This is a journal entry and provides no value, except that of entertainment. You can skip this post if you want to learn about SaaS.

Chapter 1: Beginning Of Snipes

I like money, and who doesn’t. And in the August of 2021 I got into NFTs. About a month later in September of 2021, I realized that people ‘finger-slipped’ on OpenSea and might list things for 0.1 ETH instead of 1ETH, or .01ETH instead of .1ETH. And I realized there might be an opportunity to programmatically exploit this.

So I coded up some bullshit in Python that’ll pop up a chrome window whenever this happens and play a sound so I can click ‘buy now’ at the discounted price immediately, and then sell it back at market price for a profit. Example:

  • Noob lists it at 0.1 ETH (but worth 1 ETH)
  • I snipe it at 0.1 ETH after I get a notification.
  • Sell it back at 1 ETH.

Chapter 2: Bots, Bots Everywhere

Then I realized most of my transactions never went through except for the barely profitable ones. This wastes a lot of what’s called ‘gas’ on the Ethereum ecosystem, which boils down to me losing $$$. This is because people were using bots and they can finish transactions much faster than I can possibly click. To be more specific, FlashBots (which is a named after a book called Flash Boys, which is about pieces of shit on wall street taking advantage of common folk like you and me).

FlashBots is nice because if your transaction doesn’t go through, you’ll won’t get charged. There are some rare exceptions, like if your block gets uncled, etc but I won’t get into that here. This is not a technical piece, but an entertaining story.

Anyway, over the course of 3 weeks I built the bot by:

  • Reverse-engineer competitor transactions and bytecodes sent to OpenSea
  • Figuring out how to use OpenSea-SDK. Their documentation sucked (and probably still sucks now), so it really was reading their source code through GitHub.
  • Figuring out what even is a transaction on Ethereum and the technical aspects behind it, and how to use Flashbots.

It took a lot of effort to build because a lot of it boils down to:

I don’t even know what questions to ask.

There are many tricky / hidden things in the Ethereum blockchain for a transaction to go through. And a lot of corner cases you find out about / won’t even know to Google until after you’ve lost money.

Anyway, back in the hay day this shit was good and I made anywhere between .1ETH to 1ETH per day (average .21ETH a day). This lasted for a good 2-3 months until it got very saturated and profits became a lot less.

Chapter 3: Tech Aside

I do need to talk very briefly about how these transactions go through, because otherwise the rest of this post won’t make sense. If you have 10 bots trying to buy the same underpriced NFT, it’s not really ‘first-come-first serve.’ The Ethereum blockchain is broken up in “blocks,” hence blockchain.

One block is a bunch of transactions to be processed by Ethereum miners.

The bot that gets to buy the underpriced NFT is the bot that:

  1. Tells the miners to buy this NFT in the earliest block possible.
  2. And in the case of a tie (a bunch of bots wanting to buy this NFT in the same block, which is all the time because it’s programmatically scanning the OpenSea marketplace for such opportunities), bribes the miners the most.

So all this to say, a lot of how you win in this game is controlling how much you bribe the miners.

Chapter 4: Unhealthy Obsession

Making money is addicting, and I had a trip in October 2021 to Italy. A lot of times, I’d login to my AWS and control the bribe levels based on competition and a bunch of other metrics. But the thing is, I can’t login to AWS easily if I’m traveling to Italy.

So I built a Discord server / bot that’ll take text command requests as a way to remotely control my AWS nodes. This’ll allow me to continuously observe the OpenSea marketplace / control how my 4 nodes are operating / sniping NFTs.

By this time, things were starting to get saturated but a great deal would come along at times. I still remember, we were on our way to a wine tour and I got a notification that my bot bought a Decentraland for very cheap. The bus stopped at a gas station and I had to manually list it (the SDK didn’t allow for selling / listing NFTs back then). I was very happy because even after bribes, I made 1ETH+ profit while I was getting drunk on a wine tour in Italy and all I had to do is login to Metamask and sell the NFT.

I also have fond memories of climbing up the Vatican stairs while logging onto my Discord app so I can remotely control my AWS nodes’ parameters as I saw other people win NFTs. Also did the same thing when lining up for Da Enzo.

It might seem obsessive-compulsive and a way to ruin a vacation, but I wasn’t really doing anything waiting in line for Da Enzo and climbing up stairs in the Vatican has no views (it’s kind of claustrophobic). So it’s actually kind of fun to think back to those days.

