Unchained - How State-Sponsored Hackers Like DPRK Drain DeFi Protocols: Uneasy Money
Episode Date: April 6, 2026The Drift Protocol is down $285 million and Circle has the power to freeze the funds — but won’t. Kain, Taylor, and Luca explain why. Thank you to our sponsors! Fuse: ...The Energy Network – Shift your energy use and earn rewards. MultiChain Advisors - The Growth & Capital Markets Partner You Need The Drift Protocol hack was still unfolding when Kain, Taylor, and Luca went live. Within hours of a suspected admin key compromise, over $285 million had been drained across Solana, with Circle sitting on the ability to freeze the stolen USDC — and choosing not to. Taylor Monahan, who was already in an active incident response room, walked through exactly how DPRK malware operates silently on devices for months before striking, why standard antivirus software won’t catch it, and what the Axios supply chain attack revealed about the vulnerability of open source infrastructure. Then the conversation shifted to the Claude Code source leak — what it actually reveals about how the most sophisticated agentic coding harness in the world was built, and why Kain thinks a new Anthropic model may be days away. Hosts: Kain Warwick, Founder of Infinex and Synthetix Taylor Monahan, Security Expert Luca Netz, CEO of Pudgy Penguins Links Unchained: Drift Protocol Coverage — Search unchainedcrypto.com for current coverage Related: SEAL 911 — Volunteer crypto incident response group Drift Protocol Axios npm package — Supply chain attack vector discussed CrowdStrike EDR — Recommended endpoint detection tool Claude Code — Subject of source leak discussion Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
Hi everyone. I'm Gain Warwick and welcome to Uneasy Money because what happens on chain never stays on chain.
Before we start, nothing you hear on UnEasyMoney is financial advice. We're just three builders talking about what's happening on chain and we want you to always do your own research before aping it.
You can find all our disclosures at UnchainedCrypto.com slash uneasy money. And before we begin, here is a word from the sponsors that make the show possible.
The Energy Network is an intelligent and centralized devices to balance supply and demand. Energy Dollar is the native token of
of the network from one of Europe's fastest growing energy startups.
Follow at Fuse Energy on X to find out more.
Multi-Chain Advisors is an emerging technology growth firm that has helped create 50 plus billion
dollars in enterprise value for 80 plus clients over the past four years.
They're the partner to help navigate markets. Build real traction today at
multi-chain ADV.com. All right, I'm here with my co-host, Taylor Monaghan,
security expert and Luca Nets, dog enjoyer. We are, yeah, we've got some wild stuff to talk about
today. I think the first thing that we need to jump straight into, basically, is Drift Protocol
Hack. It's sitting at 250 million plus right now. Is that right, Tay? Yeah, yep. It's a lot of money.
It's a lot of money. So Tay and I were talking about this before we started. And I was like,
it's not really a post-mortem yet. It's like an active mortum or like a something. So we don't know
that much, I guess, about exactly what has happened here. So just probably leading with like,
There's a lot of speculation, a lot of uncertainty, because this is like a couple hours old.
So we'll do our best unpack it, but again, this is all like somewhat in flight.
Hacks usually this big.
The guys just usually just take a 10% white hat fee.
I mean, like, I don't know how you move to a million dollars into a million.
Well, unfortunately, we think that this is probably, I think it's a DPRK, right?
Is that where we're at?
Ah, it's two hours old.
I can't attribute publicly like this.
I will say, I'll say this.
The second I saw the stuff, I made a lot of calls to get the full set of indicators for recent DPRK stuff to see if we could get more insight.
I think especially relevant.
And like the thing that's top of mind is obviously the Axiotech happened yesterday.
That was DPRK and that was specifically DPRK, who.
who is very crypto motivated.
That entire supply chain attack was the goal is to steal crypto.
So the timing feels suss.
It feels like that would be very like that makes sense.
But a lot of times with these things, it's a bit more complex.
And just because like you find one easy narrative doesn't mean that that is like the answer.
What's going on?
So sorry, just to clarify for.
people at home so that we're clear about this. The reason why the fact that the Axios hack yesterday,
so there was a supply chain attack yesterday, which was some DPRK guys who usually are like
Zoom focused guys and they have leveled up a little bit into other stuff, which like these guys are not
the most sophisticated people for what it's worth.
Like as someone who has, you know, has a pen pal in one of these groups, they, yeah, like,
they're not the brightest bulbs in the bulb factory.
Put it that way.
And there's something weird about them being like, oh, we now are a supply chain attacker.
So they were able to compromise this like huge dependency in like a bunch of stuff, right?
And we don't yet know how that happened exactly.
Oh, we, it's, it's, we've talked about it on the show.
It's the Zoom calls.
Well, now, now, now more often it's, it's a Teams, it's a Microsoft Teams call,
but it's exactly the same.
So it's the exact same flow that we usually see in crypto.
But they're targeting.
So the scary question is like, how the hell would they get the Axios people?
developer maintainer, yeah.
So I mean, I think there's two things that are petrifying about that, right?
You have to imagine as like an open source maintainer that you are so much more susceptible.
I mean, we've seen this, you know, we saw this with like Steve Yegi and some of the guys who were building these open source things.
When crypto people, like even just like normal people, not not DPRK hackers, when crypto people,
turned their attention onto them, they were woefully unprepared for that.
Completely unfair.
They're just not used to the kind of adversarial world where like people are like bashing
your door down to try and steal your shit and like steal your domain names and
handles and all of that stuff.
Right.
So, you know, and these are these are smart dudes who were like completely sideswived by this.
Right.
So you have to imagine someone who has been like meticulously.
maintaining this like core dependency for years is just not used to you know people trying to break into
them. I mean like of course on some level, of course on some level, you know, these are these are
people that understand the the kind of, I would say immediate security concerns of your major
dependency of all of this downstream software. So I'm sure they have very,
very good security practices when it comes to deployments and review, like all of the like
common core things you would have to do. My guess is, maybe I'm wrong, but my guess is they're
probably not as prepared for someone hitting them up on wherever they communicate with each other
and pretending to be a VC or something and you know, they've compromised someone's telegram
account or they've compromised someone's email or whatever and they're like, hey, let's
have a chat. I love what you're doing. And they're like, oh, cool. Yeah. Like Zoom calls are
it is, it's very similar to crypto in the sense that you have individual people who are actually
very smart, very talented, very capable, very computer knowledgeable. They are operating as like
sort of loose organizations. These maintainers, like they often maybe work for a company, but they
also do like, you know, open source software. It's, it's, there's a lot of overlaps with
crypto. Um, and then obviously, there's, there's, there's gaps that are created when you and all
your friends and every individual is like very knowledgeable and secure and like tracks the
security incidents. Um, it mostly happens because they all assume and this happens in crypto too,
but this is even more true in an environment where you're not totally like getting fished all the
time.
You assume, like, you put in all these, these guardrails and all these processes and all these
procedures to ensure that, like, this has to go here and then this is checked here and, you
know, on and on and on.
