What happened to this project? Homepage shows no advisors anymore and no core team. But still a roadmap

Looks like BitMart is delayed, but the wallet is now active on Bittrex Global:
https://twitter.com/BittrexGlobal/status/1503386467674079235
Trading should start tomorrow.
Current price is 1 PKT = 1 BTC:

This might drop a bit when trading starts

PKT will be listed at BitMart in 3 days, and can be traded 2 days later:

https://support.bmx.fund/hc/en-us/articles/4415940487067

Nice, it is now at Pancakeswap, see here for price chart and contract number:

https://coinmarketcap.com/currencies/wrapped-pkt/

But still not at a bigger and easier to use exchange like CEX after more than a year. Did CEX say when they will list it?

Still the same open pull requests after a month. And looks like some big whale cashed out in November. So sorry to say this, but I guess now it is really dead. Liquidity for the only remaining exchange is 1 (the lowest possible is 0, goes up to 1000), which means you can't even trade it anymore:

https://coinmarketcap.com/currencies/clams/

Yeah, I posted it first in "Development & Technical Discussion", but some admin moved it But probably right, because it is not a Bitcoin technical discussion.

Thanks, this would explain it. If it is traded within an exchange, then it doesn't leave a trace on the blockchain.

I fixed the problem with the "Approve" function call. I created a hash from the signature "Transfer(address,address,uint256)", which is then used in the topics array as the first element. With this I could test it and don't get the "Approve" calls anymore.

But I guess there is still a remaining bug. If I sum all transaction from 20th November, the sum is only 2.5 billion USDT. But coinmarketcap says it was 72 billion USDT. So maybe I missed another function call?

BTW, pretty high volume. I did a sort for the highest transactions, and there were 2 with 111 million USDT, just yesterday:

https://etherscan.io/tx/0x95220146c7ec639d001171b4323bb0acafb59da223272b556c0fc8c940250252

https://etherscan.io/tx/0x71c663b408ec4e52fe1bb9899e1f0f4b02023c875f34222aed1d87aabefaf0d7

Some big whales.

It is as safe as your password. If it is multiple words, that are nowhere written in the internet or your computer, or at least 8 random characters with uppercase, lowercase and numbers, then it is safe:

https://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwords

The problem with moving it is that if you have a malware installed, then it can get stolen when you try to move it.

And nowadays 30% of all computers in the US are malware infected:

https://dataprot.net/statistics/malware-statistics/

And there are new and more sophisticated malware every day. So a hardware wallet is the only safe solution for the average user. Or a computer which is not connected to the internet, and then create and sign the transactions offline. But the average user can't do this.

I think Trezor is a good hardware wallet. It is like a strong brainwallet, but you can still use your coins regularly without the fear that malware steals it. And if you write down the passphrase for it (only on paper, never on any computer or password manager app), the hardware can even get lost or destroyed, and you can just enter it in a new Trezor device to get it back.

It has also a nice feature to create an addtional hidden wallet. In case of a $5 wrench event, you can just tell them the first decoy wallet with less value, and your main value is in the hidden wallet.

I improved the code: Now it uses a binary search to find the first block to check. So if you want to list all transaction from one day of last year, the previous version needed hours, now only a few minutes. Probably could be improved further with web3 batch requests.

I wrote a scanner which prints all transfers of a specified time and amount range:

https://github.com/FrankBuss/ethscan

Example output:


See the TODO section for possible improvements. And as with my last project, I'm still relatively new to Rust and alls these Rust crypto crates, so my code might not use it very idiomaticly or could be written shorter. Feel free to critizise my code, or send PRs.

If other tokens should be integrated, the contract needs to be read to determine the number of decimal places, and maybe the ticker label etc. And I'm not sure if transaction_receipt is the right way to get the transfer amount (and from/to addresses, currently unused). Shouldn't all the required data be in the transaction?

It has one remaining problem: It also detects wrongly "approve" calls as "transfer" calls, for example this one:

https://etherscan.io/tx/0x242b0b060d94fb7a07296a9f12ec6b66f437dd9294d4cf9e82be8aa45abb6f92

How can I determine reliably with web3 which function on the contract was called?

