Typefully

Write better tweets.

Build your Twitter audience.

Select Twitter account first

Join 90,000+ creators

@david_perell
@ev
@dhh
@marckohlbrugge
@maccaw
@warikoo
@adamwathan
Build in public

Share a recent learning with your followers.

Create engagement

Pose a thought-provoking question.

Curated writing prompts to never run out of ideas

Get fresh prompts and ideas whenever you write - with examples of popular tweets.

The best writing experience, with powerful scheduling

Create your content without distractions - where it's easier to write and organize threads.

Avatar
Avatar

Cross-post to LinkedIn

NEW

Automatically add LinkedIn versions to your posts.

+14

Followers

Discover what works with powerful analytics

Easily track your engagement analytics to improve your content and grow faster.

@frankdilo

@frankdilo

Feedback?

@albigiu

@albigiu

Love it 🔥

Collaborate on drafts and leave comments

Write with your teammates and get feedback with comments.

🧵

Rewrite as thread start

🔥

Make it Punchier

Fix Grammar

Improve your content with AI suggestions and rewrites

Get suggestions, tweet ideas, and rewrites powered by AI.

And much more:

Auto-Split Text in Tweets

Thread Finisher

Tweet Numbering

Pin Drafts

Connect Multiple Accounts

Automatic Backups

Dark Mode

Keyboard Shortcuts

Top tweeters love Typefully

90,000+ creators and teams chose Typefully to curate their Twitter presence. Join them.

Queue your content in seconds

Write, schedule and boost your tweets - with no need for extra apps.

Schedule with one click

Queue your tweet with a single click - or pick a time manually.

Pick the perfect time

Time each tweet to perfection with Typefully's performance analytics.

Boost your content

Retweet and plug your tweets for automated engagement.

Queue

Start creating a content queue.

Tweet with daily inspiration

Break through writer's block with great ideas and suggestions.

Start with a fresh idea

Enjoy daily prompts and ideas to inspire your writing.

Check examples out

Get inspiration from tweets that used these prompts and ideas.

Flick through topics

Or skim through curated collections of trending tweets for each topic.

Prompts

Check the analytics that matter

Build your audience with insights that make sense.

Tweets

Write, edit, and track tweets together

Write and publish with your teammates and friends.

@frankdilo
@albigiu

Share your drafts

Brainstorm and bounce ideas with your teammates.

@frankdilo

@frankdilo

Feedback?

@albigiu

@albigiu

Love it 🔥

Add comments

NEW

Get feedback from coworkers before you hit publish.

Read, Write, Publish

Read, WriteRead

Control user access

Decide who can view, edit, or publish your drafts.

Build an automated tweet machine

Our Zapier integration enables countless no-code workflows.

TypefullySlack

Share new drafts in Slack channel

RSSTypefully

New draft from RSS feed item content

DocsTypefully

New scheduled draft from Google Doc

TypefullySheets

New spreadsheet row from published tweet

ScheduleTypefully

Create new template draft every Monday

TypefullyGmail

Send an email for every published thread

FeedlyTypefully

Create draft for new items in feeds folder

TwitterTypefully

Thank new followers with a tweet

TypefullySlack

Share new drafts in Slack channel

RSSTypefully

New draft from RSS feed item content

DocsTypefully

New scheduled draft from Google Doc

TypefullySheets

New spreadsheet row from published tweet

ScheduleTypefully

Create new template draft every Monday

TypefullyGmail

Send an email for every published thread

FeedlyTypefully

Create draft for new items in feeds folder

TwitterTypefully

Thank new followers with a tweet

Ready to write better tweets and grow your audience?

Get started with our generous free plan.

Typefully

© 2022 Mailbrew Inc.

Privacy

Terms

Contact us

Work with us

Product

Pricing

Changelog

Keyboard shortcuts

Invite teammates

Affiliate program

Grow on Twitter

Typefully Academy

Get a social blog

Automate with Zapier

Boost engagement

Popular profiles

Help & Social

Help pages

Brand assets

Twitter

Blog

Announcements

Rainbow ridge resisted another attack

Avatar
 • 

7 months ago

 • 

View on Twitter

🧵 on the Rainbow Bridge attack during the weekend TL; DR: similar to May attack; no user funds lost; attack was mitigated automatically within 31 seconds; attacker lost 5 ETH.

The rainbow bridge is based on trustless assumptions with no selected middleman to transfer messages or assets between chains. Because of this, anyone can interact with its' smart contracts, including the NEAR light client: https://etherscan.io/address/0x3be7df8db39996a837041bb8ee0dadf60f767038

Usually, it's Rainbow bridge relayers, who submit the info on NEAR blocks to Ethereum. However, sometimes others are doing this. Unfortunately, usually with bad intentions.

The incorrectly submitted information to the NEAR Light Client may result in the loss of all funds on the bridge. That's why this step is secured with the most solid thing: a consensus of NEAR validators.

And if someone tries to submit incorrect info, then it would be challenged by independent watchdogs, who also observe NEAR blockchain. You may want to read more on how Rainbow Bridge works, check out this article: https://near.org/bridge/

Over the weekend an attacker submitted a fabricated NEAR block to the Rainbow Bridge contract: https://etherscan.io/tx/0x289c589fb1b0c7c2fc042627c1633cc2400e7bd3107a4bd80f01b87507e62962 During a transaction, a safe deposit of 5 ETH was required.

The transaction was successfully submitted in the Ethereum blockchain in the block 15378741 on Aug-20-2022 04:49:19 PM +UTC. Note the time of attack: an attacker was hoping that it would be complicated to react on the attack early Saturday morning.

However, no reaction from humans was required. Automated watchdogs were challenging the malicious transaction, which resulted in an attacker loosing his safe deposit: https://etherscan.io/tx/0x9be2ef5c7bbce3481af2757ca9ab11b9624ce52fdd4d0808dc5e292217173acb

And the reaction was taking only 31 seconds (4 Ethereum blocks)

This attack was absolutely similar to an attack on May 1st. Read more about it here: https://twitter.com/AlexAuroraDev/status/1520810591803293696

And though attacker was hoping that our security team won't be available, in fact it was. After notifications on strange activities, within 1h the team was checking that everything is OK and was going back to sleep without disturbing myself or the users.

There are still several important things to mention: First, we have been thinking of increasing the safe deposit (to reduce the number of attacks), but discarded this idea. The reason -- it would make the bridge more permissioned and we fight for decentralization.

Second, the security is in the hearts of Aurora Labs team and that's the reason why we have alerts, automatic systems, audits and bug bounties. In fact we payed out the second largest bug bounty in the world to secure our users! https://cointelegraph.com/news/aurora-pays-6m-bug-bounty-to-ethical-security-hacker-through-immunefi

Third, to all the builders in web3, there's no way you can omit attack attempts. Please, make sure that you have enough systems in place to mitigate these attacks. My heart is bleeding when I see great builders unfortunately failing because of these.

And forth, dear attacker, it's great to see the activity from your end, but if you actually want to make something good, instead of stealing users money and having lots of hard time trying to launder it; you have an alternative -- the bug bounty: https://immunefi.com/bounty/aurora/

If you want to know more stats on the Rainbow Bridge, please refer to @zacodil's dashboard: https://dune.com/zavodil/rainbow-bridge

Avatar

Alex Shevchenko 🇺🇦

@AlexAuroraDev

CEO of @auroraisnear (Aurora Labs) | Creator of @ExonumPlatform | Ph.D. in Physics and Mathematics | #Blockchain enthusiast since 2015 | Proud to be Ukrainian

Follow on Twitter