Every time something gets deployed, there's like a whole process.
There's a root assumption, though, that the person, like the core maintainers, right,
which is usually, honestly, usually it's one guy.
One person.
But, you know, in this case, there were a few different people that probably had those.
like the admin rights or have the ability of knowledge to do this.
They all assume that their computers, their keys, their everything are safe.
Just like crypto wallet keys, right?
You have keys that exist on your device that give you permission or access or authorization
to push to GitHub to run certain automations and like build pipelines.
And then to deploy, sometimes these keys are literal keys like SSH keys, like a
Revy key. More often they're what we call like a session token or a short-lived token.
It's a, it's like a you off, you off in for two weeks or two days or two hours or whatever.
Either way, even if you have like 2FA, like hardware 2FA, protecting your authorization into your GitHub
account or into your NPM account or whatever it is, when you authorize a token and saved
your computer. That token is basically what you use to access these things for however long it is.
The next two hours, two days, two weeks. If your computer is completely compromised in the way
that DPRK compromises computers, that token, they take that token and they reuse it. And so now
it doesn't matter that you have MFA. It doesn't matter at all. They can just use that to basically
literally be you. You won't see attempted logins. You won't see anything weird.
happening, like they'll just go and they'll do whatever you want.
So correct me if I'm wrong, right?
But like, you know, in crypto, we have learned over time that after the fact, something
weird happens, right?
After the fact, like, we've learned enough to know, oh, shit, like we should probably lock
this stuff down.
Is it, is it possible?
Have you heard stories of like DPRK guys, the Zoom, Cole guys, Markers?
off teams guys pulling something like this off where like they have the whole thing and then
the compromise person doesn't realize that they got owned or is it like so obvious that like weird
shit starts happening or no so when the when you get on or like you get on the call with them
when you get off the call with them um you sort of just write it off as like the call didn't work
and like you experience difficulties and like you're busy and you have another call to go to
and you sort of forget about it then they'll sit there for you.
for like two weeks, three weeks, two months.
They'll come back like six months later if you let them.
You know what I mean?
But people are, you don't immediately see anything happening.
It's not like they're trying to log into your Google and, you know,
like you're not, there's nothing that happens until you literally wake up one morning
in the future and like things are just wrecked.
And even then the notifications are other people telling you that you've been compromised.
You don't have notifications yourself like any indication that you've been compromised.
Can you run malware bytes or something to this, like, Tay?
Like, let's say I'm just paranoid and I'm like, shit, but I have a fucking Microsoft?
How do I diagnose like my devices with this?
So after the fact with Axios, so basically what they did, they cover as a developer,
they push a malicious version of the code to the Axios package, which is a dependency
in like a bazillion other packages, like all of them.
And so then anyone who installed any of these packages or updated any of these packages or ran
like updated or were working on any projects that had these packages in them, all those people
were compromised.
And so one way to think about it is the normal mechanism that they use to compromise people is
they get one person on a Zoom call and they make that person run a command.
And that command then does all this malicious stuff and gives them like full access.
to the computer with the supply chain attack when they push that malicious code up then uh i think it's
like 100 million computers a week download this package right all of those people basically do the
same thing but it's automatic it's silent and it's in the background but it's literally the same code
that they have you run for the zoom it's just now like all over the place so in response to this like
if you're worried about this if you're coding if you have you know if you're doing like npm run stuff
ever. You can like Google it. You can look at there's like a bazillion blogs on it. There's like a
bunch of things that you can check. There's a bunch of different like little indicators. However,
to more important in my opinion, like to prevent this is if you're maintaining software,
the first thing is like you want to, it's called pinning your dependencies. Don't auto update
immediately. In the same way that you don't want to like update like your, you want to like let your phone
do like one version right get all the bugs out it's sort of similar that like you don't want to
necessarily pull um a dependency and update it the second it's updated give it a die the second thing
is um actually like you can go even further and say we like in in our repo like and this is
annoying sometimes because you want to push something and you get blocked it's like if something's
less than seven days old you can't actually have it in there at all yeah exactly
You can literally like say like there's a minimum age that you need for this step for you to even be able to push it in there.
And like you see it wrong.
So like one of my guys is like on Slack.
Yeah.
Like I just I need this.
Come on.
This is really important.
Give it to me.
Yeah.
Yeah.
Exactly.
And then yeah.
So with DPRK Malware, it's pretty sophisticated.
They evolve it pretty quickly as someone who looks at a lot of.
computers with this malware on it, the ABS is not going to detect it.
You can run malware bites. It's not. It's very rare that's going to pull it.
It's terrifying. We've had a few victims who have Sentinel 1, which is like an EDR.
So it's like a more advanced ABS. And in the past couple months, that hasn't even been
detected. So there in most cases with most malware, ABS is like great. You should
run your ABS. If you're on Windows, like Microsoft Defender's great. Mac, it's a bit tougher.
But if you have significant amounts of crypto, if you have a company, the answer is crowdstrike.
It's EDR. It's going to protect you. And they stay on top of things.
And the way that they sort of like, there's two ways to think about protection on devices, right,
on endpoints. The first is like, let's check a big list of hashes to see if it matches.
known malware, right? But if they change their malware at all, it's not going to show up in the
hash library, and then they're not going to detect it. And they're going to be like,
your computer's clean, even though it's not. EDR is, let's say, like, much more fine-tuned.
And so they don't really, they don't sit there and, like, look at hashes and like stuff like that.
They're looking for patterns and activity and behavior that your device is doing. That is not
normal and should not be done. So things like persistence, like some new, like persistence showing
up randomly. Open. Yeah, right. Yeah. And like with DPRK, they almost always have what we call a heartbeat ping.
It's your device pings out every 60 seconds and asks if there's anything. You literally go,
yo, DPRK, is there anything you want me to do? And then if they don't get a response,
it just chills for a minute. And then a minute later, it wakes back up and it's like,
yo, DPRK, is there anything you want me to do? It's like open claw for forever. Literally, forever.
And then turns out like occasionally DPRK will be like, yeah, here's a,
new malicious wallet, I'm going to take all your money now. Bye. That's like literally how it works.
So CrowdStrike and other EDR will protect you here. If you are not in that game,
my advice for open source developers and for crypto people is always the same. Have a separate
device. 100% like this like honestly like if you if you're in crypto and you have raised
significant money and you do not have a fucking pile of MacBook sitting around.
that you are rotating through, like, literally that.
I have that.
I have a-
This is how you operate, guys.
Each one of these is for a different thing
that I might need to do at some point.
Literally that.
I have a question.
I have a question because I'm a smooth brain.
I'm a lame in here, so like a lot of this stuff is like,
I need to go talk to some technology guys.
But nonetheless, is there a difference between Mac and Windows?
Is one easy to compromise versus the other?
Like, hurt for years.
It's like Mac is better, but is that just a farce?
Is that just like marketing?
No, it is absolutely not a farce.
Like, I'll let Tay speak to this.
But like, look, at the end of the day, if you're on a Zoom call with DPRK,
it doesn't matter what machine, you can be on a Linux box.
