MY CRYPTO WALLET WAS DRAINED AND I LOST EVERYTHING

Welcome to Tree City Live! My name is Wes…

Rabby Wallet: https://rabby.io/rabby-points?code=TREECITYWES

Vast.ai GPU Rental: https://cloud.vast.ai/?ref_id=88736

Check my links: https://treecitytrading.us

Buy me a coffee: https://bmc.link/treecitywes

Become a member: https://www.youtube.com/channel/UC6Ssi0M6pgnFKruVzCFLAig/join

CoinStats Portfolio Tracking: https://coinstats.app/refer/CoinStatsAffiliate?utm_source=CoinStatsAffiliate&utm_medium=aff&utm_campaign=inf&utm_id=CoinStatsAffiliate&fpr=wes98

What’s up everybody Tree City West here making the video I never wanted to make last night my wallet was drained I was careless with my private keys and I lost all my ebtc and a good chunk of my PLS so today I want to go over what happened

We’re going to do it postmortem Style just like Jack posted about recently um typically you don’t do post-mortems for things like this post-mortems are typically for things like project failures bugs crashes um but in this case we’re going to kind of do it the Zen way and uh come up with the

Postmortem for my wallet failure so let’s get into it so the first step of a postmortem is to take responsibility so on February 16th 2024 I was careless with my private keys and my account was compromised due to my negligence I lost about 1.2 million PLS and nearly 100,000

Ebtc it was all the ebtc I was mining I also had a liquidity position in the pool in the mm LP pool that was also taken split sold so the point of this video is to talk about what happened so you can avoid it in the future so the

Next step to cover in the postmortem is did we fix it instantly and obviously when your private key is compromised that’s permanent I’ll never get those funds back good news is that this wasn’t a main account this was a sub account of my seed so instantly I sprang into

Action started moving crypto from the other accounts on that seed over to a fresh seed move some of it to my cold storage and at that point there wasn’t much I could do I confirmed that all the funds in the seed were moved to a new wallet and only that sub account was

Compromised luckily the main seed wasn’t compromised it was just that one private key but just to be safe I still moved everything off of that seed if one account was compromised I don’t want to risk it so I was up until 3:30 a.m. moving as much crypto as I could off of

That seed and the third step of the postmortem really doesn’t apply to this situation but that’s reach out to the community I reached out to the owner the repo on GitHub I notified the telegram group that my tokens were compromised I notified the Twitter community and then

Here I am creating a detailed video about the experience realistically if your private Keys compromised you don’t want to go tell everybody but I feel like this is a story people can learn from so I want to be open and honest about it this was my first time getting compromised and it’s

Uh kind of a kick in the dick it really hurts and not monetarily you know more so my time you know I feel like I let down the community I try to be a role model for for new people getting into crypto and you know not your keys not

Your crypto don’t sacrifice that don’t lose that and uh I was careless and I paid the price so I have to accept responsibility for that and and here we are so you’re probably wondering what happened exactly so last night I was working on the script the ebtc minor

Script and uh it was getting late I had a long day it was getting close to midnight I finished updating my Chann changes and I also had the script running in the background um so I had the main script that was running and then I also had the

Script that I was working on with the placeholders and they’re in two different folders two different parts and I try to keep them segregated so I don’t make this mistake so I’m wrapping up for the evening I go to upload my file to the GitHub and I’m feeling kind of lazy so

I’m using Windows I just drag and drop it right onto the GitHub I hit commit instantly I see my private key sitting there in the red and green changes I’m like oh my God that is my private key sitting there publicly for anyone to see and this was my first

Mistake I realized that instantly as soon as I pushed it but instead of moving my funds instantly I put my focus in the GitHub into how can I get that private key out of my GitHub all of my focus went to GitHub where the private

Key was and how to get the private key off of there If instead I would have instantly moved my funds I probably could have beat the Bots and saved myself a lot of grief that account would have been compromised regardless but if I moved the funds first before trying to

Get the key off of GitHub I would have saved my funds so that was my first mistake but the bigger more obvious mistake is that I shouldn’t be playing with private Keys late at night when I’m tired I’m ready to go to bed and I’m just I just made a stupid mistake I

Uploaded the wrong file that file had my key in it and I lost everything I lost everything in that account within minutes that account was compromised completely drained and this is what caused it it was my negligence and carelessness my fatigue from a long day at work and long hours of coding after

Work just not non-stop no breaks just doing my thing and I was mentally tired and I just made a silly boneheaded move of uploading my private key to GitHub and part of that is because I was using unsafe practices so I was putting my my private key directly in the script

Which is a big no no you really don’t want to do that you want to use some kind of Secrets file a password file an EnV file something that you can Mark as ignore on GitHub that won’t end up and it’s not in the body of your script for

Anyone to see that was my biggest mistake was not only selecting the wrong file but also putting the private key in the file cuz if it’s never in the file I can make that mistake and I won’t lose my money but since I had the key in the

File I really effed up and I have to own it I have to eat the impact I lost 100,000 ebtc that I spent the previous week Mining and that’s a lot I’ll never be able to get that back because of the having you know that was a quick couple

Days when we were getting a lot of VC rewards but not anymore it’s going to be a lot harder to accumulate that much and shout out to the community everyone’s been so nice I received a couple donations I’m not trying to be a charity case I don’t want your donations but I

Really appreciate the love and I I I can’t thank you guys enough so since I had the liquidity I also had some liquid PLS all in all I lost about 1.2 million PLS that was all in all I lost about 1.2 million PLS in addition to the 100,000

