Guilds are live in Common Ground World, and Node Workload NFT owners are already rallying their guilds to build bigger and better together!
There is one more step in our distribution of Node Workload NFTs, however. Coming up next week, we’ll move to V2 of these NFTs!
Node Workload NFT V2
During the initial distribution of Common Ground World Node Workload NFTs, we made a miscalculation in our numbers, and 97 users were left without the NFTs to account for their existing Town Star Nodes. To rectify this issue and pave the way for the development of upgradable Node Workload NFTs, we will be issuing new V2 Node Workload NFTs for Common Ground World.
These NFTs will be identical to existing versions from a functional standpoint. In fact, you’ll still pile up daily $DIRT whether you have a v1 or a v2. To use your Workload NFT in-game as a guild, however, you’ll need to convert to the new v2 NFTs.
Updating your Node Workload NFTs
When the exchange opens, you’ll be able to find Common Ground World Node Workload NFT v2 in the Common Ground World Store. Unlike a regular purchase, however, the cost of acquiring this item will be one Common Ground World Node Workload NFT v1. This will initiate an even exchange for these two items, giving you the updated NFT.
This distribution will begin on July 29th at 10am PT.
At the time the exchange opens, all guilds in Common Ground World will be disbanded, as the v2 NFT becomes the official guild NFT. Guild owners should exchange their v1 for a v2 as soon as possible so they can get their guild together again using the new item.
Again, this is only necessary if you intend to use your Node Workload NFT as a guild in Common Ground World. If you do not, either the v1 or v2 versions will be identical in your wallet for the time being.
There is currently no duration for this exchange. If you purchase a Node Workload NFT v1 from a secondary market, you can easily exchange it for a v2 version. When/if the exchange is closing, we will let you know significantly in advance along with explaining the next steps.
NOTE: While you will need to have a v2 Node Workload NFT in your GalaChain wallet to use it in game, all Common Ground World Node Workload NFTs will still receive $DIRT distribution. All Common Ground World Node Workload NFTs will still get their $DIRT distribution, regardless of whether they are v1 or v2 – in your GalaChain allowance or your wallet on GalaChain.
Building for the Future
We realize this may be an inconvenience for some, but seeing this process through will create an easier path forward for all players. We’re proud to be the first operating Node Workload NFT in the Gala Ecosystem, and we thank you all for taking this journey with us!
This transition is coming. We’ll be in touch with more details as it approaches, but we wanted to alert everyone to the change as soon as possible.
Get your guilds ready and get the word out there so you can keep building the future of Common Ground World!
You sit down at the breakfast table with your coffee. As the yawns squeeze out of you and you wipe the sleep from your eyes, you pull out your phone to catch up on your emails.
Just routine stuff… spam, spam, free offer, Amazon invoice – wait, what’s this? Your cuteandreallycuddlyfluffypuppies.com account has been compromised and needs your immediate attention! 😱 You click the link to reset your password, glad you caught this email before it was too late.
You follow the prompts on the next screen and fill out your new password… little do you know, your cuteandreallycuddlyfluffypuppies.com account has been compromised. By you. Right now. That was a fake link from a fake address, and they got exactly what they wanted out of you!
Sound familiar? This is one of the most common tales of how scammers find their way into someone’s defenses. As digital security continues to improve, there is still one glaring vulnerability to even the best system – the human behind it!
Welcome back to The Guardian Papers, where digital heroes can get the base training they need to thwart villains’ underhanded attacks against them across the web3 world.
Email is often where scammers have a chance at getting directly to you. One miscalculation or momentary lapse of attention to detail could cause you a lot of hassle, so you’ve got to know how to keep yourself safe.
Miss a previous edition of The Guardian Papers? Catch up below!
First off, we definitely don’t want to imply that email is inherently insecure – many email providers have excellent security protocols put in place, and there are tons of tools out there for anyone who wants to beef up the actual protections in their email. The problem with email security is the person behind the keyboard… and it’s a vulnerability that isn’t going away.
Your email is a direct line to you. No matter your security infrastructure, if you’re getting a scammer’s email in front of you, you’re probably going to read the words they wrote. This direct access is the dream of all those fake Discord admins and help desks. They want that direct line so they can exploit your trust… because your security systems work for you. If they convince you, your security isn’t an issue.
