has incorrectly claimed that a massive wallet draining operation is a result of a MetaMask exploit.

This is incorrect. This is not a MetaMask-specific exploit. https://t.co/MiJ3QgslMy
— MetaMask (@MetaMask) April 18, 2023

“This is incorrect. This is not a MetaMask-specific exploit,” it added.

The wallet provider said the 5,000 ETH was stolen “from various addresses across 11 blockchains,” reaffirming the claim that funds were hacked from MetaMask “is incorrect.”

Speaking to Cointelegraph, Wallet Guard co-founder Ohm Shah said the MetaMask team has been “researching tirelessly,” and there is “no solid answer to how this has happened.”

“There are tons of independent security researchers also investigating this,” Shah said.

He speculated it was possible to assume that there had been “some sort of private key or seed phrase leak.”

In its latest series of tweets, MetaMask confirmed its security team was researching the source of the exploit and was “working with others across the Web3 wallet space”

In her thread on the exploit, Monahan stated that “no one knows how” this massive attack was conducted, but her “best guess” was that a significant amount of old data was obtained and used to extract the funds.

She also originally claimed the attacker was draining long-time MetaMask users and employees by using MetaMask.

Monahan later stated the exploit is not MetaMask-specific and “users of all wallets, even those created on a hardware wallet,” have been impacted by the exploit.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Hackers takeover Azuki’s Twitter account, steal over $750K in less than 30 minutes

January 28, 2023 Coin Telegraph

Azuki

The majority of the funds stolen were from a single wallet which had $751,321.80 USDC drained from the malicious link.

Azuki, a popular nonfungible token (NFT) project, had its Twitter account compromised on Jan. 27 leading to hackers stealing over $750,000 worth of USD Coin (USDC) by posting a malicious “wallet drainer link” posed as a virtual land mint.

Hackers stole $751,321.80 USDC from a single wallet within half an hour of the malicious links being tweeted, according to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard.

The data also revealed that hackers stole a further $6,752.62 worth of USDC from various wallets holding 11 NFTs and over 3.9 Ether (ETH).

Wallet Guard stated that the total amount stolen was $758,074.42.

Emily Rose, community manager for the anime-inspired NFT project confirmed via Twitter on Jan. 27 that the Azuki account was hacked, warning users not to click any links from Azuki’s Twitter account.

AZUKI OFFICIAL TWITTER ACCOUNT IS HACKED.

DO NOT CLICK LINKS FROM OUR ACCOUNT.

PLEASE RETWEET.
— Rose | | ⛩️NGL (@emilyrosemcg) January 27, 2023

Azuki’s head of community and product manager Dem explained on a Twitter Space hosted by Wallet Guard on Jan. 27 that scammers were able to “post a wallet drainer link,” after gaining control of Azuki's Twitter account.

Dem urged users to “stay safe and stay suspicious” while the team attempted to regain control of the account.

Several hours later Azuki stated that it had regained control of its Twitter account via a tweet:

1/ The @AzukiOfficial Twitter was compromised today. A series of malicious tweets were posted during the morning of Friday, Jan 27th (Pacific Time).

The team has regained control of the @AzukiOfficial Twitter.

Details below
— Azuki (@AzukiOfficial) January 27, 2023

This was confirmed by Rose and Dem retweeting the announcement.

Liz Yang, head of growth at Chiru Labs, the company behind Azuki, told Cointelegraph that the team is “currently in contact with Twitter and investigating the breach,” noting that Azuki “will provide an update once we have more information.”

Ohm Shah, co-founder of Wallet Guard, told Cointelegraph that “it does not matter” if an account is official or verified, users should treat everything as suspicious until proven otherwise. Shah noted:

“Don’t be the first person that clicks the link. It’s better to be paranoid in Web3 than not.”

Upon Azuki regaining control of the account, it emphasised to its followers in a tweet to always “go out on several channels” to confirm announcements.

It also noted to reach out to the Azuki "mod team" on Discord when in doubt.

This news comes after stock trading platform Robinhood’s Twitter account was compromised on Jan. 25.

The hackers pushed Robinhood’s followers to each pay $0.0005 for a token called “RBH” on the BNB Smart Chain.

Conor Grogan, the head of product business operations at Coinbase, tweeted that at least 10 people had purchased approximately $1,000 worth of the scam token before the tweet was removed.

Ohm Shah