<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/">
    <channel>
        <title>d0wnlore</title>
        <link>https://paragraph.com/@d0wnlore</link>
        <description>Security &amp; Culture at 🏴BanklessDAO and 🇯🇵Bankless Japan</description>
        <lastBuildDate>Sun, 19 Jul 2026 18:27:46 GMT</lastBuildDate>
        <docs>https://validator.w3.org/feed/docs/rss2.html</docs>
        <generator>https://github.com/jpmonette/feed</generator>
        <language>en</language>
        <image>
            <title>d0wnlore</title>
            <url>https://storage.googleapis.com/papyrus_images/7b21e5fa878905a5a389d5c2ed23fcf1b9c0b051ce719ab42543f364ba56aead.png</url>
            <link>https://paragraph.com/@d0wnlore</link>
        </image>
        <copyright>All rights reserved</copyright>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 6]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-6</link>
            <guid>wXb0jc52ikjMQZAKCZl6</guid>
            <pubDate>Mon, 04 Sep 2023 01:08:53 GMT</pubDate>
            <description><![CDATA[gm DAOpunks, time is up on cohort_3 and this is the final post! It is a time to reflect on what has been done and delivered over the past six weeks. Apologies for the hasty entry, as I’m writing this between pockets of time during Ethcon (and then losing parts of my draft later on somehow).The Intended GameFirst I want to say thank you to those reading this, especially those that voted for me because I had intended to use this cohort time window to work on Voyageur, a security awareness train...]]></description>
            <content:encoded><![CDATA[<p>gm DAOpunks, time is up on cohort_3 and this is the final post! It is a time to reflect on what has been done and delivered over the past six weeks.</p><p>Apologies for the hasty entry, as I’m writing this between pockets of time during Ethcon (and then losing parts of my draft later on somehow).</p><h2 id="h-the-intended-game" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The Intended Game</h2><p>First I want to say thank you to those reading this, especially those that voted for me because I had intended to use this cohort time window to work on Voyageur, a security awareness training platform for web3.</p><p>However the cohort had started at the beginning of an exciting series of events, starting with me helping with Bankless Japan at the WebX conference. As my involvement with them increased, my ability to deliver on Voyageur receded.</p><p>But throughout my six weeks during the cohort, my passion for working with APAC teams and educating others about crypto security never waned. It had just started to take different forms, as it usually does when one starts with an ideal vision but eventually realized they need to pivot to something more deliverable.</p><h2 id="h-the-new-game" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The New Game</h2><h3 id="h-hackathons" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Hackathons</h3><p>As mentioned before, I am writing this from Ethcon, a conference and hackathon in Seoul. While I had failed to deliver on the online hackathons I had signed up for previously, it was much easier to deliver during an in-person hackathon with a relatively smaller time window.</p><p>During two days I hacked on <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://devfolio.co/projects/hookbreaker-d973">a Chrome extension called Hookbreaker</a>, with accurately detects if your current website is a crypto phishing website or not. It does this through analyzing not just the domain name, which most similar extensions do, but also the HTML and external scripts included (to an extent).</p><p>While Hookbreaker wasn&apos;t the education part of the security duality I have mentioned before, that technology or education can only go so far and you need both to curb crypto fraud, it did help me keep up the momentum of staying in the security tool building game.</p><p>I am not sure if I will continue working on this after Ethcon. But at the least I can say I helped push the anti-phishing capabilities of our community a bit and actually did deliver a security product at the end of this cohort. ;)</p><p>I also have one more hackathon that I will be participating in at Permissionless at the end of this week. But it would be nice to work on something non-security related for this one.</p><h3 id="h-collaborations" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Collaborations</h3><p>I’ve learned throughout cohort_3 that building a new platform for security education in six weeks was too ambitious for someone that hadn’t been building much in the past few years.</p><p>Part of my new game will be to instead extend what I had been doing with BanklessDAO: collaborate with established platforms to disseminate the security knowledge I have.</p><h3 id="h-asia" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Asia</h3><p>I will continue working with Bankless Japan on pushing the Bankless movement here in Japan, along with our newfound partners and those we come in contact along the way. But as I spend a lot of time in Korea as well, I hope to be able to help both crypto ecosystems flourish somehow. Given their proximity and some similarities I’m betting that there will be a lot of collaborative opportunities here.</p><hr><p>That is all for now! I may not be as active on my Mirror going further but I will continue to post on <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/d0wnlore">X</a> and <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://lenster.xyz/u/d0wnlore">Lens</a> going forward if you want to keep up with where my journey takes me next!</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/b5c077caf632c5a6561a856019dfcdaad50f51f0eec6903f3ebe7555597d29cf.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 5]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-5</link>
            <guid>mqD7pd8VfEsjrxOM4Obr</guid>
            <pubDate>Mon, 28 Aug 2023 05:26:00 GMT</pubDate>