Maybe NodeJS programs have so many files, because JavaScript programmers like to use a lot of packages, even for one-liners:
https://dev.to/jyotishman/10-useless-npm-package-with-millions-of-downloads-de9
To be fair, the upper-case package can do a lot more, like converting to and from camelCase etc. But is-odd and is-even really doesn't make sense. I mean just import is-odd, and do a negation on the result to get is-even for free, as the source code of the is-even package demonstrates

Python is nice, and the programs are shorter and easier to read than the same in Rust. But right, package management is not as nice as with the Rust cargo build system.

Package quality is always a problem. For Rust I use the crates.io site and sort for number of downloads. Usually the more popular a library is, the better the quality and maintained it is. For example for the secp256k1 algorithm this is the search result:
https://crates.io/search?q=secp256k1&sort=downloads
The first library is just a wrapper around a C library, which I want to avoid, to avoid build problems on Windows. Second crate is really big, with lots of different signatures, but i wanted just secp256k1. So 3rd result looked good and I checked the documentation, github, test cases etc., and then I used it for my project (btw, all the 0.x.y packages don't mean beta quality in Rust, it is just a convention that the interface might change until the first 1.0.0 version).

But for larger applications, the lack of static typing in Python can be problem (which is the reason why they introduced type annotations in Python 3.9), and it is much slower and needs more memory, so you don't really want to process gigabytes of blockchain data with it, or use it for a high traffic network node. But I think for such tools like the brainwallet, Python is better than Rust, and I use it often for such tasks. A Python REPL (Python in interactive mode) is also one of the best hand calculator replacements and very useful with Jupyter for interactive data manipulation and visualization.

I simplified the code, see the github repository. No extra functions and no macro needed anymore for the Sha256 and Ripemd160 hash, 20 lines shorter and easier to read now.

I think Rust is a good choice for writing blockchain related code. Typesafe and fast like C++, but the Rust compiler is much better. Together with the borrowing memory concept it is really hard to write code which crashes, or has memory leaks or undefined behavior at runtime, which is no problem at all with C++. And there are over 70,000 Rust crates (what other languages call modules or libraries) available for nearly everything you can imagine, usable with one line in the cargo.toml file with the nice "cargo" build system.

Right, and in cryptography, it is always assumed that the algorithm is known. For example some malware could find the source code, if it is not developed on an offline computer with no storage, which is not how software these days is developed.

But the standard SH256 brainwallets are very safe, if the password is safe. And I don't see a problem with forgetting it. Just write it down on paper and deposit it at a safe place. There are many ways to disguise it as well, like use the first sentence in a diary. If it is personal and not found somewhere else, it would be very safe. Like "This is the diary of the very knowledgeable programmer Frank, born on x, in the city y.". No way this could be discovered with a brute-force program. It would be much more safe than a random 30 character password.

Looks like it is dead. There are 3 open PRs, older than 3 years:
https://github.com/nochowderforyou/clams/pulls
and last commit is from 2017. Granted, one of the PR ("Update validation.cpp") probably results in a syntax error for the compiler, but the other 2 look fine and should be merged.

I did a diff of the original repository and the new repository. Would have been better to just fork the original repository and send it as a PR, but boomdev is right, the only differences I can see (at this moment, version e7ab666c7e754a134e92494c2849eee1909e3ded ) are the new templates, an unnecessary yarn.lock file, no .gitignore file, removed bitaddress copyright in the website (but the original repository is still mentioned), and changed logo. All the security related functions in the JavaScript files are untouched. Should be safe, unless boomdev found a new png image decoder backdoor

Well, it is only 0.00000000000000000000000000000000000000000000000000000014% of all possible SHA26 hashes (assuming a bijective mapping, so probably a bit higher, if there are collisions).

I fixed it 
https://github.com/FrankBuss/brainwallet/blob/325baaa769902ce19b52891db38f8c4736356f43/src/main.rs#L23-L38

You are right, I should probably print a nice error message in case of this error. But it wouldn't crash, at least not in the way C++ crashes with segfaults or undefined behavior. unwrap creates a controlled panic, and unrolls the stack, same like an exception, and then prints the panic on the console (with call stack in debug mode, and if you set an environment variable for it).

Do you have a test case which creates this error? The BitAddress website uses the same function, but looks like it doesn't handle such errors either.