woodydeck
commented
1 week ago Losing my mind here. Two days, no resolution. It's unacceptable.
Open woodydeck opened 1 week ago
woodydeck
commented
1 week ago Losing my mind here. Two days, no resolution. It's unacceptable.
woodydeck
commented
1 week ago The solution to stop the malware like behavior of Phantom are these terminal commands:
echo "127.0.0.1 eppo-proxy.phantom.app" | sudo tee -a /etc/hosts
echo "127.0.0.1 help.phantom.app" | sudo tee -a /etc/hosts
echo "127.0.0.1 api.phantom.app" | sudo tee -a /etc/hosts
echo "127.0.0.1 blocklist.phantom.app" | sudo tee -a /etc/hosts
echo "127.0.0.1 blowfish-xyz.notion.site" | sudo tee -a /etc/hosts
echo "127.0.0.1 clerk.blowfish.xyz" | sudo tee -a /etc/hosts
echo "127.0.0.1 extension.blowfish.xyz" | sudo tee -a /etc/hosts
echo "127.0.0.1 portal.blowfish.xyz" | sudo tee -a /etc/hosts
echo "127.0.0.1 docs.blowfish.xyz" | sudo tee -a /etc/hosts
echo "127.0.0.1 blowfish-blocklist-proxy.phantom.app" | sudo tee -a /etc/hostsThis blocks the needless Phantom API calls that spy on you. Phantom is also the only wallet I know that asks for total browser history control. If you enable in Incognito mode it can still see all of your sites visited in Chrome. Using chrome://net-export is helpful for logging the behavior of phantom. They also make a lot of needless requests to zendesk, that's why you should block help.phantom.app if you don't like the spying.
So instead of calling the transaction malicious you get that state, which is bad UI and UX. This transaction is sending a memo and tokens, but Blowfish has a bug, and since you can't report bugs to them you're screwed. The idea is to simulate the transaction, but the way they do it is crude.
Phantom needs to drop the api calls, and to run its own blocklist. Can just honestly run a blocklist report or X.com to transparently share addresses to be included. Let community notes vet sites first. Almost everyone with established history is there. That's a good way to socially police malfeasance. Then you can ingest all positive reports for malware and drainers. Dumb end users aren't going to figure out a github PR or even how to make an issue.
woodydeck
commented
3 days ago The block has unceremoniously been removed, and they claimed it was not for political reasons. Keep the ticket open because this is serious and needs a resolution, especially the api calls to random servers not administered by Phantom.
Too long of a time to respond to these issues. Crypto moves faster than scammers.
Re: Ticket 3911 - shitpost.army
Our site got randomly blacklisted by Blowfish. They no longer reply. We already created a PR to whitelist our project, but both Phantom support and the Blowfish team are running us around in loops.
The site just has a basic token send with memo. No contracts or any unvetted code. It only seems that because the site is related to free speech that they are blocking it. Possibly because I am Russian, but the devs have no obvious signs of political affiliations there, and they would not have known that before blocking it unless they went stalker level.
This isn't right what is happening. To outsource to a clandestine Eastern European team tied to very dubious projects (from what I gather) with no vetting the very sick slap in the face to the ideals of crypto. Having gatekeepers and no open source recourse is disgusting.
One of the most annoying things is that they ask for your github and famous friends to vouch. As if the billionaires I talked to during the NFT craze weren't ponzi schemers and running scams. My continuous contributions to projects like Ethereum, MetaMask, Swarm, ENS, and my own project launches don't matter to them. Nor are they willing to discuss on camera or the phone man to man about how to improve security. I have reported many bugs, one most famously being ignored before a $200 million draining.
These people don't care about security, don't understand how Solana works, and should not be trusted with gatekeeping a monopoly like Phantom. It's over 90% of the share of wallets. So if you are blocked by these three little men, you are not worthy of transacting on the blockchain.
Please remove them as contractors and at the very least include the PR so this doesn't affect more people. I talked to other devs with the same issues on Telegram today. We are not alone.