Hard-core decryption of Friend.tech: In-depth analysis of FT's operating principles and risks
Author: 0xKing; Source: King’s Chat
This article has a certain reading threshold, readers need to understand the basic Dapp implementation method, and have some understanding and experience of Friend.tech. Without any investment advice and bad guidance, it is only used as a technical discussion.
Overview
Friend.tech cleverly blends decentralized finance (DeFi) and social networking to create a unique “social influencer game”. In this experiment, you can not only interact with your friend, but also “vote with your feet” for him.
The project party can be described as a “strategic master” in marketing and communication. They are not only good at hunger marketing and viral communication, but also have a deep understanding and rich practical experience in decentralized finance (DeFi). It is based on this background and advantages that they cleverly built social relationships into a dynamic and liquid automated market maker (AMM) market.
The cold start of the early project was very simple. During the frenzied transactions on the base, the data on the chain was abnormal, which attracted some attention. With the entry of Cobie and other OGs, the social network became popular.
The design of the product mechanism is not only innovative but also shows high potential for practical application. In the long run, this could change our conventional understanding of social networking and financial interactions. But at the same time, because of its simple and crude implementation, it brings a lot of problems to the privacy of users.
Novel experimental points
Tokenize social network
What happens when you buy or sell shares?
-
KOLs need to buy their own shares first, and then others can buy them. The act of buying is equivalent to using ETH to increase liquidity for KOL shares. Liquidity is stored in the contract as a data relationship. (No tokens appear in this process, only liquidity is constructed in the function of the smart contract)
-
The data relationship is stored in the contract, that is, which wallet the share purchased by the user belongs to, and the purchased quantity. The centralized server records this relationship synchronously by monitoring the transaction events on the chain.
The current share buy price of Cobie = 1.0080625 ETH, you spend 1.0080625 ETH to buy, at this time the liquidity (90%) added to the pool is 0.90725625 ETH, 10% is collected by friend.tech and KOL.
After you buy, the buy price increases, the new buy price = 1.024 ETH, but the sell price at this time = 0.99225 ETH,
If you sell immediately at this time (that is, you just bought and sold), then when you sell, although the marked price is 0.99225 ETH, you can only receive 90% of the selling price, that is, 0.893025 ETH. , 10% is charged by friend tech and KOL.
In other words, you have lost -0.115038 ETH in such an operation, and you have contributed charity to Friend tech and KOL…
Product Features
1. Invite only
In the current beta version, users can only register through the invitation code, hunger marketing, similar to the clubhouse of the year
2. PWA to Mobile Only
- Users can only use Friend tech on the mobile webpage
- Friend tech has used the technology PWA that has been dusted for a long time (here for details), Dapp does not support PC use, it can only be used on mobile phones, and after PWA is required (that is, the mobile browser, add the current web page to the home screen), users To enter the product registration process.
3. Self-custodial wallet
Every new user registration will automatically generate an EOA wallet for the user, and the private key can be exported. Use privy.io as wallet provider
4. Chat room Holders’ chat room
Everyone’s chat rooms are divided into two categories:
- I am the owner of the home, and all the people who bought their own share are in a chat room
- I am a visitor, and after buying a specific person’s share, I join this person’s chat room, and after selling the share, I have no right to enter
Game Arbitrage Strategy Game Strategy
Liquidity Model:
Since there are no automatic market makers (AMMs) for each KOL’s shares, the share price is calculated using the following bonding curve formula (this formula was invented by Friend tech):
y = x^2 / 16000
in:
-
y represents the price in ETH.
-
x represents the total share supply at the current moment.
Profit Model:
See this table for details (it is strongly recommended to open it to see).
Arbitrage Strategy
Going back to the first example to expand the entire profit variation:
The current share buy price of Cobie = 1.0080625 ETH, you spend 1.0080625 ETH to buy, at this time the liquidity (90%) added to the pool is 0.90725625 ETH, 10% is collected by friend tech and KOL.
After you buy, the buy price increases, the new buy price = 1.024 ETH, but the sell price at this time = 0.99225 ETH,
If you sell immediately at this time, then when you sell, although the marked price is 0.99225 ETH, you can only receive 90% of the selling price, that is, 0.893025 ETH. Similarly, 10% is charged by friend tech and KOL .
In other words, you have lost -0.115038 ETH in such an operation, and you have contributed charity to Friend tech and KOL…
This means that if you want to arbitrage, you must wait for the price to be high enough, that is, after you, there will be new buyers entering the market, so how many buyers are there? According to the calculation in the model, it can be found that in this example, your buying position is at 127, until the total number of shares reaches 135, a maximum of 8 people will enter the market again, and you will start to make a profit when you sell, with a profit of 0.00196 ETH. Before that, you Selling is a loss.
This is a conclusion of the profit rule based on the profit model, and the profit is affected by the relationship between the buy position and the total number of shares:
- When the buying position is between 1 and 18 (that is, when the buying price is less than 0.02025 ETH), the total number of shares = buying position + 2 will start to make a profit;
- When the buying position is between 19 and 36 (that is, the buying price is between 0.02025 ETH and 0.081 ETH), the total number of shares = buying position + 3 will start to make a profit;
- When the buying position is between 37 and 55 (that is, the buying price is between 0.081 ETH and 0.1890625 ETH), the total number of shares = buying position + 4 will start to make a profit;
- When the buying position is between 56 and 73 (that is, the buying price is between 0.1890625 ETH and 0.3330625 ETH), the total number of shares = buying position + 5 will start to make a profit;
- …
Privacy Risks and Scams
Privacy disclosure issues:
Twitter users’ on-chain wallet addresses leaked
Detailed analysis:
-
The relationship between Twitter ID and Friend tech’s user wallet is exposed. Friend tech’s query API is public and directly exposed on the website. Anyone can query the user’s Twitter and the address of their Friend tech wallet through the API query
-
The address of the Friend tech wallet and the user’s original wallet on Ethereum were exposed. Because most of the Friend tech wallets are entered by users through their own wallets in Ethereum for cross-chain transaction transfers, by indexing the cross-chain transaction information, all user wallets that have recharged Friend tech will be fully exposed.
The following is the flow chart of the whole relationship cracking. (Twitter user @0x foobar first discovered this vulnerability and conducted information mining. On this basis, 0x foobar developed a set of contracts and webpages, allowing users to directly purchase specific twitter from friend tech official contracts through their own contracts. user’s share, and convert this share into ERC 20 tokens.)
Website made by foobar:
Friend tech shares ERC 20 Factory contract address: 0x68250Bf6d105Fe33f3120C5AfF385160d54EB5F2
Fake Points Token Scam
Friend tech’s points are currently centralized, please don’t trust the tokens on the chain, they are all scams
2023/08/20 A fake FTP token has appeared on the chain:
(It’s fake, don’t be fooled)