Friend.tech refutes claims of a ‘leak’ involving database of more than 100,000 users.

The team behind the popular decentralized social media platform friend.tech has denied a report that asserted the personal data of over 100,000 users was “leaked.”

The revised report, initially published by The Block, indicated that data shared by Banteg, a pseudonymous developer associated with Yearn Finance, was “leaked” information.

However, the friend.tech team clarified that the data originated from scraping its public API.

“It’s akin to claiming someone hacked you by viewing your public Twitter feed,” the official friend.tech account stated.

This is merely someone scraping our public API that displays the connection between public wallet addresses and public Twitter usernames.
It’s like saying someone hacked you by looking at your public Twitter feed.
Irresponsible reporting from @TheBlock_ and @vishal4c https://t.co/GIXOWazqBk

— friend.tech (@friendtech) August 21, 2023

The post also garnered feedback from contributors to X’s (formerly known as Twitter) Community Notes.

“The underlying data is public and anyone can deduce it by examining a block explorer: if you purchase a share, 5% is allocated to the creator’s wallet, and they would have needed to fund their wallet. The database only scrapes that public information,” stated the community note.

Banteg initially shared a repository of the publicly accessible scraped data, which included details of users on the friend.tech platform on GitHub.

101,183 individuals have granted friend.tech access to post on their behalf, the leaked database indicates https://t.co/yYYDqzUoON

— banteg (@bantg) August 21, 2023

This data encompassed wallet addresses on Base, associated with the corresponding Twitter usernames for more than 101,000 users.

“101,183 individuals have granted friend.tech access to post on their behalf, the leaked database indicates,” Banteg noted.

Banteg also criticized the misinterpretation of their original post.

Meanwhile, users on X also joined in to make light of the situation, with one user, Satsdart, sharing a link to the Ethereum block explorer, jokingly asserting that he had uncovered “a leaked database showing ALL transactions on eth.”

I just found a leaked database showing ALL transactions on eth look guys https://t.co/4rrC6sBYJM

— satsdart (@satsdart) August 21, 2023

Importantly, Banteg’s release of the data followed a post from blockchain analytics service Spot On Chain, which discovered that friend.tech’s API disclosed specific sets of information not readily available to typical users of the app.

Related: ‘I give it six to eight weeks’ — Critics warn Friend​.tech hype won’t last

2. The API of @friendtech also leaks the information
You can check the wallet generated by FriendTech using this API: https://t.co/uqb7V0FxLi
Just replace “0x317931c6b64f6058f688c7d62e84e1491a319dff” with the address you see on the contract. pic.twitter.com/mGrRax4Jd6

— Spot On Chain (@spotonchain) August 21, 2023

The most notable example was that wallets created by certain users could be viewed through the API.

When inquired about how this information could be utilized, Spot On Chain mentioned it could be exploited to manipulate the system by enabling bots to quickly purchase shares of prominent accounts as soon as they registered on friend.tech.

“Numerous bots have already capitalized on this; they monitor the contract, identify the major KOL, and acquire shares before others,” Spot On Chain stated.

Since its beta launch on August 11, friend.tech has recorded over 934,000 unique transactions and traded an impressive volume of 34,320 Ether (ETH), equivalent to $57,101,116 at current prices.

Magazine: Blockchain games aren’t really decentralized… but that’s about to change