            <description><![CDATA[gm DAOpunks! Let’s get to it while I still have Wi-Fi at the airport…The PivotBetween the time I applied for cohort_3, and receiving news that I was one of three DAOpunks that received a grant, something happened. It was a decision I had made abruptly and one that is turning out to have been a great decision. It was to return back to Japan sooner than I had planned. To work with Bankless Japan at the WebX conference and make a subsequent trip to Seoul for Ethcon and the Korean Blockchain Week...]]></description>
            <content:encoded><![CDATA[<p>gm DAOpunks! Let’s get to it while I still have Wi-Fi at the airport…</p><h3 id="h-the-pivot" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">The Pivot</h3><p>Between the time I applied for cohort_3, and receiving news that I was one of three DAOpunks that received a grant, something happened. It was a decision I had made abruptly and one that is turning out to have been a great decision.</p><p>It was to return back to Japan sooner than I had planned. To work with Bankless Japan at the WebX conference and make a subsequent trip to Seoul for Ethcon and the Korean Blockchain Week side events.</p><p>However, I slowly realized during the trip that this decision resulted in me not being able to focus on the main reason I applied for cohort_3: to work on a security training platform for web3, Voyageur.</p><p>But the online hackathons I intended to participate in became a much lower priority compared to helping Bankless Japan and <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://explorer.gitcoin.co/#/round/10/0x2871742b184633f8dc8546c6301cbc209945033e/0x2871742b184633f8dc8546c6301cbc209945033e-151">get our GG18 grant out the door</a>.</p><p>I had a small, chronic level of guilt knowing that the DAOpunks community voted for me because I pitched that I would be working on Voyageur. But instead I was using the funds to offset costs while I worked in Japan and South Korea.</p><p>It hasn’t been until this week that I actually started to come to terms with how everything has gone with cohort_3.</p><h2 id="h-im-still-in-the-game" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">I’m Still in the Game</h2><p>Voyageur was going to be the main reason I would stay in web3. I’m known for teaching about security and I was hungry to start doing some full-stack web development again.</p><p>But I learned three things during the past five weeks:</p><ol><li><p>Bankless Japan may end up becoming one of main contributions to the web3 ecosystem and is highly aligned with my interests outside of InfoSec</p></li><li><p>The headaches about front-end web development, that largely made me pivot to InfoSec in the first place, are still there</p></li><li><p>I can still contribute to security education without sacrificing point 1 and without having to deal with point 2</p></li></ol><p>So that is why I’m going to de-focus my time in trying to get Voyageur out the door as I had envisioned. Instead I will try to get more security education out into the world through collaborations, my existing writing practice and playing around with ideas during in-person, short hackathons (since I realized online, long ones are not really my thing).</p><p>So while I, and likely nobody else, expected my grant to go towards offsetting my time spent in Japan and South Korea, this pivot may end up being a better use of the grant. Security education is still lacking in the industry, as those that voted for me likely agree with, and I do want to help fix that. But being able to help grow Bankless Japan content and accelerating the web3 ecosystem in APAC has become another mission that I want to see through.</p><p>cohort_3 is almost over but I can’t wait to see where things end up by the end of 2023.</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/96dc0cc66f5a7e21e9c922928e4df5d433e06db463de10fa661e895c6355cd8a.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 4]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-4</link>
            <guid>sQ2eMhJAKjsZp8yDbtZK</guid>
            <pubDate>Mon, 21 Aug 2023 03:44:08 GMT</pubDate>
            <description><![CDATA[Voyageur MVP’s Three PillarsI’ve shared a bit about what I wanted to accomplish with my security education platform, Voyageur. But these are the three main pillars I wanted to focus on towards getting an MVP out:Cutting-edge security education that goes deep into topics while also providing high-level summaries to get the critical message acrossQuizzes that put learners into scenarios that they may find themselves in in the dark forest of crypto, not just making them recite information they r...]]></description>
            <content:encoded><![CDATA[<h2 id="h-voyageur-mvps-three-pillars" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Voyageur MVP’s Three Pillars</h2><p>I’ve shared a bit about what I wanted to accomplish with my security education platform, Voyageur. But these are the three main pillars I wanted to focus on towards getting an MVP out:</p><ol><li><p>Cutting-edge security education that goes deep into topics while also providing high-level summaries to get the critical message across</p></li><li><p>Quizzes that put learners into scenarios that they may find themselves in in the dark forest of crypto, not just making them recite information they read a minute ago</p></li><li><p>Using NFTs to credentialize learners and signal to others that they are competent in the associated security topic</p></li></ol><p>As time runs out, the critical thing to get out the door is security education that helps new and existing crypto users remain self-sovereign. So that they have enough trust in themselves that they don’t have to feel that they must rely on another party to custody their crypto assets.</p><p>Proof of Knowledge NFTs are not required for this goal, but is a way to help encourage further growth. Quizzes are still important, but may not be rigorous for the MVP (and may allow me to change their direction based on feedback this way).</p><p>So I’m going back to just focusing on Pillar 1, now that most of the noise from the hackathons is gone. I also learned through the past month that I’m much more likely to deliver through in-person hackathons that last one or two days, rather than online ones that last several days or weeks.