Like they'll figure out how to own you.
So, you know, there's some stuff that is like helpful there.
But if you get owned, you're going to get owned.
Like they'll, once they're talking to you on Zoom and you're clicking buttons that they're
popping up like it's over for you. But just in like general sense, no, like Windows.
Yeah. So historically, the reason why like malware was limited to Windows was one, there was like a
huge, just huge attack surfaces. Apple's much more opinionated and sandbox and it's like architected
in a completely different way. And so if you were a developer, you were not on a MacBook.
You're not on a Mac, period. Right. The Macs were those colorful things.
that the artsy-vartsy people used, not what malware developer people are using, right?
However, that has like completely shifted.
Most developers these days are running Linux and if they're cool, like I am, they run Mac because it's like a good intersection.
Like I like my Ux, but I also like to, it's just, it's max are so much better.
Like Unix is so much better.
And so because of that, the people that are developing the malware and also the people that they are targeting
with malware are usually on Macs or more often on Macs. And therefore, there's a lot more Mac
malware out there. DPRK is probably one of the most sophisticated in what I would call like Mac native
malware. They write their malware just for Macs because all the crypto founders use Macs.
And I want to ask you another question. I'm actually, I've actually never, I have a full-time
security expert on my team, but for some reason I just feel like really excited to talk to you guys
about this. I got an email and I just clicked a link. I didn't do anything. I clicked it.
Obviously, it was a malicious fishing. Like, how much do I need to engage with a fishing link for me to get
fish? Is it just, I clicked it. I'm fucked. Right? I got the Supermax set up. The, you know,
and all the missiles. Like, what do I have to do to fuck myself, you know, if I'm on a map?
Yeah. My language. So usually it's more than clicking. So usually there's you,
It's not necessarily like an EXC or something that you download and install, though, but usually
like you click on something, something else happens, and then you do something else. Maybe that's
something that like downloads. A super common one is what we call click fix. So it's like your shit's
broken, copy paste this into terminal. So you like copy, you copy this command and you put it into
terminal to fix it. It doesn't fix it. It's just malware. There's a lot of like,
you know, there are still sort of like installation ones.
Like if you install a malicious application, it can totally wreck you.
Typically we see these, like they're impersonating applications typically.
So like it's if you click like the top Google ad and download that and install that, it's probably malware.
If you just click a fishing link, general, like almost always you're going to be fine.
the problem with clicking a fishing link is you kind of go into autopilot.
And so if you don't detect, like once you're sort of in that mode, it's much harder for
you to detect the subsequent steps, if that makes sense.
Like if you don't, people who don't detect the email is suss, they're probably going to
like go all the way through and get mallard because each sort of subsequent step makes sense
and is sort of less suss.
The initial...
Once they're on the hook, they're getting real good.
Yeah. Right.
Exactly.
It's really hard to like...
You have to have a deep level of like self-control and like deep skepticism to be like
mid-fish and then be like, whoa, this is not okay.
Like it's just, it doesn't happen.
And so that's why like we, everyone always recommends like don't click.
Fishing wings don't, you know, you try to prevent that first step.
just because it is really hard to like back out of it.
I think I'm,
I don't think I've mentioned this here,
but, you know, in 2022, like late 22 into early 2023,
I had like four months where I didn't do a single crypto transaction, right?
I was like completely offline.
I come back and I'm like, let me check my portfolio.
Like how is it doing, right?
And so I'm like, uh, Zirian, D bank.
I was like, I'll go to debank.
So I'm like, debank, like, what's the URL?
And so anyway, so I Google debank.
And the top link is a fishing link.
And like my like skeptical brain has been switched off from like four months of like not living inside of like the hellish crypto world that we live in.
And so I click the incorrect link.
Open it up.
It looks like debank.
I start going through.
I click the
the Connect wallet button, right?
And then it pops up with
a signature request.
And I was like,
and this is why, like,
the interesting thing here,
this is why the like sign into Ethereum thing
is so fucking retarded
and I hate it so much.
Because I was like,
oh,
they've added sign into Ethereum.
And I'm like,
I was so close to pressing it.
And then I was like,
oh, wait a second.
No, no, no, no.
This is wrong.
And then I looked at what the actual signature was, and it was efficient.
It was like a drainer.
It was like 100% a drainer.
And like, it's so easy to just like, and all it took was me like not doing stuff for like a couple months to completely forget how to protect myself and almost get fucked.
You want to hear a crazy one in 2023 when we first raised our round.
There was, we were accepting investment checks in crypto.
and one of the VCs actually got hit with a man in the middle attack.
So they sent us $2 million,
but what they actually did is they sent a dude in Nigeria $2 million in USC.
And this is like while the whole world's imploding,
and me who's never raised money in my life,
I was so stoked that I was starting to get checks through the door.
When the $2 million got stole,
basically somewhere within the email chain,
the guy adjusted because the person's name had like an eye in it.
They did the whole L-I, right?
So they changed it.
And they were kind of messaging our lawyers direct.
And then kind of changed the receiving address.
They sent the $2 million.
I was like, so am I still getting the $2 million?
I ain't to ask.
Two million dollars would go a long way right about now.
You know, can the money still come through?
They're like, yeah, we have insurance for it, whatever.
But poor VCs.
Yeah.
And this guy had like $200 million.
Was this African guy in Nigeria.
He had his face associated to his wallet.
He was like, it was the most insane thing.
Wait, have they got this guy?
No, he's in Nigeria.
He's like a hundred armed guards around it.
Like they did a whole, I've been following up like every four months about the story.
Oh, my God.
Wow.
All right.
Yeah.
Yeah.
So it's all this is.
Look at this is like one of the most prevalent scams.
I think pig butchering wins now,
but it's called what's called business email compromise.
It's a stupid name.
It's BEC.
We need a cool name.
We need a cool name.
Because you're like,
what does that mean?
Yeah,
they have all these mechanisms where they get,
exactly like Lucas said,
they get in the middle,
right?
And then they sort of like change the parameters, right?
And so sometimes,
and they do it in all certain ways.
They'll compromise accounts,
which is what it's called like business email compromise.
They compromise the business account.
Sometimes though, they just, yeah, they'll like, they'll get on the thread.
They compromise someone else and they'll put someone else on the thread.
And then, yeah, they have all these different ways.
But ultimately what happens is that when push comes to shove and you're exchanging information so that the payment, you can send the payment that the number, the address, the routing number, whatever it is switches.
And they do it with like traditional things all the time too.
They'll switch out the wire instructions.
And yeah, it was like, it's super prevalent.
Very Nigerian.
Just on the topic of drift.
And just like, since we're going down this rabbit hole, I appreciate me to school here.
But like, for example, I have a lot of money in juke and juke lend, you know, Juke Salonah DFI.
Obviously, had money in drift.
Actually, I just hated the U.S.
I thought the interface was so annoying.
And so I moved it out.
So thankfully, I'm like not directly compromised.
