Craft and publish engaging content in an app built for creators.
NEW
Publish anywhere
Post on LinkedIn & Mastodon too. More platforms coming soon.
Make it punchier 👊
Typefully
@typefully
We're launching a Command Bar today with great commands and features.
AI ideas and rewrites
Get suggestions, tweet ideas, and rewrites powered by AI.
Turn your tweets & threads into a social blog
Give your content new life with our beautiful, sharable pages. Make it go viral on other platforms too.
+14
Followers
Powerful analytics to grow faster
Easily track your engagement analytics to improve your content and grow faster.
Build in public
Share a recent learning with your followers.
Create engagement
Pose a thought-provoking question.
Never run out of ideas
Get prompts and ideas whenever you write - with examples of popular tweets.
@aaditsh
I think this thread hook could be improved.
@frankdilo
On it 🔥
Share drafts & leave comments
Write with your teammates and get feedback with comments.
NEW
Easlo
@heyeaslo
Reply with "Notion" to get early access to my new template.
Jaga
@kandros5591
Notion 🙏
DM Sent
Create giveaways with Auto-DMs
Send DMs automatically based on engagement with your tweets.
And much more:
Auto-Split Text in Posts
Thread Finisher
Tweet Numbering
Pin Drafts
Connect Multiple Accounts
Automatic Backups
Dark Mode
Keyboard Shortcuts
Creators love Typefully
150,000+ creators and teams chose Typefully to curate their Twitter presence.
Marc Köhlbrugge@marckohlbrugge
Tweeting more with @typefully these days.
🙈 Distraction-free
✍️ Write-only Twitter
🧵 Effortless threads
📈 Actionable metrics
I recommend giving it a shot.
Jurre Houtkamp@jurrehoutkamp
Typefully is fantastic and way too cheap for what you get.
We’ve tried many alternatives at @framer but nothing beats it. If you’re still tweeting from Twitter you’re wasting time.
DHH@dhh
This is my new go-to writing environment for Twitter threads.
They've built something wonderfully simple and distraction free with Typefully 😍
Santiago@svpino
For 24 months, I tried almost a dozen Twitter scheduling tools.
Then I found @typefully, and I've been using it for seven months straight.
When it comes down to the experience of scheduling and long-form content writing, Typefully is in a league of its own.
Luca Rossi ꩜@lucaronin
After trying literally all the major Twitter scheduling tools, I settled with @typefully.
Killer feature to me is the native image editor — unique and super useful 🙏
Visual Theory@visualtheory_
Really impressed by the way @typefully has simplified my Twitter writing + scheduling/publishing experience.
Beautiful user experience.
0 friction.
Simplicity is the ultimate sophistication.
Queue your content in seconds
Write, schedule and boost your tweets - with no need for extra apps.
Schedule with one click
Queue your post with a single click - or pick a time manually.
Pick the perfect time
Time each post to perfection with Typefully's performance analytics.
Boost your content
Retweet and plug your posts for automated engagement.
Start creating a content queue.
Write once, publish everywhere
We natively support multiple platforms, so that you can expand your reach easily.
Check the analytics that matter
Build your audience with insights that make sense.
Writing prompts & personalized post ideas
Break through writer's block with great ideas and suggestions.
Never run out of ideas
Enjoy daily prompts and ideas to inspire your writing.
Use AI for personalized suggestions
Get inspiration from ideas based on your own past tweets.
Flick through topics
Or skim through curated collections of trending tweets for each topic.
Write, edit, and track tweets together
Write and publish with your teammates and friends.
Share your drafts
Brainstorm and bounce ideas with your teammates.
NEW
@aaditsh
I think this thread hook could be improved.
@frankdilo
On it 🔥
Add comments
Get feedback from coworkers before you hit publish.
Read, Write, Publish
Read, WriteRead
Control user access
Decide who can view, edit, or publish your drafts.
You bought a hardware wallet - great work!
But hold on, what risks are actually being mitigated? ✅
And what risks are not being mitigated? ❌
👇A 🧵from a cyber security architect
Many people misunderstand the risks that a hardware wallet mitigates. This is dangerous and leads people to a false sense of security towards their blockchain assets.