</p><h2 id="h-what-games-are-you-playing" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What Games Are You Playing?</h2><p>Prompted by <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/owocki/status/1692600485184741524">Kevin Owocki’s tweet</a> about looking for GG18 grantees with the best memetics, we quickly <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/BanklessJP/status/1692759851674587208">spun one up for Bankless Japan</a> that both the East and the West could resonate with.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/1b364c91c9e64dcc02431df685f1c460927cb228e87378784564f83f1f8ed104.png" alt="Bankless Japan’s ikigai (生きがい) model" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="">Bankless Japan’s ikigai (生きがい) model</figcaption></figure><p>While we created this new ikigai model as a joke – I doubt most degens are actually good at what they do – there’s some truth to this meme. We’re all trying to find that sweet spot that really fits our passion, talent and needs for for belonging and survival.</p><p>So while you are continuing to build or write during the bear, ask yourself what games you’re playing and whether you should change the rules or switch to other games. I’m now reminded about this frequently since this is a topic that fellow cohort_3 grantee Allyn Bryce <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://paragraph.xyz/@pinksink/daopunks-or-cohort_3-week-3">has mentioned a lot</a>.</p><p>It&apos;s the bear market so many players in this space are making themselves loud or incorporating clever devices to draw attention and funds. Probably into new vehicles that have questionable impact on our ecosystem. If you’re bored of the current market it&apos;s easy to get swept away from such noise. Especially when it seems most people in your circle are getting caught up in it.</p><p>But now is the best time to remind yourself why you’re still in this game. So choose your games wisely. You don’t need to play the ones that first draw you in. Heck, most people reading this likely left the CORPrat game because they want something better. Ask yourself if you’re playing the game that makes it the most worthwhile to have left that world.</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/09535e416778a02ce1c2772b4d7ab840f7e1c38a45a9ba3f62021934ed8c6420.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 3]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-3</link>
            <guid>lRWWL05SEG2hxY7cySY1</guid>
            <pubDate>Sun, 13 Aug 2023 15:07:26 GMT</pubDate>
            <description><![CDATA[gm! The past week was still a lot of work for Bankless Japan, rather than my intended work with Voyageur and the hackathons. This week was a reminder of how I need to setup a project for success if I’m going to continue web3 development while being a core contributor to Bankless Japan.Building is a MuscleOne thing I realized a long time ago is that I actually don’t enjoy programming. Rather I program to achieve an end result I want, such as getting a product out the door that I or my friends ...]]></description>
            <content:encoded><![CDATA[<p>gm!</p><p>The past week was still a lot of work for Bankless Japan, rather than my intended work with Voyageur and the hackathons. This week was a reminder of how I need to setup a project for success if I’m going to continue web3 development while being a core contributor to Bankless Japan.</p><h2 id="h-building-is-a-muscle" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Building is a Muscle</h2><p>One thing I realized a long time ago is that I actually don’t enjoy programming. Rather I program to achieve an end result I want, such as getting a product out the door that I or my friends need.</p><p>One reason I had left front-end development for InfoSec was the general fatigue I had with that ecosystem: inefficient package management, obtuse error messages, tons of boilerplate, and other headaches. I don’t find these quirks with modern web development fun, but rather an impediment to a result I actually want to get to.</p><p>Coming into web3 development I knew that I would be signing up for enduring some of the pains that made me want try another career path.</p><p>At the same time I realized through Superhack that the result I’m aiming for really has to resonate for me to go through the drudgery of going through modern web development again.</p><p>While I feel I have this hunger when I work on security topics, or working with friends on really creative projects, I found out later this wasn’t the case with the idea I had in mind for Superhack: an on-chain way for airlines and hotels to attest to the loyalty status of their customers.</p><p>It was a neat idea and got me to play around with Ethereum Attestation Service and some of the newer OP Stack chains. But ultimately that idea doesn’t resonate as much as making sure web3 users don’t get scammed.</p><p>My building muscles had atrophied from the years of mostly being a white-hat hacker and educator. When it gets to this point it was too easy for me to try to work on something else other than Superhack.</p><h2 id="h-bankless-japan" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Bankless Japan</h2><p>I have been writing about Bankless Japan a lot more than I thought I would when I first submitted my DAOpunks application. But the reality is that our team is making a lot of progress in developing partnerships that will help feed new content, new events and eventually a new DAO.</p><p>So the momentum has really swept me away from the hackathons I had intended to participate in. While I did do some work for Superhack, ultimately the context-switching that was occurring during the 10 days was too much for me to get a solid hack out (in addition to not being as interested in the idea, as mentioned earlier).