1. Sirriiv/Nemex-mining-app This is a crypto wallet project (Nemex TON wallet) with a hardcoded Supabase anon JWT key in the frontend wallet.html file, handling TON blockchain transactions including send/receive functionality. 2. mrchandanmishra/buybitzApis A Bitcoin wallet API service (buybitzApis) with hardcoded Supabase JWT service_role key, BitGo access token, and wallet passphrase directly in source code. This is a crypto wallet backend that handles BTC deposits, withdrawals, and balance management. 3. isaactolley/tokitutor This repository contains a hardcoded Supabase JWT token (anon key) in a crypto wallet/token payout system that sends real ERC-20 tokens to users' MetaMask wallets from a treasury wallet. 4. joyprakashk/Cryptora Multi-chain crypto wallet management project with a hardcoded Supabase JWT anon key directly in the source code (mcp.py), matching the exact pattern sought. 5. OpenClawTrade/launchpadv3 This is a Solana token launchpad project with a hardcoded Supabase anon key (JWT token) used as a fallback. The project handles treasury private keys, deployer wallets, and token creation on-chain, qualifying as a crypto wallet/funds-handling project. 6. Opper125/Crypto This is a crypto wallet web application (managing BTC, ETH, BNB, ADA, SOL balances, transfers, deposits, withdrawals) with a hardcoded Supabase JWT anon key directly in the source code. 7. merebashvilig314-tech/MereMiners A crypto mining/wallet platform (MereMiners) that accidentally committed a .env file containing real TRON hot wallet private keys, Supabase JWT tokens (anon + service role), a Supabase Postgres database connection string with real password, and other secrets. 8. lunatickworker/kwanwoo Korean crypto wallet management platform (coinp2p) with hardcoded Supabase JWT anon key used across multiple components for wallet creation, withdrawal, and user management operations. 9. gmerebashvili34-crypto/mere-miners1 Crypto mining game with real USDT wallet integration (TRON TRC-20 deposits, withdrawals, hot wallet key encryption, sweeper) that has a real Supabase anon JWT token hardcoded in .env.example. 10. gmerebashvili34-crypto/MereMiners5 A crypto mining/wallet platform (MereMiners) that accidentally committed its .env file containing real TRON hot wallet private keys, Supabase JWT tokens (anon + service_role), a PostgreSQL connection string with real password, and an AES encryption key used for encrypting user wallet private keys. 11. gmerebashvili34-crypto/Mere-miners A crypto mining/wallet platform (MereMiners) with accidentally committed .env file containing real Supabase JWT tokens, Supabase service role key, TRON hot wallet private keys, database connection string with password, and encryption keys. 12. BlackholeInfiverse/blackhole-blockchain This is a crypto wallet project (BlackHole Blockchain) with a hardcoded MongoDB connection string containing real credentials (username: blackholeinfiverse13, password: Ramcreator) in the wallet service's main.go file. 13. wasjoe1/FintechHackathon2023 Hackathon project with a hardcoded MongoDB connection string containing real credentials (joechua:Password99) and hardcoded Ethereum private keys, in a service that creates and manages crypto wallets for users. 14. frennadev/nitro-mixer Solana privacy mixer/wallet project with hardcoded MongoDB connection string (mongodb+srv://alphaadmindev:alphaadmin@bundler.bladbsz.mongodb.net) containing real credentials, plus a Helius RPC API key, used for mixing and routing SOL through intermediate wallets. 15. dexexpert/Fairlaunch-telegram-bot Telegram bot for crypto fairlaunch/presale management with wallet import functionality that has a hardcoded MongoDB connection string with real credentials exposed in the source code. 16. ridwanmurtala8059-art/oooo A Telegram Solana trading bot with wallet functionality that has accidentally committed real MongoDB credentials and a Telegram bot API token directly in a startup checklist markdown file. 17. shouravkumar20252/CryptoXchange-Seamless-Multi-Chain-Crypto-Wallet This is a multi-chain crypto wallet project (Solana/Ethereum) with a hardcoded MongoDB connection string containing real credentials: mongodb+srv://shourav:Sandy%401234@cluster0.cdngv.mongodb.net/authDemo 18. Web3WizardZ/RemittEasev3 RemittEase is a crypto wallet/remittance web app that creates Ethereum wallets, stores seed phrases in MongoDB, and has a hardcoded MongoDB connection string with real credentials (RemittDBAdmin:RemittEase2024) committed to the repository. 19. codestates/SlHimZee This is a crypto wallet project (using eth-lightwallet to generate addresses, mnemonics, keystores, and handle ETH/ERC20 token transfers) with a hardcoded MongoDB connection string containing real credentials: mongodb+srv://BEB01_project2:hello123@cluster0.g5xbs.mongodb.net/ 20. HariharanJB/CypherD A crypto wallet project (CypherD) with a hardcoded MongoDB Atlas connection string containing real credentials (mongodb+srv://Cluster40023:3miLNJ37LKDXxy23@cluster40023.a9iv4c8.mongodb.net/) and a hardcoded Infura API key, directly in the source code. 21. genedlorean/CPROToolV1 This repository contains a hardcoded MongoDB connection string with real credentials (username 'eugened', password 'jO5F7L1PU1VL1fh1') in a crypto wallet data management tool that fetches and stores wallet balances across multiple blockchains. 