But in the spirit of contagion, obviously I saw some.
JLP, $50 million of JLP. Does that affect me as somebody who's on Juplend? Like, am I going to log
into my account and see less monies in that account? How does contagion work here? And is there
contagion? But I mean, the risk, the risk with these sorts of things, uh, typically is that they're
going to try to get whatever funds they can into something that they can launder. Right. Um,
So, you know, the risk would be that they've got a token, you know, a large amount of a token that they're going to dump and then the token drops in price, right?
Probably less likely that they have a token that's like being used as collateral for a bunch of things.
They dump that.
Like this is possible, right?
Like the nightmare scenario is like they compromise one thing.
They get a bunch of tokens.
They dump it.
That causes, you know, a bunch of positions that were otherwise.
solvent to become insolvent. So like there's you know,
composability is a brutal thing. But it doesn't look like on the face of it that like
JLP, JPLN like I think from like a liquidity perspective, I think they'll be fine.
They've got a lot of liquidity there. So. Yeah, that's my I think it's and I everyone's
working really hard to contain it further. And I will say that for as bad as like sloth
is generally a key management type stuff. They actually do have a lot of policies and controls on the
like liquidity mechanisms. Don't know why this is. But okay, I'll take it. So they I don't, I was reading
some stuff earlier today on or like an hour ago on the different things that they were doing. Like
it does seem like there's some like liquidity stuff and they're taking action. So hopefully they can
contain it.
USCC has to be super fast to move here.
I mean, in a world where you have a certain one that can freeze,
I feel like Jeremy and crew just need like 20 guys lost.
Yeah, the problem is that like USC is just not it.
Like they just don't.
They're not going to.
They just don't.
They like, and I haven't really heard a good explanation for why.
they're so hesitant to freeze things?
I mean, it's, to the point like, they've, they've just delegated it.
They, they say, instead of having internal policies and making up our own mind and controlling our
protocol, we're going to just, you have to make the U.S. government forces to do that.
And personally, I think that's a stupid, the stupidest position that you can take.
You're begging the government to enter your stuff.
You've deliberately given up the sanctity of your protocol.
the U.S. government, but most importantly, just because a judge signs a warrant doesn't mean
that is true because this is crypto tracing. You can convince a judge to sign this stuff because
it's crypto tracing. There's very few experts in this. When we're talking about complex stuff like
this and emergency orders, it doesn't go together. So you have two approaches. One is you do it like
tether does and you actually have a team of people who they have very like the thresholds that they
require to freeze are high it's not like they just run around freezing stuff but they decide their policy
circle their policy is if a judge tells us to freeze it will freeze it so in instances like this
it's a low most minuscule risk right big hack known very very public hasn't moved yet it's in the address it's in the
direct theft address. It's all over Twitter. It's everywhere. If you can act quickly enough and freeze it,
there is almost no risk because there's just like so few places where it could like somehow get
into a legitimate person's hand. And you know what? If somehow this like wasn't a hack or something,
you can remediate it pretty quickly. You can unfreeze things. Like we're not saying like new new kit
from space and like burn the money that's in the vault. Like it's it's kind of crazy.
The whole position of circle here reminds me a little bit of like early defy.
Like code is law, bro.
Like, except they're like law as law.
Like we only respond to the law.
Like we have no ability to respond to anything other than the law.
It's like the absolute like antithesis of crypto that's like we don't believe in the law.
We only have code.
And so there's nothing we can do.
But like both of them are just not defensible positions.
They're not.
They're not practical or.
pragmatic positions that you can really hold, they're like insensible. And, you know, at least
the defy people have been like, okay, we kind of realized we were retarded. Like circles still like,
nope, no, no, law is law. That's it. Um, yeah. All right, let's, let's quickly dive in,
because we have some details here now of, of what's happened. Um, let's dive into the actual
mechanics of this thing. So, um, it seems like, uh, there was an admin,
key that was compromised that then locked drift out of the admin functions so they couldn't freeze
the contract. That in and of itself feels a bit strange because my assumption here is it's not a
single sig situation unless unless and you know this is this is something that actually
hasn't come up for a long time but like um and we used to have these like single sig freezing
contracts like lot like one person um like back in the back in the olden days right like one person
had the ability to pause the contracts for a period of time or freeze the contracts for a period of
time this was like a you know like if you can't raise everyone on the multi-sig quickly enough
you can pause the contracts and then you can unpause them.
We ended up walking that back because it was like too risky for reasons.
But like there was a long period of time where like on this synthetics multi-sig,
any one of the multi-sig holders could freeze the contract for like three hours or something.
And then if they did, if they're compromised, if three more people could come in and unfreeze it,
could like override it.
So maybe there's something like that going on where like they have some like emergency freezing
function here. So the admin state in the core program got updated. They created a new market for
CVT. They increased the withdrawals, began draining all the pools, obviously once they presumably
pumped that token, and then they breached out. So the admin signer was compromised or
someone intentionally did that. That,
feels like just a like vanilla key compromise realistically.
I mean, I know it was, there was, it's definitely a multi-sig for what it's worth.
I don't know what the thresholds are for sure, but like it's definitely a multi-sig.
It's interesting that.
So they compromise the, they compromise the admin and then they had to do these things.
But it wasn't as simple as just taking the money out or sending the money.
by bit situation.
They, yeah, so you have this new market.
And then remember when I was talking about Salana has all these policies?
That's what I'm talking about, right?
So they had to update.
They have a threshold.
They have like a limit on how much money can move at any given time.
However, that limit can be changed by the multi-sig.
And so the attackers had to compromise the keys, figure out what they were going to do,
and then create this new market and then like,
which create the new market, update the thresholds.
Update the parameters, yeah, yeah.
Otherwise, they were going to be limited by what they could get out.
And then I guess actually execute it, right?
Actually get, pull the money out.
I mean, I'll say this, as far as key compromise hacks go,
they had to do more work than normal.
So yeah, I'll get them that.
It feels unusual.
It's not like, there's not like a one shot like.
Yeah.
Yeah. This is, yeah.
So that's my optimistic take is like, this is, this feels like progress, guys.
Like, we're progress, like, we're evolving.
We just need to, you know, we need to iterate a bit more.
And especially, I'm going to just say it again, like, the number one risk, no matter who you are,
the number one risk is your device getting malware on it because once it's on it, like,
they can do anything.
And I don't know if this is malware 100%, but like,
Like it is certainly looking like that's going to be what, you know, sort of at the root of this.
So, so this is this is the second time that drift has been packed as well.
I think there was, there was like a 2022 vault draining, like similar vault draining issue where collateral was inflated and money was taken out.
So yeah, it's not, not amazing.
Not amazing.
I think the interesting thing, this definitely doesn't feel like a vibe coding.
Like it's not like a hack.
There's a key compromise, right?
Like they didn't find some exploit in the programs that allowed them to like,
they've just changed parameters and made a thing and, you know, had admin control.
Yeah.
Isn't DRK.
The typical process, though, would be like, logically, the hacker, if it was me and I did this, right?
Like, I wouldn't, you know, most of the time guys take the 10% and, like, are stoked, right?
Yeah.
Usually how that goes.
Yeah.
Okay.
I'm sure they'll try to offer a bounty, but, you know.
Yeah.
And they should.
And they should.
I mean, they should secure everything first.
That's how these things work.
Secure first, secure.
Prevent loss.
Limit, right?
then sort of collect your wits about you,
then,
you know,
figure out what you're willing to offer and what,
you know,
if it's even possible.
Just offer $20 million bucks if you have the money,
if it exists,
like if the whole,
you know,
if there's a compromise that can ruin your entire business
and draw it down to zero,
take 80% of balance sheet and throw it off as a bounty, bro.
Yeah.
Better.
And we,
we try.
We try to, so I think one thing that people, I guess, don't quite understand is like, there's two type of hackers in the world.
Like those who are going to negotiate and like it's even possible and those who just cannot.
If the hacker is someone who is like willing to negotiate, then everything's on the table.
In most cases, like they're just not.
And so, like, in the case of DPRK, it's not because DPRK is, like, special.
Like, no, they're humans too.
Like, you can totally try to negotiate with them.
The difference is that DPRK operates as, like, an organizational unit with hierarchy.
And so the people that you need to approve the returning of the funds are not necessarily
the people that you're speaking to and are not necessarily even, like, looking.
Whereas with, like, a DFI hacker, it's all one and the same.
So if you can convince your hacker, right?
then you can maybe get the money back.
So it'll be interesting.
It'll be interesting to see what comes here.
With these hackers, though, I'm sorry.
I'm sorry for keeping this.
Like a choose your champion.
Like, Kane, do you have a hacker that's just better than anyone else?
So if this guy came and he and he hits you, you know, let's say just theoretically,
let's say, let's say Infinex got popped.
God.
Yeah.
Right?
Do you have a guy that you can call and be like, look, man.
million people on the table
finance.
So,
so,
so I've got a few,
I've got a few people
that I would probably call
in that situation.
And again,
you know,
I don't have any paratroopers
that are going to be willing to like
airdrope themselves into North Korea,
unfortunately.
So if it's DPRK,
then like I might be going behind enemy lines
depending on how big it is.
which like you know if it was big enough i probably would you probably find me like sneaking
across uh north korean lines and uh and try to get these guys i my friend who's over there i think
i could probably compromise him and uh he wants to become a life coach i'm like that's my angle right
is is compromise that guy and and and say i'll smuggle you out but you got to get me in first um so
i will by the way i would i would i would love
love to see like the cane the cane DPRK guys life coach business art play out like that would be like
it would be amazing right highlight of my fucking life bro yeah yeah so so yeah that's my that's my
angle i would i would definitely reach out to him and be like all right let's let's figure out
like i'll get you out of there we can do this um so um but yeah i think that you know there
there are definitely people who help in these sorts of situations for sure um yeah yeah
That's what I do, guys.
That's why I'm in a freaking hoodie right now.
Looked like a mess.
Literally.
So if you come to Seal, I'll just show it.
See all 911.
It's literally, it's like 50 people who are just like super experienced in all different
things.
I'm one of them.
I'm not on every incident and I'm not capable of being on every incident.
But some incidents, I'm so on because I'm good at that.
But then if it's like smart contract stuff, like we have like, like Sam CZ San is
he just like knows
smart contract so good
we have a whole bunch of them
like all the guys that
wait a state are you a part of the
infamous seal team 911
or yes
no way
we're on the
yeah we're on
we have a podcast with a Nate
with a seal
yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah
yeah yeah yeah yeah yeah I'm in there
I spend way too much of my time in there
okay so
I'm calling
yeah so but also like we have
Like if you can just get like fish, you get drained, something suss is happening.
Like, dude, we have so many different people in there.
It's not just like the smart contract guys or the malware guys.
It's like we have tracing people.
We have the fishing people, the people that are like deep on the drainers.
There's so many different people.
And so if you ever literally anyone listening to this, if you ever like need help
with anything that's like slightly security plus crypto, like you need guidance on where to go
or something bad happened.
you don't know what to do.
Seal 911 is literally, it's like just a group of people that respond.
The odds that you have anyone better than Seal 911 is zero.
You just don't.
Like, even if you think you're like, I've got a guy who really knows security.
You don't have that guy.
You guys get a T, or how does that work?
We're donation base.
So you have to donate to us.
Otherwise, we have to get real jobs.
Do you guys have donations or is this like a?
Yeah, yeah.
I'll link it.
There's like, there's a donation.
address you can just like send money the address or we there's like a page I'll find it there's a page
somewhere that you can donate to like in you know whatever ways you for this not donation send me the
send me the link all right deal let's go yeah and then I'll save I'll save your butt lucro when
something bad happens I'll be here for you god willing it that never happens but I will say to
this point okay I'll give you guys your flowers I mean to to Kane's point you guys are
spoken about through the dev circles extremely highly. So kudos to you guys for saving the space.
Yeah, I mean, we are so lucky that this is like such an interesting coordination problem, right?
Like there was a period of time where, you know, I would end up in war rooms, right? And like,
I was not the guy that you wanted in a war room. Like, what the fuck am I going to do? Right. But people
would be panicking. Like when BZX got hacked for like the seven time or whatever, I was in there.
Like I've been in so many of these and like, you know, what would happen is you would be lucky if there was like one person who had some idea what was going on.
Like, you know, when Sam CZ Sun sort of stepped up and started to like, you know, save the world basically, like you'd be lucky if he landed in there.
And then the goal was like, know someone who knew him to be able to pull him in quickly enough to kind of try and help you.
Like that was like the early approach to this.
And then I remember Medi from Sigma Prime was like, hey, we're like getting a posse together.
And I was like, oh, that's a good, that seems like a good idea.
And yeah, it's pretty crazy that this even exists.
Like as a coordination problem, like it was really hard to know who to talk to when you're panicking and the world is on fire.
And now it's like at least there's like a very obvious thing.
Like go and hit these guys up and they will almost.
definitely be able to help you. And there's a business out of this day. You guys need to create
like a security engine. I feel like as these cases, oh, okay. I should build like a, no, I'm serious.
This is like a whole SaaS business for you guys that I feel like it's super proprietary to like
this skill set and then just be like the security and girl too rich, Luca. That's the thing.
Yeah. I am, I am, I am. I. There are people in Z-all 911 though that like, I'm like,
you should like I'm not going to say this because like they should be there because like they
they help me yeah yeah they are not like OG crypto like I am and so yeah definitely the donations
are definitely appreciated and it helps it mostly helps because you have to find the balance right
you have to find the balance like this it's a hundred percent volunteer um even those people who
have like jobs that they're working they're dedicating like they're
pulling themselves out of that job to, like, do, like, three-hour shifts or four-hour shifts
every day or every night or whatever, or to just be on call for emergencies.
And that's in addition to their work.
And so they're, you know, it's a huge amount of effort in Strauss.