</p><p>That being said I’m happy with what we were able to accomplish in the past week for Bankless Japan:</p><ul><li><p>🧑‍💻 Co-worked at the new <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://centrum.studio/">Centrum web3 space</a> in Shibuya + figuring out new partnerships we want to tackle</p></li><li><p>📢 Announced <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://lu.ma/dao-night">our first DAO Night</a> which we’ll be cohosting with Fracton Ventures, Phaver and dYdX, which will take place at the space mentioned above</p></li><li><p>💴 Submitted <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://builder.gitcoin.co/#/chains/10/registry/0x8e1bD5Da87C14dd8e08F7ecc2aBf9D1d558ea174/projects/835">our Gitcoin grant application</a> for the official launch of Bankless Japan, where we will kickstart our journey towards being a self-sufficient community DAO</p></li><li><p>👕 Planning our <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/banklesshq/status/1683853493898027008">バンクレス t-shirt airdrip</a> – not a typo – for Permissionless</p></li></ul><p>My time in Tokyo will be coming to a close soon. With more mental separation between me and the activity in Japan, this should provide me with enough space to start working on Voyageur again and submit something for NAVH (which is due in 8 days).</p><h2 id="h-voyageur" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Voyageur</h2><p>My next hackathon is due next week. As I had not made as much progress on Voyageur: Prologue as I thought I would, I’m considering just developing a “vertical slice” of the main vision I had for the daap and delivering that for the hackathon.</p><p>Time is more of a concern now not only due to wanting to show something useful and useable by the end of the DAOpunks cohort. But to also have something I can show to people at the next three conferences I’m attending: Ethcon, Korean Blockchain Week and Permissionless.</p><p>With that I’m now slowly getting back into a consistent building mode and hope to try to maintain that momentum. Let’s see how the next week fairs for me!</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/a193a15048e758fc7abfe13134d1ee93db06ae98486f267c689ddfae424131cf.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 2]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-2</link>
            <guid>WkGhGDJnokI5ShrLxSGB</guid>
            <pubDate>Sat, 05 Aug 2023 08:18:42 GMT</pubDate>
            <description><![CDATA[It’s been a busy Week 2, but not the way I had intended! My intention for most of August is to work predominantly on Voyageur, a new security awareness learning platform for web3, and variations of it for hackathons. But since coming back to Japan, many opportunities have opened up that are not directly related to Voyageur. The past week has still been mostly working on SHILLing activities rather than BUIDLing Voyageur. So this week’s post will be about how I am juggling all these new commitm...]]></description>
            <content:encoded><![CDATA[<p>It’s been a busy Week 2, but not the way I had intended!</p><p>My intention for most of August is to work predominantly on Voyageur, a new security awareness learning platform for web3, and variations of it for hackathons. But since coming back to Japan, many opportunities have opened up that are not directly related to Voyageur.</p><p>The past week has still been mostly working on SHILLing activities rather than BUIDLing Voyageur. So this week’s post will be about how I am juggling all these new commitments and talk a bit about Voyageur: Prologue’s progress.</p><h2 id="h-bankless-japan" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Bankless Japan</h2><p>Although I’ve helped Bankless Japan a few times in the past, including designing their <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/BanklessHQ/status/1683853493898027008">バンクレス shirt</a>, I never really considered myself part of the IMN.</p><p>This changed after my experience working with them at WebX, <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://mirror.xyz/d0wnlore.eth/MGSVykD-95szqTLTPf6jgXGRRkBx5wKLvHQ-9XrykQQ">as I detailed in my last post</a>. I’m now a core contributor to their IMN and we have big plans that I want to help them get off the ground.</p><p>But this is a different set of priorities than what I had intended to focus on a few weeks ago. So I’ll need to be careful with my time allotment, to ensure that I can work to the best of my ability for both Bankless Japan and Voyageur.</p><p>One thing I have started to be more conscious about is time-boxing my work with Bankless Japan, so that I’m not always thinking about what I can be doing for the team at all hours of the day. It’s easy to dive deep into a rabbit hole when you first start something new and exciting with frens. But now I’m conscious of that and coming out of the hole to give time to my other priorities.</p><h2 id="h-hackathons" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Hackathons</h2><p>I’m currently in the <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://navhackathon.consensys.io">Consensys NAVH</a>. Unfortunately not much progress had been made since my last post. Besides getting most of the written content, wallet integration and HTML structure ready since last time, there is a long way to go to make what I have a functioning dapp.</p><p>While there is still close to three weeks before submissions are due, I have also registered for three other hackathons:</p><ul><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://ethglobal.com/events/superhack">ETHGlobal Superhack</a>, which focuses on technologies built on the OP Stack, including Base, Worldcoin, Zora and many others (this hackathon has started as of today and is due sooner than NAVH)</p></li><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://2023.ethcon.kr/">Ethcon Korea</a>, which will be my first hackathon in South Korea and probably the first to incorporate quadratic funding into the prize pool (this will start on September 1st and is an in-person, 3-day hackathon)</p></li><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://blockworks.co/event/permissionless-2023-hackathon">Permissionless II</a>, which will be hosting their first hackathon for this year’s conference (I am still pending an invite due to technical issues on their end 🙏)</p></li></ul><p>I applied for all four hackathons before my new commitment to Bankless Japan and thought I could make them all work out at the time. For the multi-week hackathons like NAVH and Superhack I may have to be more scrappy with my submission or join a team to help diffuse the workload but retain a high degree of learning.