Which brings me to the first and most important, albeit bland, point of this thread...
Risk management starts with risk assessment 🕵️
You should not implement controls without first understanding the risks that you are trying to mitigate
Once the risks are understood, you should seek controls to mitigate those risks
Once controls are implemented, test them
Let's talk about risks and how we might categorise them.
We have a useful model in security called the CIA triad - Confidentiality, Integrity, and Availability.
All risks will align with at least one of these principles and they are foundational to security risk management
Confidentiality - ensuring that data are kept private
Integrity - ensuring that data are correct, authentic, and reliable
Availability - ensuring that data are available when needed
Now that we've had a quick cyber security primer, let's get back to hardware wallets!
RISK #1
Seed phrase / private key theft - Confidentiality risk.
The main goal of a hardware wallet is to provide a safe mechanism for interacting with the blockchain, while mitigating the risk of an unauthorised entity gaining access to your seed phrase / private keys
A hardware wallet mitigates the risk of this unauthorised access by storing the private keys in an environment that is specifically designed to keep these secrets secure. This is the sole purpose of the device and all other functionality is secondary to this one purpose.
The device that you are using right now to read this thread, is VERY insecure in comparison. Storing your keys on a wallet on this device is a bad idea as the attack surface is significantly higher. Your keys are exposed to a slew of potential malware and phishing attacks.
Just in case you missed it, because this is important -
A HARDWARE WALLET DOES NOT IMPLICITLY SECURE A SEED PHRASE
If your backup (you do have a backup, right?) is compromised, a malicious actor can use the private keys to access your assets regardless of your hardware wallet
RISK #2
Man-in-the-middle signature - Integrity risk
This isn't a risk that is explicitly designed for, it's more of a bonus control. There is a risk that your wallet software on your PC/phone could be compromised and have you sign an unexpected transaction that looks legitimate
The malware would display the correct function while taking your signature and applying it to a separate illegitimate transaction.
If you are only using a software/hot wallet, you will be none the wiser.
If you are using a hardware wallet, it will always show the actual transaction on your screen as you sign it.
This is one of the reasons why I recommend @gridplus Lattice1 as it has the capability to show you what you are signing in human readable form (not hex)
And that's it for the list of risks that a hardware wallet DOES mitigate.
What risks does it not mitigate?
Well, the list is long, but here are a few -
NFT / ETH drains on fake mint sites (you are approving these with your hardware wallet) - Integrity
Seed phrase backup theft - Confidentiality
Seed phrase loss due to lack of backup - Availability
Losing staked NFTs due to contract hack - Availability
NFT swap scams - Integrity
The list goes on and will continue to grow. Hit me with a reply if you would like insight into any other risks that didn't make this list!
Ok, so we understand the risks/controls and have bought an appropriate hardware wallet and set it up. You said that now we have to test the control?
YES
Attempt a transaction from your software wallet without your hardware wallet connected. Does the transaction succeed?
If it does, your software wallet is holding your keys and you are still at risk.
You need to transfer your assets to an address that is derived from the seed phrase that ONLY lives on your hardware wallet.
YOU SHOULD NEVER IMPORT THIS PHRASE INTO A SOFTWARE WALLET
Many people have asked for help with their wallet behaving in an odd manner to find that they had imported the seed phrase from their hw wallet into M3tamask.
If you have done this you are NOT SAFE. Create a new seed phrase on your hw wallet and transfer your assets ASAP
And lastly, PLEASE stop referring to hardware wallets as "basically 2FA". They are in no way 2FA and this implies controls that hardware wallets do not provide...
like two factors of AUTHENTICATION.
But let's leave that for another thread 😉
If you've enjoyed this thread, please follow for more posts about blockchain security from a cyber security professional!
Please let me know if you have any particular subjects that you would like me to cover in future threads 🙂
Also, if you like the look of the @gridplus, I would appreciate the use of my affiliate link - t.co/vg9hVcVkK8 (back in stock in May)
And if you are looking for a great alternative to M3tamask, check out @0xFrame. It is an amazing wallet.