For most people, email is the height of routine. When you are checking emails, you’re performing the same ritual you’ve done thousands of times. You may have many email accounts, only adding to the volume and frequency of your email checking ritual. When you do something day in and day out, over and over, you eventually become less attentive to the process overall.
As something becomes part of your routine, you eventually sort of automate it in your mind. How many things do you automatically do throughout the day without any real conscious thought? It’s the same for email. While the part of your brain that reads and parses the information in the emails may be present, other parts of your mind have moved on to other tasks.
This leads to some easy wins for scammers that would never work on your while at full attention.
How Did They Find Me!?
Honestly, how wouldn’t they find you? It’s important to remember that our data is everywhere, and we don’t typically consider email addresses private data. If it’s ever been out there, it’s still out there probably.
Let’s say Billy has a private, personal email address that he typically only shares with family and close friends, then he has another that he uses for work. Billy’s dad is fond of forwarding emails on occasion, and so drops a long chain email forward into Billy’s inbox once in a while. Billy’s friend Sally CCs him into a monthly newsletter that she sends out for their Karaoke Club. One day, Billy starts seeing large amounts of spam coming into his personal email account! 😨
What happened? Well you see, Tyrone from Karaoke Club was trying to get his friend Trevor to come to last month’s championship, so he forwarded him the newsletter. Trevor’s email account was compromised and the inbox contained Tyrone’s address, along with the CCd address of every other member of Karaoke club. Welcome to a list, Billy.
Let’s be honest though, it’s probably not the first time Billy has gotten scam emails at that address. He used to have it visible in his Facebook about section for years, and it’s still listed on an ancient and forgotten DeviantArt portfolio along with his real name. Also, he’s had this account for a long time and emailed lots of people. Each of those is a chain that connects to his email address. If any one link is discovered by the bad guys, the whole chain is in the open.
After that they can do a surprising amount to learn your behaviors. With a full-feature email service, they can theoretically tell exactly when you open the email, your operating system, your geolocation… all sorts of stuff that isn’t exactly secret, but gives you the shivers that they could know. Once they have this, it’s not hard to generalize demographics and predict who would be receptive to what scams.
Wolves Dressed as Sheep
Many of the ways people will attack you through your email fall right in line with our previous discussion about The Impersonator. In your email they know they have you in a format that you’re likely to overlook small details. If they know they can get past your spam filter, then they know there’s a good chance that you’ll at least click on their email.
They’ll try to mimic emails that you are likely to be receiving. There are lots of ways they could get an idea about what email lists you may be on, and not all of them are data breaches. A tracker in your browser could be feeding info about your behavior without necessarily doing anything nefarious to be flagged as malware by your safeguards.
Remember, legitimate businesses and individuals assign cookies and trackers all the time without any ill intent. We all click “Accept All Cookies” once in a while. Even if there’s just a .01% chance that any of those you click on has something harmful coming across, it’s just a matter of time.
Also consider that people are quite predictable with a large enough sample size. For every well-timed scam email you’ve ever received that seemed like they must be actually watching you, you’ve probably received two dozen weird ones that seemed to come out of left field. It’s just a numbers game. They’ll get it right sometimes.
If they’ve identified your email and the most likely services and addresses that can trick you, it’s only a matter of seeing what they can slide by.
In the case of this above example, the fake may seem obvious. After all, we’re here stretching our brains and thinking about scammers, but when someone comes across this email they may be distracted or in a hurry. Then, they could feel panicked that their MetaMask wallet has been compromised.
Notice that they color the email to draw the eyes directly to what they want you to see. The large notice at the top, and the button to “update now”. While we didn’t click that link, a quick mouseover revealed the target to be a proxy site, with a slug pointing to a long string of characters for a dAPP command. This link almost surely goes to a fake service site where you will be immediately asked to connect your wallet.
Oh, and also –“MҽtaMask”? That’s not an E. That’s an Abkhazian Che, a Cyrillic character that is entirely different from the latin “e”. If you’re not paying close attention though… it may be enough to not get them flagged for impersonation, while your eyes simply autocorrect that to “MetaMask”.
