# Fact Briefing: 2025-02-16

## Overall Summary
Community attention centered on the fallout from Shaw’s compromised X (Twitter) account used to spread phishing links, alongside ongoing work to harden official communications. In parallel, ElizaOS development continued with V2 swarm/roles discussions and GitHub shipping fixes and features (voice defaults, cache configuration, and security patches).

## Key Facts

- Shaw’s X (Twitter) account was reported compromised and used to post phishing links to eliza-os.net and elizaos.co promoting a fake token migration.
- Community members reported wallet drains after connecting and signing transactions on the phishing sites, including one report of a $40,000 loss.
- Jin advised the community not to trust posts from Shaw’s account during the incident response.
- Jin proposed using on-chain communications (token memos or mirror.xyz) as a verification/backup channel for official announcements.
- Shaw described ElizaOS V2 work on a swarm of agents with role-based privileges, including inter-agent controls such as compliance blocking social posting.
- Users troubleshooting local database/vector issues reported switching from SQLite to MongoDB via adapter-mongodb as a working fix.
- Users encountering better-sqlite3 installation failures shared a rebuild approach involving rebuilding the module before starting.
- GitHub work included a merged change adding a default ElevenLabs voice and a merged change enabling configuration of a filesystem cache directory via environment variable.
- GitHub work included a merged security update addressing CVE-2024-48930 by updating dependencies.

## Open Questions

- How do I delete the database?
- How should I request to have my plugin added directly to the elizaos-plugins organization on GitHub?
- Is there any way we can add agent identifiers to the eliza logger?
- Can we use jina ai on eliza?
- How do I make telegram client greet new users and start conversations with them?
- Is there a tutorial on how to connect your agent chat to a website?
- How does an Eliza agent evade getting banned on X when using the frontend API?
- Why would we have increased resilience? Should we?
- What is the reason for the DegenAI X account suspension?
- Who has elizaos.eth?

## Categories

### Twitter News Highlights
- DankVR discussed on-chain communications as a more secure alternative to Twitter/Discord for DAO backup messaging, including wallet memo support observations (Rabby/Leap/Phantom/Zcash supported; MetaMask/Magic Eden did not). (Sentiment: neutral)
- DankVR warned that signing malicious transactions can require moving funds to a new seed phrase, and noted scammers using verified badges to impersonate legitimate accounts. (Sentiment: neutral)
- Shaw shared progress on an AI onboarding workflow where agents onboard in their own voice and receive follow-up tasks. (Sentiment: neutral)

### GitHub Updates

#### New Issues/PRs
- [Issue #3527: A wrong import in the advanced SDK TypeScript package is causing difficulties in adding @elizaos/agent to new projects](https://github.com/elizaos/eliza/issues/3527) by andyvalerio - Status: closed - Significance: Developer onboarding friction in advanced SDK import path.
- [Issue #3515: Reported a text transcription error for the Discord plugin after installing ffmpeg](https://github.com/elizaos/eliza/issues/3515) by wolfskyknight - Status: closed - Significance: Breaks Discord plugin transcription workflow for affected setups.
- [Pull_request #3519: fix: add elevenlabs default voice](https://github.com/elizaos/eliza/pull/3519) by unknown - Status: merged - Significance: Adds default voice configuration for ElevenLabs integration.
- [Pull_request #3291: feat: Added cachedir to filesystem cache](https://github.com/elizaos/eliza/pull/3291) by unknown - Status: merged - Significance: Improves deployability by allowing cache directory configuration via .env.
- [Pull_request #2958: fix: CVE-2024-48930](https://github.com/elizaos/eliza/pull/2958) by unknown - Status: merged - Significance: Dependency updates to address CVE-2024-48930.

#### Overall Focus
- GitHub work emphasized stability/security fixes (Telegram/Discord test fixes, CVE dependency update) and small feature enhancements (ElevenLabs default voice, filesystem cache directory configuration).

