Seems like it. And it's (only) been 5 days now, but jamming SL seems like desperation from the government side while there appears to be support from traditionalist faction(s) per counter-protests.
The perpetual struggles everywhere: rich vs. poor, and open vs. traditional.
That is true. UMA tokens are just a coin on the blockchain that can be bought. The resolution is put up for a vote. People can vote by staking their tokens and the losing side(s) lose their tokens. The winning side are rewarded the tokens of losing sides. In theory you can just buy out these votes with enough money/tokens
UMA's security model assumes the cost to corrupt the oracle exceeds the profit from corruption. It is quite interesting because it doesn't consider the Polymarket side at all in the calculation.
Doesn't this whole model break down when the Polymarket market far exceeds UMA's market cap?
Not just in theory, it happens frequently. There's multiple 'markets' that resolved in untruth when it suited UMA whales. Polymarket is a scam site, with a thin veneer of gambling over the top.
As someone who is part of the Hack Club community, I would urge caution before blindly trusting this account.
- This person has also used their access to attempt to extort the admins and their Airtable data, demanding a bounty payment for access they were previously given.
- In her arguments about the program leads earning higher bounties, they had said that they both did bounties for Coinbase and Google, neither of which being non-profits
- Many of her arguments are flawed in other ways.
Theo (yes the ffmpeg guy) also commented on it in a livestream, and I would just point to that:
> This feels really in the weeds of something we are not supposed to see externally. It is a lot of writing for what seems like clueless people doing backend
They created a new website just for this topic, and named it "kill yourself LLC". Not something you'd do if you wanted to be taken seriously, just IMO. Smells more like a KiwiFarms user.
However there's still no excuse for these problems if they are describing it correctly. When you're storing the home address of thousands of users, (1) you shouldn't do that at all for this type of organisation and (2) you should be very careful to protect it and (3) the first several times it gets stolen, you should think harder about whether your protection is working and there should never be a several+1th time.
I am not the OP but I think I know the back story behind this name and if I'm not wrong, it is related to events that went down in hackclub revolving a suicide attempt in HC being taken unseriously.
As someone who is/was also a part of the hack club community, this article is mostly correct. I've seen most of these events occur second hand as well in real time and can mostly corroborate with the accuracy of the article, except the minors in legal roles part. The community is severely mismanaged, data leaks happen often in very predicable ways and it does seem as if much of it is symptoms of vibe coding.
It's a really long article so he only seemed to read a few paragraphs about the security vulnerability and then said the line while scrolling too fast to read all of the other points. Can't blame him, not going to lie.
>We made a mistake.
>This was the result of an oversight in our billing process, and we are returning Hack Club to its previous nonprofit pricing while we work with them directly to ensure their workspace remains fully accessible. We value the work Hack Club does to inspire and educate young people in coding and technology, and we regret the concern this situation has caused. We will be reviewing our billing and communications processes to provide nonprofits clearer guidance and adequate grace periods as they grow.
Slack cannot unilaterally “resolve” this situation, and their proposed solution doesn’t seem to address the concerns that were raised in the first place.
Yes it does. They don’t have to pay $200k/yr + $50k immediately, and don’t have to spend the time, effort, and money on self-hosting and migrating away.
It solves it for this one client. It doesn’t provide any transparency on exactly how this occurred (like you would for say, a data breach) and provides no guarantees (only words) that this won’t happen again, or any guarantee that this isn’t happening to any other client right at this moment!
Yes - we've worked with a third party security advisors to make this happen!
If this stuff does interest you or anyone else here, we'd always welcome advice / support. I had some great conversations with folks over the summer embarking on this project. sam [at] hackclub [dot] com if anyone is interested.
reply