The team behind Friend.tech has vehemently denied a report that claimed the personal data of over 100,000 of its users had been leaked.
It was claimed in a report that Banteg, a core contributor to Yearn Finance, had published scraped details of Friend.tech users, including Twitter usernames and addresses.
Friend.tech Denies Report
The report suggested that data posted by a pseudo-anonymous developer for Yearn Finance, Banteg, was leaked information. According to the report, the information published contained scraped details of over 100,000 Friend.tech users. However, the Friend.tech team countered the report, stating that the information published by Banteg came from scraping its public API. In a post on X, the Friend.tech official feed stated the report was basically saying we got hacked by someone who simply looked at our Twitter feed. The post also called out the publication that published the report.
“This is just someone scraping our public API that shows the association between public wallet addresses and public Twitter usernames. It’s like saying someone hacked you by looking at your public Twitter feed.”
The post by Friend.tech also received input from X’s Community Notes contributors, stating,
“The underlying data is public, and anybody can work it out by reading a block explorer: if you buy a share, 5% goes to the creator’s wallet, and he will have needed to fund his wallet. The database only scraps that public info.”
Banteg’s Original Post
Banteg had published a repository containing publicly available scraped data, including critical details of users on the Friend.tech platform on GitHub. The details include wallet addresses on Base and the corresponding Twitter usernames of over 100,000 users. Banteg stated in a post,
“101,183 people have given friend.tech access to post as them, leaked db (database) indicates.”
He also drew attention to Friend.tech’s permissions, insisting that users had granted the app to post on their behalf without a complete understanding or consent. Notably, Banteg’s post regarding the data came after a post from blockchain analytics service Spon-On-Chain, which noted that Friend.tech’s API revealed specific information not available to typical users of the app. Spot-On-Chain also gave an example of this, stating that wallets created by certain users could be viewed through the API.
Spot-On-Chain stated that this information could potentially be used to game the system by allowing bots to almost instantaneously purchase shares of big accounts as soon as they signed up on the Friend.tech platform. Spot-On-Chain added,
“A lot of bots have already taken advantage of this, it monitors the contract, finds the big KOL, and buys shares before others.”
Meanwhile, X users saw the funny side of the unfolding situation, with one user posting a link to the Ethereum block explorer and claiming that they had discovered a leaked database of all transactions on Ethereum.
Friend.tech is a Web3 social application on the Base Layer-2 chain. It gives users a platform to trade shares in Twitter accounts, giving shareholders unique features such as access to private chat rooms. The platform has gained considerable traction since its launch, particularly due to a number of high-profile signups. Friend.tech had also recently generated over $1.4 million in protocol fees, putting it among the top three crypto projects when it came to fees. The project ranked only behind Ethereum and Lido.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2023/8/friendtech-refutes-report-claiming-user-information-was-leaked