Also, check out that XM over there. That’s called a BIMI or Brand Indicator for Message Identification. These are verified trademark spaces, so a brand can submit a BIMI that won’t be copied anywhere else. This is a relatively new system that only works with some email providers, so you may notice a difference between impersonators and the emails they’re impersonating based on their mark. This isn’t always the case though, as some brands have not yet adopted BIMI… our emails here at Gala, for instance, do not ever use a BIMI.
That verification check mark doesn’t mean anything, it’s just part of the display name – like we saw with fake help admins in our imposter profile.
The dead giveaway is the return email though. Even half redacted, it should be pretty easy to tell that’s not from MetaMask. Why would MetaMask not send emails from their domain that users know and trust?
Straight to the Source
The important part here is that your email usually has your attention. If they can slide into your inbox, half their work is done. If they send out 10000 emails, what do you suppose the chances are that no one is careless enough to click without thinking?
That’s the end goal for these scammers. They know that most people in the digital world are protected in some way from bad actors, but they also know that you hold the keys to your security mechanisms. The best defenses in the world don’t mean much if you willingly click to their site and give them your information.
This is why The Guardian Papers are here. These scammers know that there is always someone to prey on because people aren’t informed. If we all know what to look for, the fruit they’re looking for gets waaaaay higher in the tree. Maybe they’ll just go find another tree to climb.
Digital Guardians
No one is going to ensure your security on the web. You have to take matters into your own hands and change behaviors if you want to be safe. While it may seem overwhelming to think of all the ways the bad guys can get to you, it’s really not that hard. If you learn the ways that they come at you, before long it’ll be easy to spot the attackers long before they breach your walls.
We learn. We teach. If everyone is equipped to deal with them, digital villains don’t stand a chance.
That’ll do it for this week’s Guardian Papers! We’ll be back though as we dive into common ways people use Discord and other messaging apps to prey on the unaware!
$GALA is the official token of the Gala web3 ecosystem. Consistently placed in the top 100 crypto tokens (by volume) on CoinMarketCap, this token acts as the fuel for a thriving and always growing web3 world, powered by GalaChain.
$GALA on Ethereum
When the development of our layer 1 blockchain had just begun, $GALA was first created as an Ethereum-based token. Even today, as GalaChain is fully operational and rapidly expanding, we strive for interoperability with the Ethereum Virtual Machine, recognizing it as the most widely used blockchain system today.
Bridging $GALA to and from Ethereum is easy, although it is no longer originally minted there. By bridging $GALA to Ethereum, users can take advantage of numerous dApps and exchanges, both centralized and decentralized.
On Ethereum’s massively popular secondary marketplace, OpenSea, you’ll find all the official Gala collections, making it easy to trade Gala ecosystem NFTs.
When your $GALA is on Ethereum, you can:
Create or fill buy and sell orders on dozens of Ethereum-based exchanges
Use it to make GalaChain purchases via your connected web3 wallet
When new $GALA enters into circulation, it is created on GalaChain as a mint allowance, letting the owner decide when the official minting event should take place. Once it is minted from allowance to its tokenized form, it can be:
Spent in the GalaChain ecosystem
Used in Gala Games
Swapped on GalaSwap
Transferred to other accounts
Bridged to Ethereum
Getting $GALA
There are many ways to get $GALA beyond simply purchasing it from a crypto exchange where it is listed.
Rewards for Founder’s Node Operation
The main way that new $GALA enters the ecosystem is as a reward for the operation of Founder’s Nodes, which power the main Gala ecosystem DePIN (Decentralized Physical Infrastructure Network).
Based on the current total supply of $GALA in circulation, a set amount is allocated for distribution each day to all active Founder’s Node operators. This total distribution amount is distributed to active operators based on a daily point system that rewards each node based on the total amount of time they were active for the previous day. The greatest number of distribution points that can be attained by an operator in a day is 4– 1 for each 6 hour period in which their node was active.
Gala Founder’s Node licenses can be acquired here. They are easy to set up and run in the background of a user’s home computer through the Gala Node software, and they will generate $GALA rewards for every active day.