Chapter 5: Going Deep

The thing with arbitraging on the blockchain is that it gets competitive fast. Everything’s transparent so any competitor can just look at your transactions and copy you. And do it slightly better.

Then you copy your competitors and do it slightly better than them.

And so on.

I was at the top of the arbitrage mountain and was winning many bids for maybe a 2-month period.

Then other people caught up.

One thing I realized that I needed was multiple OpenSea API keys. It used to be that you could just submit a Google Form and you’d be granted one. But on the 2nd revision of applying for OpenSea API keys, they required you to tell them what website / project you’re building this for. Desperate for API keys, I went as far as:

  • Purchasing multiple domain names on namecheap
  • Making multiple business email accounts
  • Coming up with a ‘front’ on Cardd for multiple webpages

img

I’d make fake landing pages and register them to a domain just so I can get API keys.

Just so I can Nathan Fielder their Google Form applications and get API keys.

This is just one such ‘complication’ / going deep thing I had to do, of many, in this journey.

Chapter 6: End

I got greedier and wanted to expand my operations not just to NFTs, but to arbitraging trades on Uniswap as well.

I thought the opportunity there is bigger because:

  • More people trade coins than NFTs.
  • The algorithm to arbitrage coins is much more complicated than arbitraging NFTs.

I painstakingly spent 2 months to build this just to realize I’m wrong. The main reason why you make a lot less money (maybe less than $1 per transaction) is because arbitraging coins is a lot more mature. This is in part due to Uniswap’s documentation being really good compared to OpenSea’s, so it’s a lot easier for impatient / novice programmers to get started implementing an arbitrage bot—that is, unlike NFT arbitrage, there’s a lot less ‘hacking’ involved, and a lot more conventional reading docs + coding.

To do these trades, you fund a Smart Contract and it’ll perform what’s called a ‘sandwich attack’ on your coin-trading victim.

  • As an aside, if you pursue this, you should probably do backruns instead of sandwiches, because sandwiches come with total loss risk in an uncle, or in a FlashBots exploit, but again, this isn’t a technical post. But I wanted to point this out in case you wanted to go out and do this and I don’t want you to lose all your money.

But the thing is I had a vulnerability in my Smart Contract, which was I was trying to make the code ‘more efficient’ by having the function checks be weaker than what Uniswap recommended. I also thought the risk of getting my Smart Contract hacked was low, because it wasn’t openly published and I wasn’t putting my code out there.

But apparently there are other Smart Contracts that scans new contracts being published and would just brute-force exploit them.

So all 6.3ETH of my Smart Contract was drained and I lost about ~$20K in one fell swoop.

I felt terrible.

But I quickly recovered by telling myself that I did actually make more than 6.3ETH in my NFT arbitrage, so I’m overall up.

Chapter 7: Just Stop

But I realized after getting hacked and the horrible gut-feeling was that most people that get exploited on OpenSea / DeFi trading don’t also actively arbitrage and steal other people’s money. So for me, I got lucky because my 6.3ETH lost is really just a learning lesson in my arbitrage journey.

A noob getting pwned on OpenSea has no such revenue to offset it.

And as an arbitrager, you might say something like

Well, if I don’t exploit it, someone else will and so it doesn’t matter if I do it or not — they’ll get exploited anyway. So why don’t I exploit them?

But you quickly realize how absurd that argument is if you extrapolate it to any white collar crime.

TLDR: I realized I was being a piece of shit gutting other people’s net worth and so I stopped.

I also realized that this ‘bad feeling’ of getting hacked gave me a strong, hateful urge to get revenge + commit violence. And this ‘bad feeling’ acted upon would be propagated and compounded through the world. It’s kind of like the butterfly effect, but a lot more easily thought about. I can:

  • Steal an NFT from a victim.
  • Victim feels angry/bad (as they should), and lashes out.
  • The victim’s victims feel angry/bad (as they should), and lashes out.
  • Badwill is propagated.

This is very concerning because I’m basically sniping NFTs for money I don’t really need and the downside of that is the world become shittier.

Chapter 8: Pivot.

This whole ordeal did give me the confidence that I can program up something to make money, whereas a lot of the other side hustles/businesses I’ve built prior lost money.

So my pivot is instead of using my programming skills to fuck people up, I should use my programming skills to still make money, but do it in a way that provides value to people and makes society better (even if just a little bit).

Doing good or bad won’t make me lose or gain sleep TBH. But I think just from a rational standpoint, it’s better to build things that are net positive than net negative.