Like, there's only, like, certain types of people that do it.
And I'm one reason I'm so grateful to the online one wouldn't exist, though, is that it used
to be that if I got put in a war room, I did not have a choice.
Like I it was like okay drop everything right drop everything and help these people because like who else is in this room?
I don't trust anyone in here.
I don't know anyone in here.
They're a mess.
They need help now when they come to see online one if I'm like if I'm like literally driving or like with my daughter I don't have to respond because there's so many other people who will.
But then in return when I you know like I was sitting outside enjoying the sun and then the drift thing happened.
I'm going to join that room, right?
And so that's how that's sort of how the like scheduling works.
It's like you all, you'll do it when you can, but you don't have to do it when you can.
Is there like a team?
Like, do I have to pass a test to become a seal?
You have to be certifiably insane, Luca.
There's a test.
You probably look at a negotiator on behalf of the seals.
If you needed somebody to go in.
All right.
Next time we need a negotiator.
let me all try to pull you in this yeah penguin guy a little disarming the penguin guy yeah
like get luka in here they'd probably be they'd probably be flattered if it's not tprk they'd be like oh i
get to speak to luka that's that's a good deal luka comes in like i might i might do a deal here
i got you but you've got to give the 200 million back yeah we'll get you some uh we'll get you some
Pudgy merch if we can close this deal.
Let's do a deal here, guys.
Let's close this out.
I love it.
I'm doing someone and take 20 instead of 200.
I'm very confident.
All right.
I'm serious.
Next time there's an opportunity to leave.
Oh, I swear.
Plug me in.
You have my phone number.
Like, I would love to do it.
All right.
Okay, let's go to ads.
And then when we come back, we're going to talk about Claude Code source leak.
Yes.
For a C.
Infrastructure shifts of the century.
technologies are using more energy than ever before.
But our legacy grids can't supply the demand, and we are barreling towards a global bottleneck.
So Fuse is rebuilding it.
The energy network is an intelligent, decentralized grid that coordinates smart devices to balance
supply and demand.
The network harmonizes existing infrastructure, increases grid capacity, and unlocks low-cost,
clean energy.
dollar is the native token of the network. The more electricity the world needs, the higher the demand
for the energy network, the value of energy dollars may fluctuate from one of Europe's fastest growing
energy startups. Follow at Fuse Energy on X to find out more.
Multi-chain Advisors is an emerging technology growth firm that has helped create over $50 billion
in enterprise value for more than 80 clients, like Pith, MoonPay Commerce, and
and wormhole. They've worked with some of the largest and most impactful companies in the space.
They're the partner you want when you're navigating markets and trying to break out from the noise.
They help navigate TGEs, go-to-market, BD and partnerships, Capital Markets Advisory, PR, media placements,
KOLA activations, and more, driving execution from launch to scale.
Their results are measurable. To learn more and start building real traction today, visit multi-chain adv.com.
All right. And we are back. So ClaudeCode SourceLeat. This happened yesterday. Speaking of like,
I was at my kids running event, their cross-country event. And I was like, what is happening?
Like, this is crazy. So the source code in Claude Code was leaked. I saw something, but I didn't,
I didn't have a chance to confirm it,
but it seems like maybe the code was sitting there
for like three months, checked in,
and no one noticed,
which is like a level of like security through obscurity
that is kind of wild.
So there seems like there were a couple of things
that happened here.
There were like a couple of bugs,
but also maybe someone was using sonnet,
that should have been using Opus.
And Sonet was like, oh, this seems like a good thing to do
and just checked in the code.
So yeah, there's already people that have taken this
and rebuilt it, like, built their own forks.
Like it's been ported to rust.
Someone had a, there was someone who had a pretty interesting comment
calling it a code laundering factory.
And they were like, it's funny
that the code laundering factory is being code laundering factory
is being code laundered right now, which I thought was kind of hilarious.
So I think there's a couple of like threads here that we can pull on.
One is agents are fucking dangerous, like so dangerous.
Like this is crazy.
The people who should be like the absolute best at wielding agents.
And this is like there's a tension here, right?
because on one hand, they are the best, clearly, at wielding agents, and they're just YOLO moving so
fast. And you can see it in the code. Like, when you look at this code, I was saying before we went
live, it is exactly what you would expect. It's like just like shit thrown in a bucket in like a
crazy wild. But like the best coat, like this is some of the
those valuable code in the world that has been written by agents at an insane pace and is so cobbled
together and slop filled and yet it works. It's like it's like this is the new reality of like the
world we live in. And you know, Boris Churny had a was on the Y Combinator podcast this week. And he was like,
there is not a single line of code in Claude Code that is more than six months old.
And it's now like 14 months. So just like let that sink in for a second. So on one level,
I'm like, this guy's a fucking mad genius. I love it. And then the other part of me is like,
that is the most petrifying thing I've ever heard of. Like it is so unstable as a code base that
there's nothing left. Like how could anyone possibly reason about this? And,
the answer is clearly they kind of can't, right?
And, you know, yeah, like I just, I don't know.
It's, it's, it's pretty, it's pretty crazy.
The second thing, I think, is that this is not even like that big of a deal.
Like the, like the fact that the code is so,
uh, ephemeral. Like in three months time, it'll be a totally different code. Like, it's actually,
like back in the old days, right, the value of code was so high because it was so expensive to do it that
if you built the best code base in the world, which at the moment, arguably Claude Code has got to be
top 10, right? The effort of building that and the effort of like, you know, maintaining that would be
so high that like it's just incredibly valuable.
And yet here we are.
It doesn't even matter.
It's like not even that big of a deal.
Okay.
What is what got revealed in the code though or by this league?
Like what was like the juiciest thing that you saw?
Because I have not gone through it, Kane.
I am, I've been busy and I'm sad, but like I've been reading it a bit and it seems like
it's so exciting.
But nobody has said like, this is the thing that whatever.
This is it.
I think it's one of those things where genuinely there's too much.
There's too much that, like, is in there.
There's weird little nuggets of, like, and also it's hard to reason about.
Like, no one has yet really, like, the fact that it's been ported to rust before anyone
knows what it does is like such a sign of the times that, like, I just don't even know what to say, right?
But there's been a bunch of, like, little things that have been really interesting.
like little the way that the way that tool use works in there, the way that they have these loops,
the way that they're like token caching works, they've got all these like token caching efficiency things.
Yeah, it's pretty crazy.
Like I think it will take a little while for this to get kind of fully deconstructed.
There's been a couple of post-mortems of people that have been.
been like, here's everything that's in there.
But, but yeah, it's, again, it's like, it's what, like, imagine if the source, imagine if in like
2004, the source code of like Microsoft Word got leaked.
Like, it would be, and I'm sure that like something like this has happened in the past, right?
But like code used to be so much more valuable.
Like the fact that we're all just like, like, what's interesting in there, not like what is the business impact is a bit crazy to me.
But again, like if they can't figure out how to keep their agents under control and not check in their entire code base and have it be sitting there for three months, what hope does the mere mortal team have?