</p><h2 id="h-voyageur-prologue" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Voyageur: Prologue</h2><p>This is the dapp, or “hack”, I’m currently building for <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://navhackathon.consensys.io/">NAVH</a>.</p><p>This hack gives security lessons in bite-sized pieces through UX similar to Instagram Stories or TikTok. There will be a topic, say “Why use 2FA?”, that is split up into slides meant to be viewed on a mobile device. After viewing all the slides, you are quizzed on what you have just read. Successfully passing the quiz enables you to mint a Proof of Knowledge NFT for that topic.</p><p>There is not much to show for this vision yet. But as I have paired down my schedule a lot in the upcoming week, I’ll be dropping some screenshots of what I will have completed for my Week 3 post.</p><p>Right now the tech stack for the dapp is pretty minimal:</p><ul><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://nextjs.org/">Next.js</a> for the front-end, which uses <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://react.dev/">React</a> for the UI library and has server-side rendering baked-in (which is actually a bit annoying to work with for a hackathon project, so I’ll likely turn all of that off)</p></li><li><p>I’m using <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://tailwindcss.com/">Tailwind CSS</a> for UI theming, but as I’m used to just writing raw HTML + CSS to get my UI looking the way I want quickly, I may throw Tailwind out</p></li><li><p>NAVH necessitates using specific technologies to earn points for judging, so I integrated the <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://metamask.io/sdk/">MetaMask SDK</a> for wallet integration and <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://wagmi.sh/">wagmi</a> for improving the developer experience when interacting with wallets and chains through React</p></li><li><p>I have not written the NFT contract yet, but it will be deployed to <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://linea.build/">Linea</a> Testnet and likely using <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://thirdweb.com/">thirdweb</a>’s deployer</p></li></ul><p>I will not be working on this idea for Superhack and my hack for that event may not be very security related. So I not only have to come up with another idea for that other hackathon, or join another team, but also work on both hacks in tandem. I will certainly be learning a lot through the experience. But I also need to make sure that I do not burn out.</p><p>That is all for this week!</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/9f91daf25e25a82930fd45c3f08f1dfc3b0d10d5a14888907f8456957e2f578f.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[DAOpunks Cohort 3 - Week 1]]></title>
            <link>https://paragraph.com/@d0wnlore/daopunks-cohort-3-week-1</link>
            <guid>xwTMghbjo2FkWociDT5O</guid>
            <pubDate>Sat, 29 Jul 2023 04:28:45 GMT</pubDate>
            <description><![CDATA[gm and welcome to my first post in a series covering my journey through DAOpunks cohort_3! I’m still surprised I made it to the top 3 of the cohort but I will do my best to make the most of this opportunity over the next six weeks. This initial post will likely be lengthier than subsequent ones, as I introduce DAOpunks, why I participated in this cohort, and what I ended up doing during my first week.WTF is DAOpunks?DAOpunks is an NFT collection and public goods grant platform that grew out o...]]></description>
            <content:encoded><![CDATA[<p>gm and welcome to my first post in a series covering my journey through DAOpunks cohort_3! I’m still surprised I made it to the top 3 of the cohort but I will do my best to make the most of this opportunity over the next six weeks.</p><p>This initial post will likely be lengthier than subsequent ones, as I introduce DAOpunks, why I participated in this cohort, and what I ended up doing during my first week.</p><h2 id="h-wtf-is-daopunks" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">WTF is DAOpunks?</h2><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.daopunks.io/">DAOpunks</a> is an NFT collection and public goods grant platform that grew out of the creative community we have at <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.bankless.community/">BanklessDAO</a>. It’s a mission-driven project that promotes the transition from being a corpRAT in a corporate environment to being a DAOpunk and working in web3 or DAOs.</p><p>Besides the NFT part of DAOpunks they also have a grants program that rewards accepted grantees with 1 ETH each. This grant is used to help grantees pursue their respective missions in trying to make the shift to predominantly working in web3 or producing an artifact that is valuable to the ecosystem.</p><p>As a DAOpunks holder I participated in the previous cohorts by voting on the individuals I thought should have received a grant. I never entertained the thought of actually applying myself as I had no immediate need to fully transition to working in web3.</p><p>Until this year…</p><h2 id="h-voyageur" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Voyageur</h2><p>Voyageur is security awareness training for web3.</p><p>CORPrats working at large companies may be aware of existing security awareness training platforms like KnowBe4, Cofense, Proofpoint and many others. These platforms are used to train employees on cybersecurity concerns and hopefully encourage new behaviours that reduces risk to an organization. These mostly focus on email phishing, malware and social engineering.