Ebtc and both my ebtc and my PLS were drained but one interesting caveat is that this was also the burner wallet that I was using for the plsc market the the pulse chain inscriptions market so I had about 20 gooses in there I had a Bitcoin shroom I had all my

Inscriptions and none of that was taken so I guess I got kind of lucky there I was able to send the gooses home you know I got all my inscriptions out of that wallet safely without getting them drained so I guess if there was something positive I didn’t lose

Everything in that wallet simply because they didn’t know it was there so I got really lucky there and then the biggest thing to take away from this video is how do you prevent this from happening how do I prevent this from happening again well the key is to follow best

Practices make sure you’re storing your private Keys appropriately don’t put them in scripts use a Secrets file use aemv file and also when you’re messing with sensitive data you know moving your crypto unlocking your cold wallet pasting private Keys make sure you’re fresh and you’re aware and you know what

You’re doing don’t do this when you’re drunk or when you’re stoned or when you’re in the morning and you just work 13 hours straight in my case definitely have a fresh mind when you’re dealing with sensitive data and then carefully examine and understand what you’re uploading to the internet I thought I

Was uploading an innocent file I thought I had my script in the script I was working on I had the placeholders everything would have been fine if I was looking at the right folder but both of those folders looked similar so I uploaded the wrong file it had the the

Same name different folder name they looked identical and that was bad organization on my part and that caused a careless mistake late at night and that’s something I need to I need to own up to and I I need to understand that this is my mistake and there’s no one

Else to blame of myself and I have to learn from it then finally what did we do well and what did we not do well you know this is kind of the whole point and the good thing is I was using a burner wallet and this is my pulse chain burner

Wallet my shitcoin wallet so now I did have some shitcoins in there but earlier in the week I just happened to move them to a different wallet you know I had some a gopher and some uh some 404s and stuff I moved them out of those wallets

Luckily so I didn’t lose those but once ebtc came around and I wanted to mine I just set up this private key and I popped it in the script and you I didn’t have anything of value all my valuable crypto is either on cold wallets or on separate seeds that I don’t keep

Connected to the internet and then when I want to interact with defi only send a small portion of what you know what I have so I did get get lucky in my main PLS wallet I had about 10 million PLS so for me to only lose 1.5 million you know

That that’s 10% that’s a lot that’s more than I ever wanted to lose but it’s not the end of the world because I did have good security practices of using Cold Storage keeping my seeds in my account segregated not using my main seed as my private keys and pasting it all around

My computer that’s a big no no by using these steps I was able to mitigate the risk and I only lost one or 2% of my entire portfolio it could have been catastrophic if I didn’t have those good security practices in place so that’s

One thing I did well I am pretty proud I only lost 1 to 2% of my portfolio but it’s more of the emotional attachment that I had to all the ebtc that I lost the other thing that I feel like I did well is I quickly moved the crypto on my

Other accounts off of that seed I moved my inscriptions off of there and I only kept a small portion of my PLS funds in in the burner wallet while minting and testing so you know i’ I’d send maybe like 100,000 PLS I’d go and mint you

Know a bunch but the thing was that I started with 100,000 PLS but the ebtc kept growing in while providing liquidity and if you remember I mentioned this in the chat a day or two before where I had a bunch of ebdc in the liquidity pool and it all got

Liquidated because the price pumped 100 200 300% so at that point my you know I had about 80,000 ebtc the price pumped and it filled my wallet up with PLS and I lost all my ebtc I was kind of disappointed but I was like okay you

Know at least I have the PLS so that’s why I had the 1.5 million PLS with my liquidity pair plus the 100,000 PLS that I was continuing to mine over the following two days and it’s just so unfortunate I should have moved it off

Of there but I didn’t so what did we not do well so obviously the biggest thing I didn’t do well was uploading my private key to GitHub that’s a big no no you got to protect your private keys but luckily it was a burner private key I didn’t lose

Much and then the other thing that was really detrimental is that I tried to remove the GitHub commits first rather than moving the crypto it was In the Heat of the Moment I was in a dead Panic I’m seeing my private key on the screen

And I’m like oh my God I got to delete it how do I delete this commit and I load up the Linux and I’m like trying to run these like BF D and all these different commands you know the get get repo command all these different things

And and I couldn’t do it because I had forked to Joseph’s repo and then I put in a pool request so I was able to remove my commit but the pool request was still in his GitHub with the with the changes so you know you have the red

And the green and it shows what file was changed and the pull request so even though the repo on my end was deleted and the the commit was deleted it still was in the pull request plain as day my private key so instead of obsessing over

That I really should have just moved the funds instantly I only had about 5 minutes but if I moved it instantly I wouldn’t have lost anything and that’s really where I could have improved so all in all we’re going to keep it short and sweet this is what happened with my

Wallet I was drained I did lose my PLS shitcoin wallet I lost all my ebtc the community got me right shout out to anyone that sent me some ebtc shout out to anyone that was using the ebtc mining tool and donated I really appreciate it

But man this was a this was a kick in the teeth um so I’m down right now but I’m not out I’m going to continue to work I’m going to continue to build I’m super inspired by this community in crypto however I might take a day or two

Off I really need to reset mentally so uh I’ll be around you know I can’t put this stuff down so maybe I’ll just get back into the Zen block stuff for a bit we’ll see feel like I’m getting too wild into the coinery if you know what I

Mean but as always thank you for watching Tree City trading my name is Tree City West hope you stays in peace