So yeah, you don't.
You don't.
But I mean, right, like the story here is it's the story.
source code, not the way all access to all of Anthropic as an organization.
The weights are not there like secrets, I guess are not there.
No, it's just it's like so the interesting thing is this is their harness, right?
Like Claude code is just a harness the model like the Claude model Claude Opus, Claude Sonnet, like that if, if the weights were leaked, that would be a different story.
Right.
Right.
China, China was paying.
Uh, however.
many like tens or hundreds of millions of dollars to try and these like large scale distillation
attacks, right, where they like go and interact with the model a bunch and try and like work out
what it's doing. So, you know, there's a bunch of industrial espionage things that have been
going on for people to try and get the weights of the model, right? Like the value of the value
of anthropic is based on the models, not on this harness. But
arguably there is like a symbiotic relationship where like everyone's using Claude Code because
it is the best harness for coding at the moment.
You know, Open AI is way behind.
Interestingly, Open AI from a model perspective, Codex 5.4 is a better model in Opus 4.6.
It just is.
It's better.
They've tweaked it.
It's faster.
It doesn't do the nonsense that like earlier versions of Codex were doing.
It's much, much better.
But the codex harness is like definitively worse than the code harness.
The interesting thing is now you can have a situation where you can use codex inside of the
called code harness because people have already hacked it so you can just like plug any model in,
including local models. So, you know, the the agentic coding stack, right, is made up of a bunch of
things. At the very bottom of the stack is this ball of math. The math bowl is like the thing,
the weights, the training, the training data, that's the thing that costs like billions of dollars
and like giant, you know, data centers to produce is like the math ball, right? So as long as the
math ball is secure, you're kind of okay. Then above that, you've got like the system prompts and
the fine tuning and all of the like layers on top of it that the frontier labs add to make it do things.
right now one of the interesting things is you also have a system prompt inside of the harness right
and so people have been reading the system prompt and it's quite hilarious like we should we should try
and pull out some of the uh the things here because like some of like there was someone who was like
it literally just like repeats over and over like don't do illegal things and it's just like say it
like 10 times and it's and it's actually hilarious because like the state of the art
of stopping a model from doing bad stuff
is say it as many times as you possibly can.
And like clearly this brute force approach of like
just everywhere, just keep reminding it,
don't do illegal stuff is like the state of the art
of like getting them to not do illegal stuff.
So probably one interesting thing is,
once you know what the system prompt is,
it's much easier to circumvent it.
And so this will, now we've seen,
earlier Claude code system prompts.
Like this is like the thing that sits right above the ball of math, right?
Get leaked.
There was one that got leaked like a year ago.
It was like 300 pages of like, you know, it's like a spell.
It's like invocations of like, hey, math ball, don't do this stuff, do this stuff,
whatever.
Right.
So you have that.
And then you can take a model and it's and all of the like reinforcement learning
fine-tuning, all the stuff that's happened. You can take that model and it's system prompt,
and you can use it raw without anything. Like, you can literally just like talk to that thing
and ask it to do things. And it will not be able to do much because it doesn't have access to tools.
It doesn't know, like, you know, it could like kind of from first principles work this stuff out.
But you have to put a layer on top of the model itself that gives it.
all of the things that it, you know, can use to actually do stuff, like writing, you know,
scripts and, and like, you know, doing Git commands.
Like, it needs to know all of that stuff.
It needs to know how to do it, why to do it, when to do it.
And so all of that is basically what's in code code.
It's what makes it really good.
Okay.
And so, you know, arguably you take the lessons from this thing.
And, you know, one interesting thing about this is that each model is quite idiosyncratic.
Like, they're quite idiosyncratic in terms of, like, what prompts work on them.
Because the math bowl of the bottom is, like, completely inscrutable.
No one has any idea how that works.
Like, it's like no one in the world who understands what the fuck these things are doing in the bowl of math, right?
It's like literally just like from, like, iterative testing and, like,
poking it that you work out like how it works, right? And so the system prompts and all of these
harnesses and all of the tool use and all of that stuff is quite different for different models.
Different models have different needs and personalities and stuff. And so you can take different
models and plug them into a different harness and they work quite differently. It's not like
a very like, you know, deterministic thing, unfortunately. They're quite, quite stochastic. So
what will be interesting, I think, is everyone taking all of the tricks and their tricks, right,
because they're hard-earned empirical data that people have been able to kind of extract from interacting with these models.
You can take those tricks and you can apply them to an open source model now.
Like all of the tool use, the harnesses, the loops and all of the things that Claude Code has done.
And so arguably this would be very good for open source models because they will get much better as people like,
figure out how to apply all of the hard one kind of learnings. But the, the, the, the, the, the kind of,
I guess, frustrating thing and dealing in, like building in, like building harnesses,
um, is one of the most frustrating things because every three months, everything you've done
gets invalidated. The new model, like, and my guess is that Anthropic will release a new model
very soon, like in the next week. That's my hot take because, um, that model,
will probably invalidate all of the random shit that was inside Claude Code because it'll just
do things in a very different way and react to things in a different way. And they probably have
a different version of Claude Code that's already been kind of fine tuned for this new model.
And interestingly, we saw the leak of that, right? There was the Mythos leak where they accidentally
put up the website of like, here's this new model coming. So yeah, my guess is that we will see some stuff
happening over the next couple weeks.
And then as soon as Anthropic does a new model,
then open eyes, force to respond, and then, et cetera, et cetera.
So yeah, well, it should be,
it should be a fun couple of weeks from here, I would say,
based on the fallout of this situation.
Okay, that was amazing.
This is amazing.
And yeah, I think you're probably right that if you can just change, like, the model,
make all this, like, slightly irrelevant.
However, I think there's going to be a next thing,
There's a net benefit for the world here, right?
Because all these different people who are trying to build things and like built really
awesome tools, being able to just have this insight, even if you can't copy paste it, right?
The insight is like remarkable.
We don't call it copy pasting.
It's code laundering now.
Sorry.
That's the new term.
But like, okay.
So like genuinely though, right, you can point an agent.
at this code and especially an agent with like a million context window, right?
Because there's only 500,000 lines of code.
It's actually not even that like crazily large of a code base.
You can point an agent at this and be like, do like do this, do this thing.
And it will from first principles just like rebuild that thing in like a different language or whatever.
and and this is like probably one of the most weird things that like my experience over the last
three months has been that you're using software and it's open source software and
like this like so the one of the best open source tools that's come out in in the last like six
months is this thing called QMD the guy from Spotify Toby built it and it's a
It's basically like a search engine for documents that you can run on your local machine.
But like everything, it's like slopped together in like 20 minutes, right?
And so there's a bunch of things that like, if this were an actual piece of software,
you would never build it the way that it's been built.
But there's like huge gaps, right?
So the other day I was using it and I was like, why can't you can have different collections of data, right?