</p><p>As the Education Coordinator at BanklessDAO’s InfoSec Team for 1.5 years, I’ve learned a lot about what the current threat landscape looks like for web3 users and organizations (DAOs, web3 companies and established organizations looking to adopt web3 technologies). In my opinion there isn’t a satisfactory solution to not only teaching this ecosystem about security risks but also to encourage the behaviour change needed for people to remain aware of those risks when the time comes.</p><p>Exciting technologies like account abstraction and multi-party computation (MPC) may start to improve the dire situation we are in with security UX. But until then, while we still interact with blockchains in ways that can put us in risky situations, we need more education to help one another avoid falling into traps set by hackers and scammers.</p><p>This is why I decided to dust off my development and design skillset, which I did before I entered InfoSec 4 years ago, and start building a platform to encourage web3 users to adopt risk-reducing behaviours when interacting with the ecosystem. I am aiming to have a Minimum Viable Product (MVP) done by the end of the DAOpunks cohort in early September. This happens to coincide with my trip to Seoul for a few conferences there.</p><p>I applied for the grant not only for the financial flexibility 1 ETH can bring as I build the MVP. But also to act as a forcing function, as I must write weekly articles for this cohort and have something to show at the end of it. In my case it is the Voyageur MVP, which I also hope to use DAOpunks as a platform to help promote as I develop it throughout the next several weeks.</p><h2 id="h-webx" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">WebX</h2><p>I’m affiliated with <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://twitter.com/banklessjp">Bankless Japan</a> and had the chance to work with them for their presence at WebX, a large crypto and web3 conference in Tokyo. We were a media partner with a booth at a key spot in the exhibitor floor and took full advantage of it.</p><p>Most of my energy was used to help bring more opportunities to Bankless Japan. But I also kept Voyageur in the back of my mind while talking to specific people as Voyageur was another reason I went to WebX:</p><ul><li><p>I’m aiming to have the MVP available in English, Japanese and Korean. My last visits to these countries showed me the large potential growth East Asia has in web3. I want to help guide their journey into web3 safely, as there seems to be a lack of deep web3 security content in their native languages (and much of Asia, really)</p></li><li><p>I have contacts in Japan and Korea that could help promote, develop and possibly fund Voyageur. It was great to see familiar faces from both countries at WebX and this gave me more motivation to make sure our content is available in their native languages, which could also help to sell to extended contacts.</p></li><li><p>Figuring out by talking to those in and out of security as to whether my idea makes sense. While I believe the web3 ecosystem needs something like Voyageur, that may not match reality. But at the very least I met people at WebX that operate in web3 individually, in DAOs and in companies just starting to get into web3 that echoed my sentiment that there is a lack of needed, effective end-user security education in the space</p></li></ul><h2 id="h-voyageur-prologue" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Voyageur: Prologue</h2><p>One decision I made a few weeks ago was to pause development on Voyageur as I had imagined it could be upon MVP release. This was so that I could develop a concise version of the same concept for <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://navhackathon.consensys.io/">Consensys’ Not Another Virtual Hackathon</a> (NAVH).</p><p>I have some experience with dapp development, but I’m not a strong buidler. I have participated in a few hackathons this year, including ETHGlobal Waterloo where we won a prize, which helped bring me up to speed on modern dapp development. But I need more experience building a dapp with a more complex architecture.</p><p>As NAVH is skewed towards rewarding hacks that use as many Consensys and partner services as possible, I figured this was the best opportunity to learn a lot in a small amount of time. But I didn’t want to work on a project that took time away from Voyageur. Thus I’m working on security education hack that could possibly fit as a learning module in Voyageur. Or actually become Voyageur if it could accomplish the objective better that what I had first imagined.</p><h2 id="h-buidl-and-shill" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">BUIDL &amp; SHILL</h2><p>Productivity wise I will be packaging my days into BUIDL mode or SHILL mode.</p><p>BUIDL mode is where I’m developing my security project, Voyageur, and the mode I intend to be in for most of the cohort. I will be in SHILL mode for the times when I am attending conferences, where I will be doing product-market fit research and trying to promote Voyageur.</p><p>During BUIDL mode I aim to show the process of developing a dapp, which I have some experience in but still very much a novice at. During SHILL mode I will mostly be discussing how I see my security project, Voyageur, fitting in the wider web3 ecosystem and specifically the Asian ecosystem as this is the region I want to focus on past a general English audience.</p><p>Week 1 was mostly SHILL mode as I spent most of the week in Tokyo working with Bankless Japan on their presence at the WebX conference. Next week will be my first BUIDL post and where I will talk more about my NAVH version of Voyageur and its design and development process.</p><p>Stay tuned…</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/7b8455645d88b97bfdb2a54aa26ba5db9ba7fc320f34fb415f9e4f9d078299a9.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[Walletpunk: Improving Wallet Security UX with Composability]]></title>
            <link>https://paragraph.com/@d0wnlore/walletpunk-improving-wallet-security-ux-with-composability</link>
            <guid>NvFzCnFk1mCFTnPJn8Fs</guid>
            <pubDate>Tue, 23 May 2023 22:50:45 GMT</pubDate>