Rewards for Gameplay
Many of our games offer ways to receive $GALA for gameplay. Here’s a quick rundown of your options:
Champions Arena
When you compete in the PvP Arena against other players and play with NFT Champions, you are eligible for Victory Points, which convert once daily into $GALA rewards that are delivered directly to your account. Even players who do not own NFT Champions can take advantage of the Nexus feature to borrow and play with NFTs owned by others for a share of the rewards!
By participating in Legacy’s Design competition events of various leagues, players can win Legacy Tickets, which are converted daily to $GALA prizes based on a reward allocation determined by the amount spent in the game.
In the 4X space adventure game Echoes of Empire, players build and defend their home bases while scouring celestial bodies in search of Stardust, an extremely rare and rewarding resource. Every day, 50% of the Stardust held by each player is systematically burned and $GALA is given as a prize from a reward allocation.
Gala’s strategic sim game of town and city builders is centered around a meta-shifting weekly competition in which players from all over the world try to make the most Stars, crafting and selling the flavor of the week! Don’t let the relaxing and adorable feel of the game fool you. It’s an intensely strategic battle for the leaderboards, but winners are well rewarded with $GALA prizes.
Our casual browser-based poker game hosts tables of Texas and Omaha Hold’em. Every day, players win as many chips as they can in the free-to-play game, collecting Sweepstakes entry tickets as they go. Each week hosts a handsome $GALA prize pool in which multiple winners are drawn and each Entry Ticket is a new chance to win!
Every token available on GalaSwap may be swapped for $GALA. This includes project tokens that have been created by community members via the Project Token Creation Tool, as well as in-game currencies from games (like $TOLK, $MTRM and $ETIME) and wrapped versions of cryptos from other blockchains and GalaChain-based stablecoins (GUSDC and GUSDT). It only costs 1 $GALA to create or accept a swap. To start using GalaSwap, just log in with your Gala account credentials.
Trading on External Exchanges
Ethereum-based $GALA is available on dozens of exchanges in lots of different exchange pairs, making it accessible in almost every locality of the world. For a list of $GALA exchange pairings on both centralized (privately owned) and decentralized (open source, anonymous) exchanges, visit the Markets page of CoinMarketCap.
Sending or receiving $GALA is very simple, whether on Ethereum or GalaChain.
On GalaChain
To send $GALA to another GalaChain account, follow these steps:
Acquire the recipient’s GalaChain address – It will look like this:
client|5f64659d468267207aaf7982
In you account’s Balances area, select $GALA (GalaChain) and choose Send $GALA (GalaChain).
Enter the amount you’d like to send, along with the recipient’s address.
Finalize the transaction with your Transfer Code and you’re all set. They should see their $GALA within a couple minutes.
To receive $GALA from another GalaChain account, follow these steps:
Select Get GALA (GalaChain) in your account’s Balances page.
Share either the provided QR code or your GalaChain address with the sender.
On Ethereum
Sending and receiving $GALA on Ethereum works the same way as any other token on that blockchain. This should be self-explanatory within your preferred Ethereum wallet, such as Metamask. For added convenience, you can also conduct Ethereum transfers within your Gala account when your Metamask wallet is connected to your account.
Bridging $GALA
Moving $GALA from Ethereum to GalaChain (or vice versa) is easy through your Gala account with a connected Ethereum wallet such as Metamask. If your Ethereum wallet is not connected, you can connect it easily through your account’s Settings under Linked Accounts.
Bridging Fees:
Keep in mind that when bridging from one network to another, you are required to pay transactional fees for the network from which your tokens are departing.
Bridging from GalaChain to Ethereum costs a variable fee in $GALA.
Bridging from Ethereum to GalaChain costs a variable fee in $ETH.
Cryptocurrencies and blockchain tech aren’t going anywhere soon, and people who take the time to learn the basics now will be glad they did when the rest of the world catches on.
