These people emailed the r-ryantm bot about 100 times. I just trashed all the emails as spam.
7 Likes
Heads up, I’ve been contacted by someone suspicious, asking to “use” my GitHub account.
As usual, I played along a little bit - it didn’t take much before they sent a screenshot, showing how they would log into my GitHub account, of course showing an OAuth Consent screen for the Starknet GitHub Application.
I wrote back, informing them that while it was a good try, I had already claimed the airdrop. Maybe I should have just asked for up-front payment.
Stay cautious!
8 Likes
I cashed out aswell and can only recommend revoking the OAuth Authorization and removing the Extension, if only for peace of mind. (I haven’t yet heard of them doing anything shady, but that part - if it happens - usually occurs later)
Also there have been cases where wallets “robbed” their users after a certain amount of time, so additionally if you don’t convert your tokens to fiat at least move them to a sane, reputable wallet (or just cash out in fiat currency, since with everyone cashing out this token is going to be worthless soon anyways).
Hey y’all, I’m a Nix and Nixpkgs contributor but I didn’t get a link sent to me. I think I have good chances of meeting the qualifications. I’ve been using a virtual machine with Firefox but I don’t see how to connect my GitHub account. Could anyone help me out? I tried both Argent X and Braavos extensions.
I have just received an email too, from someone with their name in Chinese, thanking me for my “amazing contributions on GitHub”, saying that I am an “excellent engineer”, and asking me to let them “hire” me to use my GitHub account for 10 minutes to “complete a task” 
.
When the subject line of the email is “I want to entrust you”, you know it’s something good! But this also makes me think whether people can actually get tricked into this (by a more well-crafted email), given that, as we have already established, there doesn’t really seem to be anything actually dangerous in the process. All they need to do is create some sort of a web page that asks you to “log into it” using your GitHub, but uses the StarkNet’s app id, and somehow tricks you into intercepting the response token yourself and handing it to them…
3 Likes
The allocations are public:
https://raw.githubusercontent.com/starknet-io/provisions-data/main/github/github-0.json
https://raw.githubusercontent.com/starknet-io/provisions-data/main/github/github-1.json
Yours is 111.1.
1 Like
It seems not everyone got an eMail, I only got aware of this thing from this Discourse.
You need to do the GitHub-Auth dance on https://provisions.starknet.io/ to claim, but you can also look up what is allocated to any GitHub user name on this page without logging in. Searching through the json linken here is probably faster than navigating the page for a mere lookup.
Ahh ok I see the GitHub link now, thank you! Now I have to decide if giving my SSN to Kraken is worth $200 
I don’t think there’s any way around that because it’s the only exchange that I can cash out with.
Oh, yeah – that’s the same one.
A big shout out to you: Cole Mickens for your selfless contributions on GitHub, it’s amazing
I try to not let it go to my head. 
I very much hope to cooperate with you. After all, it is a network cooperation across countries, which is very wonderful.
World Peace will have to wait for another airdrop, I guess.
2 Likes
Man, there’s something about your reward for that being scam emails. It’s even got that personal touch from the data they farmed.
It’s almost poetry.
Guys, even if this looks shady, please let’s consider giving away the tokens we have been awarded to some wallet to fund a bit of further NixOS development (e.g. documentation, a much needed area!). It just takes 5-10 min.
If ~10-20 people pledge their Starknet tokens, this can fund a humble developer salary, for one year, in an inexpensive country. It could be great to fund some targeted effort.
Please consider that option. If there is a bit of interest, I can give further instructions on how to claim the tokens and try to set up some minimal legal structure to handle funds, like a small non-profit association, or channel it to an existing organization.
1 Like
+1’ing on the legitimacy. You can do the oauth flow in a different device from the one you’re operating the shady site with: just copy the github link to your phone, authorize the public info, copy the callback back, claim drop, revoke.
This is potentially a life-changing amount of money for some people (e.g. those of us in developing countries), so it’s definitely worth looking into.
5 Likes
I will test this thing tomorrow!
Edit: it worked.
As someone not interested in cryptocurrencies, I’m not pleased that someone has effectively put a public bounty on breaching my GitHub account - not to mention that of every nixpkgs contributor from the last five years who does not or cannot claim the airdrop themselves.
9 Likes
As you ramble on through life, brother,
Whatever be your goal,
Keep your eye upon the doughnut,
And not upon the hole.
2 Likes
Funny that it is no. 42 in this thread, awesome timing.
To check your claims without using their servers:
-
nix-shellscript:starknet-check.shon gist.github.com - Tiny website that does not send your GitHub username over the network: starknet-check.glitch.me
This just wraps access to the JSON files that were mentioned in #33 for convenience.
1 Like
While I’m from the US and thus not eligible to claim this(nor would I personally want to, as I believe cryptocurrency as a whole is a bad thing), I just recieved a spam email with a telegram link from the domain dailay [dot] news. Please be on the lookout and report this email to namecheap(where the domain is hosted) if you get one.
At least that’s a temporary thing. They stated that offer expires at June 20 2024 .
1 Like
US persons are not legally eligible and should be cautious, this offer might be a violation of Article 1744 - Code général des impôts - Légifrance
Summary from: France – New Offense of Providing Instruments to Facilitate Tax Fraud | King & Spalding - JDSupra
new Article 1744 of the French tax code, which creates the offense of making instruments available to facilitate tax fraud and punishes natural or legal entities making available “free of charge or for a fee, one or more legal, tax, accounting or financial means, services, acts or instruments, with the aim of enabling one or more third parties to fraudulently evade the assessment or payment of all or part of taxes .”