So you got like a collection of like all of your,
coding files. You have a collection of like all of your crypto related stuff, right? But when you go to do
the re-embeddings, which is like basically create this vector database that the agents can search
with, it forces you to re-embed the entire thing. There's like no fine grain controls, right? Now in the
olden days, you would just have to deal with that and it would be an annoying thing. Now, I literally
just said to my agent, I'm like, can you just make a flag that like allows me to pick a collection?
it's like yeah sure and it just does it and you just like change the software this like like i have
no idea how any of that stuff works and you can just tell it to change this open source library and
like fix it and it does it it's crazy amazing so um so yeah i think i think like the the odds that we
see uh kind of massive improvement and proliferation in like a bunch of
other harnesses based off this because there's so many little like tricks in here that will be
useful for almost any harness.
I think we're going to see a bunch of people adopt some of these tricks and, yeah,
shit will get better.
Awesome.
So yeah.
Anything?
Any hot takes?
No hot takes.
Not on this.
We've got to get your vibe coding, Luca.
We're going to get you.
We're going to get you in there.
I'm, you know, I'm vibe speaking is what I'm doing.
I have the one-click double command.
Nice.
And it's starting to, and I've got terminal set up.
Look, I'm, I just, I need to do what I'm good at, right?
And like, I'm not going to go into an arena that I'm not necessarily,
but I have all of my guys around me becoming super experts.
So as long as I can project and articulate the idea,
my guys, like I have like a little setup in my house with a couple guys who just come here every day
and I can delegate accordingly because I tried to do it. And then I read and then I read a book
that like really aligned me in something that like I didn't really like be, I wasn't really
honest with myself, which is like just do what you're really good at. I've old something with
numbers and and words on screen. It's like a form of dyslexia. I don't really think it's dyslexia,
but I start to get confused after a certain point. And I've never been able to.
to like train my brain around it. So I have terminal. I have actually deployed an app. So I've
gone as far as doing that. Right. An icebreaker's app and actually a Pudgy Penguins app. I thought
I can do a couple things. But I'm going to leave it to guys who are a lot brighter than me. And as long
as I keep the mind sharp and articulate what I want, I think that's going to be, that's my superpower.
Yeah. I think so one thing that has been really interesting in, in the way that we've, we work internally now is,
this idea, my head of engineering kind of coined this term of like shifting left, right?
And what he meant by that or what he means by that.
And I kind of interpret it however I feel like, because that's just,
he's like, that's not what I meant.
And I'm like, no, no, it is.
Like, it's what it's what it is now.
So, so basically the idea is that you used to have to have an ability to like understand
the code itself, right?
there had to be a shared kind of mental model amongst the engineering team of like what does the code do right what does the code do why does it do it what are the patterns and if you didn't have that shared mental model you wouldn't be able to work as a team effectively and so like one of the goals of like a head of engineering was making sure that he kept that mental model of like how the code worked why it worked like stable as stable as possible right and so now
because humans aren't writing the code, you have to shift away from this idea of like a mental
model about the actual code itself and more about like the planning around the code, the intent
behind the code. And so this idea of like shifting to planning. Now, the interesting thing about that
is that actually makes your life much better. Like you as a non-technical person, because you know
planning. You know what you want to happen, right? And so the question is, how do you now,
Now, instead of defining what the product does in code, you define it in a plan.
You define it in like a set of like requirements and and like user stories or whatever.
And it's like as a user, I want this thing to do this.
You can hand an agent that user story and it will cook on that easily, right?
Like so you can actually kind of collapse the, you know, it used to be you walk in a room and be like, guys, let's go do this thing.
right and then someone would have to translate your this thing into like a spec and then someone
would have to translate that into code and then the code to have to be deployed now like it's all
been collapsed into like just just a magical box and you can say hey I want my users to be able to do
this thing and it's like sure thing it's done and you're like okay cool what's next pain do you know
your archetype no no we should study this is actually a huge game changer mine is an iMTJ so i'm an
architect so it's no better time to be an architect.
The gaps of the architecture or the plan is easy.
But Kane, to this point, actually my last piece of alpha,
that I'll give this conversation on this specific day.
But understanding each of one of your employees'
archetypes, because you'd be surprised how addressing
problems in different ways can get to the end conclusion a lot easier.
So for example, I'll throw Peter under the bus.
But Peter is a very ego-driven archetype.
I won't share his archetype.
But basically, you can't tell him something sucks.
So I'm super pragmatic.
I'm like, that fucking sucks.
But it's that goes down, right?
So understanding his archetype, you've got to kind of lead him to the problem, right?
Versus like other archetypes.
You can like, it's fucking sucks.
And I'm like, okay, it fucking sucks.
I'm sorry.
But they, you know, they'll adjust to the problem.
And I found that in the scope of 16 archetypes, you'd actually be surprised, like, our whole organization and our leadership.
and how we actually address problems internally completely changed.
We hired some girlfriend McKinsey to teach us how to be executives.
And that was one of our exercises.
It was one of the best exercises we ever did internally.
So something to share for all the entrepreneurs listening.
Know your employees' archetypes and address problems around their archetypes
or address things, whether the problems or solutions or plans based around their archetype.
Because different people processed, like, for example, I had this, like, high,
throughput, you know,
motivational, like, passionate way that I
speak, devs hate that shit.
They listen to me.
They're like, this guy is the fucking
worst. I come up like a
charlatan to these guys. So now I just
like, I actually came to the conclusion
that I just can't speak to devs.
Lorenzo speaks to devs.
Yeah, wow. The organization. But it's interesting
because you just find that
these little structures on how people's brains
are built are actually
like a root of
of so much on how your organization functions.
It was actually one of the most fascinating things I found at my time at public.
No, it's, yeah.
Because it reminds you that, like, your brain is different than other people's brains,
which is so easy to forget.
And, like, then you just, like, spiral out of control.
Really easy for you to forget that if you're autistic.
Yeah.
But, yeah, my dad used to describe it as, like, it's not.
So, like, you have, like, doctors, like neurosurgeons, right?
like really high like their brains are next level shit the nurses are are not just there to like
do the grunt work like a lot of people think like that's like this much of their job the majority of their
job is like translating the huge gap between like the patient and the doctor and doing that
it actually unlocks the doctor to like basically allow them to be like super smart and like
operate on brains or whatever um and then also like
allows the patient to like be a patient and not have to like be worried because the doctor doesn't
know how to communicate you're going to die but not today and so like the like that was like a
really helpful analogy for me because it's like I don't know a lot of times people think it's like
for someone else or for some no every there are so many situations where everyone benefits by
allowing people to like do the things that they are best at and not making them waste their time
things that they're not messed up. Awesome. All right. I think we can wrap it up here. We're coming up on
time. So, um, oh yes, I've got to go. You got to go back to the war room.
Yeah. All right. Um, I have, oh, there we go. That's it for this episode of Uneasy Money.
If you enjoyed the conversation, follow the show on the Unchained Feed on X and subscribe wherever
you listen to podcasts and if you're watching on YouTube hit subscribe and drop a comment it really
helps the show reach new people um it's been fun guys awesome bye