This is how your funds will be stolen! No key management on #nostr ! Assume that all of our keys are compromised!
Also, you funds can be stolen by a mints because not your ๐ not your sats ๐ View quoted note โ
Login to reply
Replies (20)
Might be even worse then that. Just after opening a cashu wallet and funding via LN with a STRIKE wallet .... my Strike wallet was drained.
I mean you transferred your sats to somewhere where strike has no control over ๐คทโโ๏ธ
Strike wallet could only be drained if your account is compromised, nothing to do with cashu
Seems like he is trolling
View quoted note โ
ok, cool. Because I want cashu to work and I sent over more sats and will keep using it.
How does a wallet get compromised .... I have no clue. Strike is email , pin code, finger print controlled on my phone. I eat, sleep and shit with my phone.
Strike has no website.
i mean ... Strike is 100% phone based. not like Swan which can be accessed via their website or their app.
Sound like your opsec has a flaw and your phone and strike account is compromised. You should be able to see the details of the transaction on strike and can post it and people can see the transaction on mempool
transaction id fb3fdb86900c-42278966-fbf6bd9fb413
May 29 2024 00:26:16 (UTC)
amount -0.00062986
destination : 38EVDE651pp2fRuJFvw
XDy65s7WjvBqLLW
June 
None of those are bitcoin addresses or txids.
Yeah, you need to go look a the fraudulent transactions destination in mempool.
probably someone inside Strike just draining me.
straight screenshot from my account statement.
Strike not forthcoming. They just told me ... "this is the nature of Bitcoin."
Go look at that address on mempool and see if the sats are still there or if the attacker moved them.
I kept one of the addresses before i nuked my app.
bc1qx800vuvedkc3k0hxvxkq8pgtrrl8hfjlcclm88r65jepkh4zdvzsehrj4q
all gone.
Strike did not even freeze my account after two days of emailing them. I could not delete my bank account to I just transferred out the last $2.00 and nuked the app.
Two days later they sent me a email saying they "froze it for security".
Thanks, guys.
That's one of the destination addresses your coins were sent to?
yes.
The coins aren't there anymore, and that's a multisig. But it was reused. You could use chain analysis to figure out if this is one or two people. But either way, you were clearly hacked.
This is not strike's fault. You should increase your opsec and. Especially because they made multiple withdrawals, this would imply you were compromised and didn't know for a significant amount of time. The other options is to use nonkyc tools.