            <description><![CDATA[Security is a game of cat and mouse that is evolving with new threats every week. Security and wallet clients are intertwined, contributing to the concept of security UX. But this landscape can put stressors on wallet client developers and can hinder the delivery of other necessary quality-of-life features. Not to mention persistent security UX issues that still need to be addressed, like obscure signature request messages. I argue that we should move towards an ecosystem where we do not have...]]></description>
            <content:encoded><![CDATA[<p>Security is a game of cat and mouse that is evolving with new threats every week. Security and wallet clients are intertwined, contributing to the concept of security UX. But this landscape can put stressors on wallet client developers and can hinder the delivery of other necessary quality-of-life features. Not to mention persistent security UX issues that still need to be addressed, like obscure signature request messages.</p><p>I argue that we should move towards an ecosystem where we do not have to rely solely on core developers to improve the security UX of their wallet clients. As our crypto ecosystem was forged from the cypherpunk ethos, we should work towards decentralizing more parts of the user’s transaction process.</p><p>By integrating the best solutions available through composability, not just what the core developers have the cycles to work on, we can better safeguard the transaction experience as a whole.</p><p>Until this happens, the bad guys will continue to have the asymmetric advantage in their attacks against crypto users, which can impede mass adoption.</p><p>To bridge the gap towards a robust era of wallets that protect users from scammers, please humour me as we look to the genre of cyberpunk for inspiration.</p><h2 id="h-my-vision-is-augmented" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">My Vision Is Augmented</h2><p>Enhancements and augmentations like exoskeleton suits, cybernetic limbs, and ocular implants are cyberpunk tropes that empower individuals to transcend the limitations of human flesh and bone. In these fictional worlds—and let’s ignore that they are often dystopian for now—augmentations are created by multiple parties, from sprawling mega-corporations to solitary garage innovators.</p><p>Anyone can order augmentations from these parties through an open marketplace and install them at will. These added pieces of technology result in step function changes for the people that use them, enabling one to accomplish physical and cognitive feats that were not possible before.</p><p>What the wallet ecosystem needs are open marketplaces of augmentations mentioned above. An ecosystem that enables users to install extensions that enhance and protect their transaction experience, and thus their overall interactions with crypto and trickling down to a more robust ecosystem as a whole.</p><p>Developers have been taking advantage of the composability offered by smart contracts and dApps for years. But wallet clients still lack the systems needed to build &quot;wallet legos&quot; that can truly interoperate with other software. Thankfully, there are efforts to start moving towards a more decentralized way of observing and building transactions through wallet clients:</p><ul><li><p>Browser extensions that simulate transactions before they are submitted, such as <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.joinfire.xyz/?utm_source=referral&amp;referralCode=NGk3qsblz">Fire</a> or <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.walletguard.app/">Wallet Guard</a>, that work alongside existing wallet clients</p></li><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://metamask.io/snaps/">MetaMask Snaps</a>, which enables developers to extend the MetaMask experience and will allow users to acquire these extensions through a new marketplace</p></li></ul><p>If wallet clients can further embrace this composability, we can alleviate the existing security UX gaps while allowing teams that may be more agile in developing solutions for tomorrow&apos;s threats to improve those same wallet clients.</p><h2 id="h-rebuilding-stronger-wallets-for-tomorrow" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Rebuilding Stronger Wallets for Tomorrow</h2><p>The archetype for a wallet client has not changed much since the first ones like MetaMask, MyEtherWallet, and Status entered the scene several years ago. We have settled on useful security UX heuristics that have carried us to this point.</p><p>But these heuristics were developed at a time where we were a bit naive about the threat models in Ethereum—MEV for example—and we did not reach this point unscathed. Arguably, there are some heuristics that we should look towards completely rebuilding, like how operating systems switched their UIs from skeuomorphic design principles to one that resembles a pure and flat aesthetic.</p><p>Entrusting a few developers to build and evolve their wallet clients as new security threats loom is one holdover that we should rethink and rebuild. Towards an ecosystem where composability will help wallet clients weather the storm of the evolving security landscape.</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/6bcd76022f16aa09a4d3d62d459880c5973014cf126a8f8e0aeb37c3f7482848.png" length="0" type="image/png"/>
        </item>
        <item>
            <title><![CDATA[Why the Wallet Is Still Our Best Metaphor]]></title>
            <link>https://paragraph.com/@d0wnlore/why-the-wallet-is-still-our-best-metaphor</link>
            <guid>Pij97FcPLxt429z1PmWN</guid>
            <pubDate>Wed, 17 May 2023 04:21:03 GMT</pubDate>
            <description><![CDATA[We use metaphors to make abstract or unfamiliar ideas easier to grasp. But in computing many of these metaphors have a half-life, after which they cease to make sense for newer audiences. Take the 💾 floppy disk, which used to visually represent the act of saving work or progress. The idea of using that metaphor in this day of SSDs and cloud storage would feel antiquated. It was already antiquated when internal hard disks were being used to save work more often. It would also be confusing to ...]]></description>
