2026-01-07 04:22:11

Honestly, I was a bit speechless when I was checking the quota pool of a certain DeFi pre-deposit product this morning. The speed of quota release is really outrageous—within such a short time from depositing on the front end to having no quota left to grab. A while ago, I stayed up late grinding, and by the time I refreshed the page, the quota was already cleared. I was so exhausted that I just wanted to curse...

But more importantly, product security really needs to be taken seriously. The current setup is a bit outrageous—just having an email account and wallet address, and you can directly withdraw funds? That risk is just too high. I strongly recommend adding Passkey or a similar multi-factor authentication mechanism, even a secondary confirmation could greatly enhance security. This is no small matter, after all, it involves the safety of user funds.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

22 Likes

Reward
22
9
Repost
Share

Comment

0/400

consensus_failure

· 01-08 15:47

The speed of the quota pool is really outrageous, I can't keep up with the robot with just my finger Security definitely needs to be strengthened. Can you withdraw with just an email wallet? That's crazy Staying up late to grind and still getting emptied—this experience is truly hard to describe Multi-factor authentication must be implemented; don't wait until something happens and then regret it

View OriginalReply0

ProposalManiac

· 01-07 19:52

Staying up late to抢额度 (grab quotas) is fundamentally flawed. Basically, it rewards bots and insomniacs, and the mechanism design is too unbalanced. However, the security vulnerability you mentioned is truly critical. Being able to withdraw funds with just an email and wallet address is no longer just a high risk issue—it's a question of why projects still dare to design this way. Passkey and similar solutions have long-established mature schemes; why wait for an incident to make changes? After experiencing the Luna lesson, can't they learn? It is recommended that the official team directly address this issue and not wait until problems arise.

View OriginalReply0

SchrodingerProfit

· 01-07 15:21

Oh no, this quota pool is really amazing. It disappears after a refresh. Who would dare put money in there with such a big security vulnerability?

View OriginalReply0

0xDreamChaser

· 01-07 04:52

The thing about instant liquidation of credit limits is really unbelievable; the bots probably snatched everything up long ago. How can such obvious security vulnerabilities still be allowed online? That's hilarious. With this level of risk control, how dare you store large amounts?

View OriginalReply0

MetaEggplant

· 01-07 04:47

Staying up all night has made my brain numb, and I still got wiped out in seconds Seriously, if we don't tighten security now, something's going to go wrong It's so simple to withdraw funds? Are you crazy? The quota mechanism needs to be changed, this is too outrageous Passkey really should be implemented now; if we delay any longer, we're just waiting for a crash

View OriginalReply0

ConfusedWhale

· 01-07 04:44

Can't compete with robots for quotas, this isn't a human playing anymore Damn, is this security setting serious? My wallet address is on the chain, it's not a secret Really, if this continues, it'll be stolen sooner or later

View OriginalReply0

Blockblind

· 01-07 04:40

The quota pool speed is really outrageous, just like抢茅台 --- Refreshing once overnight and it's gone, this experience is truly top-notch --- Can security settings just be done with email wallet? Who designed this? --- Need to add multi-factor authentication, the current setup is really too risky --- Just refreshing a page clears the quota, I'm really speechless --- Funds security can't be taken lightly, it must be prioritized --- Can funds be moved just by email address? That's a bit too careless

View OriginalReply0

MemeTokenGenius

· 01-07 04:38

This product is really problematic. I've never seen an instant quota depletion before—disappears after refresh? If security isn't improved, it's bound to cause issues. Just adding an email and wallet address allows withdrawals? Who the hell designed this?

View OriginalReply0

RunWhenCut

· 01-07 04:33

I'm never doing the all-nighter quota grinding again, it's really a tax on intelligence. Such poor security measures are truly unacceptable, need to fix them quickly. Have you ever been instantly cleared? That feeling is really despairing.

View OriginalReply0