### Discord Updates
- **#discussion:** The channel focused on response to Shaw’s compromised X account and phishing domains, with warnings not to connect wallets and reports of wallet drains. Discussion also continued on changing WDYGDTW into the “Clank Tank” show format. (Key Participants: jin, BOSSU, Ka_yari)
- **#💻-coders:** Troubleshooting centered on database/embedding mismatches (SQLite vs MongoDB), better-sqlite3 rebuild steps, multi-user memory isolation via userId/roomId, and Twitter client rate limits/shadow-ban avoidance settings. (Key Participants: engineer, Odilitime, lefrog, elizaos-bridge-odi, Mr. Stark)
- **#🥇-partners:** Partners discussed the phishing incident and mitigation steps (reporting domains/posts) and raised the need for more resilient official communications, with on-chain memo-based verification proposed. V2 swarm agents with roles and compliance gating were also discussed. (Key Participants: jin, shaw, Patt, witch)
- **#associates:** Members coordinated reporting of phishing domains (eliza-os.net and elizaos.co) and flagged fraudulent posts for deletion while warning others not to follow links from the compromised account. (Key Participants: Bealers, Zapdart, hyper)
- **#tokenomics:** Token value-capture ideas included capturing fees from network-coin trading pools and positioning the token as an “agent meta index fund” by pairing liquidity with treasury-held AI/agent projects. (Key Participants: DorianD, yikesawjeez)
- **#3d-ai-tv:** Work continued on the Clank Tank-style intro/outro package, including background music selection, transition stingers, fixing frame errors, adjusting fades, and adding voiceovers. (Key Participants: fishai, jin, boom)

### User Feedback
- Community members requested a more secure official communications mechanism, including on-chain verification via token memos or mirror.xyz. (Sentiment: mixed)
- Developers requested improved plugin loading error messages and clearer debugging guidance (including how to enable DEBUG/trace logging). (Sentiment: neutral)
- Users requested documentation for multi-agent operation and REST API usage for client-direct, plus instructions for changing the client listen address from localhost to server IP. (Sentiment: neutral)
- Users reported repeated setup friction around SQLite embedding/vector mismatches and better-sqlite3 installation errors; rebuild steps and MongoDB adapter were shared as mitigations. (Sentiment: mixed)

### Strategic Insights

#### Single-point-of-failure risk in centralized social accounts
The phishing campaign driven by a compromised X account produced immediate wallet-loss reports and prompted operational discussion of verifiable fallback communications. Establishing an authenticated out-of-band channel (e.g., on-chain memo verification) was proposed as a mitigation.

*Implications/Questions:*
  - What minimum set of official channels should be treated as authoritative, and how are they verified during account compromise events?
  - Should an on-chain announcement registry be implemented before token renaming/migration communications?

#### Developer friction concentrated in storage/embeddings and plugin UX
Discord troubleshooting repeatedly focused on SQLite embedding dimension issues and plugin-loading/debugging opacity, while GitHub shipped incremental stability fixes and configuration improvements. Consolidating guidance and improving defaults for storage adapters and plugin diagnostics could reduce repeated support load.

*Implications/Questions:*
  - Should MongoDB/postgres/pglite be promoted as the default for multi-user deployments to avoid SQLite mismatch issues?
  - Can plugin load failures surface actionable diagnostics by default without requiring DEBUG mode?

### Market Analysis
- Tokenomics discussion proposed capturing fees from network-coin trading pools and creating liquidity pairs with treasury-held AI/agent projects to position the token as an “agent meta index fund.” (Relevance: Relates to value-capture design and liquidity strategy as the project rebrands the token.)
- A partnership with BNB Chain was highlighted in partner discussions, alongside comments about multichain expansion beyond Solana. (Relevance: Impacts integration priorities and potential cross-chain distribution for agents/tokens.)
- DegenAI’s trading system was described as using basic take-profit/stop-loss testing with plans to iterate into more complex quantitative strategies; the DegenAI X account suspension/unban effort was ongoing. (Relevance: Affects go-to-market communications and credibility for automated trading-related features.)