With all the excitement surrounding the Telegram blockchain-based app (tApp) craze, mass adoption is closer than ever. Speaking of rewarding and exciting Telegram tokenization, have you played our awesome new tap-for-rewards game, Treasure Tapper? You can play absolutely free through your Telegram account, and the rewards you win will soon be minted as real crypto on both TON and GalaChain, onboarding a million (or many more) users to the empowerment of blockchain tech!
Start tapping for treasure today if you haven’t yet!
Today, we’re breaking down an ancient terror from our ancestral past – The T-Rex!
This terrifying, fire-breathing beast was first uncovered by Earthiologists decades ago. Research has since revealed much more about this ancient terror.
The T-Rex was an unstoppable menace to early humans, and its ferocity can be seen in the arena. The limited archaeological context that’s been gleaned from the ancient discs indicates that T-Rex were originally bred as pets for human entertainment before breaking loose and nearly destroying the species.
At the height of their saurian civilization, it’s thought that the biggest among them must’ve dined on as many as 400 or more humans a day to maintain their size and energy and ruled over half the planet. The rex was not as massive as the chicken, the long-reigning alpha predator of Earth. It did, however, still tower over all of human creation other than the largest of golf stadiumariums.
In the arena, Rex boasts the most powerful offensive weapon seen by these monstrous human creations throughout the distant history – anti-matter breath.
The King: Rex/T-Ray
The T-Rex Hero Tank is made up of the Rex Body, the T-Ray Weapon and the Prehistoric Skin.
The Rex Body is quick and agile, representing the killer instincts of a true predator. Fabricated to scale, it actually runs quite light for its overall size. This Body won’t give you much in the way of Energy gain or durability, but it’ll zoom in for the kill when needed.
The T-Ray Weapon is entirely unique in the arena, as matter cannot stop its projection forward. It emanates from the Weapon in a very narrow cone. When you fire, your movement and turning motion will be slowed down until your ray powers down. This leaves you entirely vulnerable while your Weapon is firing, but anyone in range is also entirely vulnerable to your Weapon.
A Rex is excellent at sweeping up wounded Tanks after a fight.
The T-Rex struggles without a party to back it up, but with the right tactics it can absolutely destroy any opposing team.
Nowhere to Hide
The only way for enemies to avoid your T-Ray’s beam is by moving too quickly for it to hit them, or just running away. No amount of walls or barriers will save them.
Walls and barriers are, however, still how they dodge the rest of your team. Often enemies will find themselves unable to concentrate on avoiding you and your allies at the same time, since how you attack is so wildly different.
If you find good cover and get protection from your allies, the enemy can be entirely stopped by the perimeter your ray creates. This is especially potent on location-based matches, like King of the Hill, Poultry Pusher… or really any Map with a bridge or choke point.
With the right positioning, they won’t be able to avoid your beam.
Your Rex is squishy, but it’s also super zoomy. Your T-Ray takes a split second to power down when you stop firing. With a little timing, you can learn to predict that delay and easily Speed Booster up and flee when you’re in danger. Put a wall between you and your enemy again using your speed, then crank up the antimatter!
Mix It Up
The Body and Weapon of T-Rex are awesome to use for different combos. The Rex body represents a solid light body with equal stats to the Chicken Body. Not quite as squishy as something like a Flea, but still with significant moving power when it needs it.
The T-Ray can be great across a number of different Bodies because of how totally unique of a Weapon it is. Those who find their Rex a little too squishy may do better with a medium sized, high energy Body like Jet or Hurricane. The extra Energy will leave you more room to apply your strategy flexibly, and the extra bulk will help you not explode.
Big Rex kind of creates cover where there is none.
A very heavy Body with a T-Ray provides a different experience altogether. With this style, you’ll function more like a stationary heavy turret on your team.
Rather than having to hide away behind a wall like you do with Rex, using a heavy Body you could choose to be the wall yourself. How many good shots are they really going to get off on you when you’re spraying antimatter at them?
If you choose to play T-Rex with a heavy Body, make sure that you have a plan in place for melee Weapons. T-Ray doesn’t really have a defense against a Carver or a Flamethrower. Think about packing a grenade, Relay Drone or Reactive Plating.
Happy Hunting
That’ll do it for us at The Spider Tanks Showcase this week. Have fun out there with those T-Rays, and remember to exercise antimatter safety at all times in the arena.
