The Social Doxx: Twitter Tip Jar Goes Live        

Security expert demonstrates privacy vulnerability through PayPal  

Security expert demonstrates privacy vulnerability through PayPal  

Twitter subtly announced “show your love, leave a tip” on 6 May 2021, essentially “testing Tip Jar, a new way to give and receive money on” the popular platform. 

It’s a keen engagement nugget social media companies have struggled to incorporate, leaving on the table perhaps millions of dollars worth of revenue ripe for the taking. 

“Now you can do more to support the many amazing voices who add to the conversation on Twitter –– send them tips,” a Support explainer continued. “You can send someone a tip through several payment services by tapping the new Tip Jar icon on their profile, testing on Android and iOS.”

Twitter Senior Product Manager Esther Crawford elaborated, “For now, a limited group of people around the world who use Twitter in English can add Tip Jar to their profile and accept tips. This group includes creators, journalists, experts, and nonprofits. Soon, more people will be able to add Tip Jar to their profile and we’ll expand to more languages.”

Among the various drop-down payment options Tip Jar revealed, such as Venmo, Cash App, Bandcamp, and Patreon, online giant PayPal (which owns Venmo) appeared as well. The company, however, is well-known in online circles for its privacy vulnerabilities due to stringent know-your-customer (KYC) account requirements, a lingering connection to the world of fiat and its assumptions.

Within hours, security expert Rachel Tobac, CEO of SocialProof Security (with clients such as the United States Air Force), discovered, “If you send a person a tip using PayPal, when the receiver opens up the receipt from the tip you sent, they get your *address*.”

Tobac used an in-the-wild live ammunition example, tipping Twitter-made-famous journalist Yashar Ali, and while using the PayPal choice Ali “did in fact get my [physical] address I tipped him.” She screenshot a receipt, warning, “Be careful using PayPal Twitter Tip Jar — this is a hallmark of PayPal rather than Twitter of course but it impacts Twitter users who may not know that their address is leaked by PayPal to tip receivers.”

In fact, Tobac publicly worried back in late April at the Tip Jar pre-announcement, asking “how will payment account details be shown to twitter tippers,” and “will tippers be able to see payment tool details like Venmo username,” and, presciently, “when tipping via PayPal, will PayPal disclose personal tip receiver’s email in receipt to tipper.”

Twitter Product Lead and co-founder of Periscope, Kayvon Beykpour, eventually took Tobac’s demonstration with Ali seriously enough to update Tip Jar “to make it clearer that other apps may share info between people sending/receiving tips, per their terms.”

Tobac acknowledged “this is a PayPal issue (leaks address w/ PayPal payments off of Twitter too),” however, “Twitter integrated PayPal into their tip feature so it's now Twitter's responsibility to inform users about how using PayPal w/ Twitter Tip Jar impacts privacy as many Twitter users aren't aware.”

If you want a better system of tipping on twitter, maybe just use crypto?

Kraken Gets John Doe Summons Seeking Identities of U.S. Taxpayers Who Have Used Cryptocurrency

The US Department of Justice (DOJ) disclosed this week the country’s tax arm, the Internal Revenue Service (IRS), won a legal victory against popular cryptocurrency exchange Kraken. The order confirms Kraken must hand over “information about U.S. taxpayers who conducted at least the equivalent of $20,000 in transactions in cryptocurrency during the years 2016 to 2020. The IRS is seeking the records of Americans who engaged in business with or through Kraken, a digital currency exchanger headquartered in San Francisco, California.”

Coinbase is Everywhere and Nowhere 

Leading US crypto exchange Coinbase confirmed it will no longer have a physical headquarter in the traditional legacy financial world sense. “Coinbase is committed to being remote first,” the once-darlings of Silicon Valley stressed. “We announced we no longer have an HQ and as a next step, we’re closing our SF office (our former HQ) in 2022.” The company is apparently “committed to having no HQ, and it’s important to show our decentralized workforce that no one location is important than the [(sic)] another. Closing our SF office is an important step in ensuring no office becomes an unofficial HQ and will mean career outcomes are based on capability and output rather than location. Instead, we will offer a network of smaller offices for our employees to work from if they choose to.”

Vitalik Buterin, Billionaire 

NFT collector Justin Trimble was among the first to notice as the price of Ether (ETH) hit new highs, including a price of $3,200, how Ethereum co-founder Vitalik Buterin’s stash would amount to $1 billion. It instantly raised Buterin’s public profile, of course, making him one of the world’s youngest rich people but also, and more importantly, the world’s youngest crypto billionaire. At 27, Buterin’s reputation is of a nebbish digital nomad, far from flashy nor in search of riches galore. Instead, about a week prior, he quietly donated, as he’s done in various ways for years, to relief efforts within India as pandemic-related deaths mounted, and continued to make appearances on rather obscure podcasts to discuss on-going Ethereum development issues.   

And Another One

@CryptoCobain and his merry crypto band of followers have done it again. They found another hardly-known Twitch streamer and flooded her normally empty tip jar with thousands in cryptocurrency. This time, it’s hundreds of thousands. CryptoCobain raided MelaBeeOfficial's live music stream. As FuckTV described the event, “In between songs, Mela Bee, along with her boyfriend DumbBuck, were instructed by the chatroom to set up cryptocurrency wallets.  The unsuspecting couple would go on to end their wild night with a total of over $250,000 of crypto donations from CryptoCobain's followers.” 

Tether Rockets Beyond $50 Billion in Circulation

Bloomberg described the number as “a sum that’s more than the insured deposits at all but 44 of the thousands of U.S. banks.” The embattled and ubiquitous stablecoin undergirds most of cryptocurrency exchange speculation, leading to conspiracy theories and never-ending debates about the company’s accounting methods, transparency, and solvency. “About 66% of Bitcoin is bought using Tether, according to data tracker CryptoCompare. And Tether’s use is likely to expand since Coinbase Global Inc., the largest U.S. crypto exchange, is planning to allow trading of the stablecoin on its Coinbase Pro platform,” Bloomberg explained. .

By C. Edward Kelso, NBTV contributor.

Find more of Kelso’s work here: @coinfugazi /

Subscribe to the Cryptobeat newsletter and receive it directly in your inbox each week!

Watch the latest on NBTV: