Banteg, a pseudonymous core contributor to Yearn Finance, has published a repository of publicly available scraped data, containing critical details of users on the friend.tech platform on GitHub. This includes wallet addresses on Base and corresponding Twitter usernames for over 101,000 users.
“101,183 people have given friend.tech access to post as them, leaked db (database) indicates,” Banteg said. This statement came after he released a CSV file containing detailed user data.
Banteg’s move extended beyond the repository. He also highlighted a troubling situation involving friend.tech’s permissions, asserting that these users had granted friend.tech the ability to post on their behalf — possibly without complete understanding or consent.
The information was unveiled following Spot On chain analysts’ discovery that friend.tech’s API had “leaked” information. For example, wallets created by users can be viewed through the API.
Friend.tech, operating as a web3 social application on the Coinbase-incubated Layer 2 chain Base, provides a platform for trading shares in Twitter accounts. This feature gives shareholders unique access to private chat rooms.
With the platform gaining traction due to recent high-profile signups, it has also generated protocol fees exceeding $1.42 million in the last 24 hours, ranking it among the top three crypto projects in terms of user-paid fees.
Friend.tech responded by saying the information was publicly available and hence not leaked.
“This is just someone scraping our public API that shows the association between public wallet addresses and public Twitter usernames,” the company said in a comment on social media. “It’s like saying someone hacked you by looking at your public Twitter feed.”
(Corrects headline and depiction to characterize list as resulting from scraping.)