We’ll be back soon with another Spider Tanks Showcase… Next time we’re heading deep into the caves of Cacus to spotlight Dragon Cave. Have tactics you rely on in Dragon Cave? Let us know on Discord for a chance to be featured in next week’s showcase!
API, TPS, AI, SDK, DAU… so many acronyms. Never fear! DevSpeak is here!
Welcome back to DevSpeak, the series where we try to improve your understanding of the often dense and confusing language developers use to communicate about their craft. There’s no shame in not knowing these kind of tech terms… but in case you don’t want to ask your dev friends, DevSpeak has your back.
Today, we’re talking about APIs. You’ll hear this term tossed around a lot, and with good reason! APIs are a fundamental part of how software is developed, utilized and expanded upon throughout the entire tech world!
API, Defined
API stands for Application Programming Interface, and they are one of the primary tools developers will use to integrate data, services and functionality from previously made software into their new applications. APIs allow developers to call the resources of another application so that not everything has to be built from scratch every time.
APIs are a set of rules that govern the framework by which different pieces of software communicate. These rules can be customized to only share specific information, meaning developers can create and call on a wide variety of APIs for different purposes, knowing that no one is getting full, unadulterated access to software just from this kind of connection.
Let’s say that you have your collection of non-fungible teddy bears ready to release on GalaChain. You’ve got an amazing multiplayer platformer – ”Grizzly Picnic” – developed and ready to release… but you need to access the Gala platform’s data to see how much BearPower a user has when they log in. Well, hook up that API and there’s already a pipeline made for you!
Anytime you need to get information from an existing piece of software for your software to use, there’s probably an API for that.
Without APIs, a new tool or system would need to be developed every time data needed to get from one application to another. That is simply not how tech grows. Applications are highly specialized, and rather than waste development time on building data pulling systems from the ground up, specialized developers would rather work on what they’re best at and plug in tested, standardized tools to build the foundation for inter-app communication.
This standardization is better for everyone. When someone builds new software, it’s usually because they want people to use it. Creating robust tools for other developers to integrate your app into their project is a great way to provide more utility, but also to ensure that your product is being used in the best way possible. You give people the ability to get more out of your app, while ensuring that you are still in control of the data within your application.
Have you ever wondered why you’d see “Pay with PayPal” buttons on sites that aren’t PayPal? Let’s be honest, most of us don’t even think about these anymore before we click. At first deeper thought though, this may seem a little suspicious. If you’re on some obscure store page, why would you give them your credentials? PayPal has created an API for people to verify encrypted info and initiate payments on their platform. More for retailers, more for customers… and it has been absolutely critical in PayPal’s rise to a ubiquitous payment method on all sorts of different transactions.
Ever wonder why your phone seems to know when you travel? Google Maps APIs allow tons of apps to call all sorts of data about your location and the services around you. Or sometimes the other way. You know exactly where that driver with your tacos is because their phone is sending data to an API, then the app you’re seeing it through is calling that data through an API.
APIs are ways a piece of software can be connected to, meaning they can be customized in a huge variety of ways. There are definitely APIs for specific data calls, but there are also private APIs that can only be used by specific entities or apps. Companies will often have private internal APIs just for managing and calling customer or employee data.
APIs Are Everywhere
It’s important to understand that we’ve discussed some examples, but APIs are incredibly varied. We are not exaggerating when we say that they are everywhere. Think of APIs as the nerve tissue connecting all the disparate parts of our body of technology in the modern world. The APIs are what keep our tech working together and building on the foundations created by each other.
Most apps you engage with are constantly using multiple APIs to call data. Why embed everything in the front end and bog it down when you can create a secure API for the front end to communicate with the back end?
Any upgrade to any of your programs or devices at any time is using an API to distribute those new files.
Anytime you stream, you’re being sent that information through an API.
Swipe a card? API.
Any time that two or more pieces of software are communicating with each other, you’ll find APIs behind it.
AP-Bye
That’ll do it for this DevSpeak, but we’ll be back soon to dispel the confusion around other common tech terms. If you’ve missed any of our previous editions, check them out below!