            <content:encoded><![CDATA[<p>We use metaphors to make abstract or unfamiliar ideas easier to grasp. But in computing many of these metaphors have a half-life, after which they cease to make sense for newer audiences.</p><p>Take the 💾 floppy disk, which used to visually represent the act of saving work or progress. The idea of using that metaphor in this day of SSDs and cloud storage would feel antiquated. It was already antiquated when internal hard disks were being used to save work more often. It would also be confusing to those that were born after the day-to-day use of floppy disks ended.</p><p>Since the inception of Bitcoin we have used the wallet as a metaphor for “some client that stores a private key and signs messages with it”, or even as simple as a wallet being a public-private key pair (paper wallets). It was a convenient way to convey the idea that a wallet contained the means to send and receive coins of some value.</p><p>But in a smart contract ecosystem that has spawned use cases past just transferring units of value between parties, does the wallet metaphor still hold true? Or should we do away with them as we have with floppy disks?</p><p>Here I will argue why the wallet is still our best metaphor for these new use cases in the web3 ecosystem. In addition I will be pitting wallets against passports, an up-and-coming metaphor that has captured some interest in Crypto Twitter, but one that I feel is still lacking compared to the wallet in many respects.</p><h2 id="h-what-can-you-do-with-a-physical-wallet" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What Can You Do With a (Physical) Wallet?</h2><p>Physical wallets are a container that can hold anything the owner wants, as long as they fit within the form factor. Specifically wallets can hold three key types of items that many addresses on programable blockchains like Ethereum may have:</p><ul><li><p>💴 Money</p></li><li><p>🪪 Identities</p></li><li><p>🃏 Collectibles</p></li></ul><p>Let’s go through each of these and figure out why wallets still work for this use case and why passports cannot fulfill our needs.</p><h2 id="h-wallets-store-money" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Wallets Store Money</h2><p>The whole “Is Ether money?” argument aside, this is the clear use case for both physical wallets and wallets that can manipulate token counts on a blockchain. Your Ethereum wallet may not technically store the tokens, but it does hold the means to access them. Similar to how your physical wallet may have credit cards that don’t actually have money stored on them, but are a means to access the value associated with them.</p><p>Compare this with passports. Past the subjective value of visas that may reside in them, which cannot be transferred, or the value of the passport itself, passports cannot contain money (you could try to slip money to an immigration officer, but this is not advisable).</p><h2 id="h-wallets-store-identities" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Wallets Store Identities</h2><p>You likely have some form of identification in your physical wallet: drivers license, health coverage card, membership card, etc. Those are “strong” forms of identification that you would show to someone to prove your identity or association with a group. You may also have loose forms identification like your credit card or a train ticket that have your full name or seat number.</p><p>Wallets are often associated with a single private key, which can have multiple blockchain addresses derived from that key. Each of these addresses can have identities associated with them, from strong forms (ENS, Lens) to loose ones (POAPs, NFTs). An address is not restricted to one identity and could be associated with multiple identities, such as Satoshi Nakamoto&apos;s address since it’s not beyond the realm of possibility that Satoshi could be more than one person.</p><p>Passports are limited to association with a single identity and can’t be changed easily (addresses can change their identities at any time, such as when an ENS or Lens name is transferred). This may be too inflexible a metaphor in a time when many crypto users are used to having multiple addresses for different use cases and may tie a different identity to each of them. An individual may have multiple passports but these are not easy to obtain for most people, compared to being able to derive a new address and creating a new ENS name for it.</p><h2 id="h-wallets-store-collectibles" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Wallets Store Collectibles</h2><p>As mentioned earlier, physical wallets are containers that can hold whatever the owner wants, as long as it fits. It’s not uncommon to find personal collectibles in a wallet, such as family photos, novelty transit fare cards and memorable tickets or business cards.</p><p>Repurposing this as a metaphor in blockchains works just as well. Your wallet contains the addresses that are associated with collectibles on the blockchain, likely NFTs.</p><p>Passports can store collectibles too, but mostly in the form of visa stamps. Otherwise it’s a very inflexible container for any other collectible as other decorations inside the passport would be considered tampering.</p><h2 id="h-conclusion" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Conclusion</h2><p>Wallets are still the best method we have for conveying what someone can do with a private key on a blockchain.</p><p>Until a new utility has appeared in the physical realm that can act as a better metaphor for wallets, we should lean into making the best use of this metaphor to improve crypto UX for new crypto users. Not shoe-horn other objects, like passports, that do not fit our needs and can be explained more clearly with the wallet.</p>]]></content:encoded>
            <author>d0wnlore@newsletter.paragraph.com (d0wnlore)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/7162939ebbad8871eab8459698c875aaa12963c55f06d539e7b76d85b3686779.png" length="0" type="image/png"/>
        </item>
    </channel>
</rss>