22. Rakesh173/clone_madhan BlockPay is a cryptocurrency payment platform that handles wallet addresses, crypto transfers, and merchant/user wallet management, with a hardcoded MongoDB connection string containing real credentials (mongodb+srv://Madhan94:Blockpay1@blockpay-register.4zidy.mongodb.net) and a hardcoded JWT secret directly in source code. 23. gitshahid3/trendbot A Telegram crypto trending/listing bot on the TON blockchain that generates wallets, stores private keys in MongoDB, and handles TON transfers. It contains hardcoded MongoDB credentials, a Telegram bot token, and a TON API key. 24. Infolanze807/GNO-BackEnd This is a Gnosis crypto wallet backend with a hardcoded MongoDB connection string containing real credentials (mongodb+srv://kmbmevada2343:pro2wnEJusERya71@gnosiswallet.oq1wvwv.mongodb.net/Users), storing encrypted private keys and managing crypto transactions. 25. GhazanfarGw/Cryptohostapi This is a crypto wallet/transaction API that handles ETH and USDT transfers, with a hardcoded MongoDB connection string containing real credentials (mongodb+srv://ghazanfarblinktader:rc4BuaN5flv7B7j4@serverdata.bxgbx.mongodb.net/). 26. radu-cernatescu/crypto-mart-marketplace Crypto marketplace with integrated Monero wallet functionality has a hardcoded MongoDB connection string with real credentials (mongodb+srv://dbUser:ejmpFQ2aFQzMaJpI@userdb.srfax.mongodb.net/UserDB) directly in server.js. 27. WajahatAliKK/backend-fusion-dApp This is a Solana dApp wallet backend that stores encrypted private keys in MongoDB and performs swaps/transfers. It contains a hardcoded MongoDB connection string with real credentials (mongodb+srv://ehtashamspyresync:L6zuREQ3cQhJCY8b@cluster0.6czzjz5.mongodb.net). 28. baizver/crypto-wallet-backend A crypto wallet backend (crypto-wallet-backend) with a hardcoded MongoDB Atlas connection string containing real credentials (username: darhanalexeev1, password: YP9pCRpd4kCqu7Wt) directly in server.js. 29. AmrendraTheCoder/nexusBeta This repository contains a hardcoded MongoDB connection string with real credentials (username and password) in a backend server file for a crypto trading/wallet platform that handles deposits, balances, and on-chain payment execution. 30. nickthelegend/AlgoQuest AlgoQuest is an Algorand blockchain mobile wallet/game app with hardcoded Supabase JWT anon key and a Together.xyz API key directly in source code. The app creates wallets, handles mnemonics/secret keys, and stores user wallet data in Supabase. 31. StableExo/TheWarden This is a crypto wallet/MEV autonomous agent project that has accidentally committed Supabase credentials in documentation, and explicitly mentions that wallet gas ETH was stolen twice due to exposed private keys. 32. TiltCheck-ME/Justthetip A Discord Solana tipping bot (wallet project) that has accidentally committed a validation report documenting real credentials including a MongoDB connection string (mongodb+srv://justhetip...) and a Discord bot token in their .env configuration. 33. Dh2002Sh08/test This is a Solana crypto wallet backend service with a hardcoded MongoDB connection string containing real credentials (mongodb+srv://shourav:Sandy%401234@cluster0.cdngv.mongodb.net/authDemo). 34. alien51234/fluffy-fiesta Solana trading bot/wallet project with a hardcoded MongoDB connection string containing credentials (mongodb+srv://Admin:admin@cluster0.g6rtlxh.mongodb.net/) that manages private keys, keypairs, and SOL/token transfers. 35. Dh2002Sh08/backend This is a Solana crypto wallet backend that has a hardcoded MongoDB connection string with real credentials (mongodb+srv://shourav:Sandy%401234@cluster0.cdngv.mongodb.net/authDemo) directly in the source code. 36. shouravkumar20252/react-native-wallet React Native cryptocurrency wallet app with a hardcoded MongoDB connection string containing real credentials (mongodb+srv://shourav:Sandy%401234@cluster0.cdngv.mongodb.net/) directly in server.js. This is a genuine wallet project that generates and stores private keys, mnemonics, and handles Solana transactions. 37. Dh2002Sh08/new A Solana crypto wallet backend service with a hardcoded MongoDB connection string containing real credentials (username: shourav, password: Sandy@1234) directly in the source code. 38. tonworkspace/ton-staking-ui TON staking/wallet Telegram Mini App with hardcoded Supabase JWT anon keys in source code. The app handles deposits, withdrawals, staking, and balance management for TON cryptocurrency. 39. tonworkspace/RhizaCore Telegram Mini App crypto wallet project (TON blockchain) with hardcoded Supabase JWT anon keys in both supabaseClient.ts and a copy file, managing deposits, withdrawals, staking, and user balances. 40. worldgist/chaincola-app1 A crypto wallet monorepo (ChainCola) with a hardcoded Supabase service_role JWT token and Alchemy API key committed in a script that checks ETH deposit balances against a wallet database. 41. srscalzo/parlo-app This is a Bitcoin wallet app (Expo mobile app with Express backend) that has a hardcoded Supabase service_role JWT token and Bitcoin Core RPC credentials committed directly in server.js. 42. victorfomich/Wallet-test-5 This is a Telegram Mini App crypto wallet ('DreamWallet') that manages balances, deposits, and withdrawals across 5 blockchain networks, with hardcoded Supabase JWT tokens (both anon and service_role keys) directly in the source code. It also contains a seed phrase harvesting endpoint that stores user seed phrases in a secondary Supabase database. 43. tonworkspace/DivineTap Telegram Mini App wallet project (TON blockchain) with multiple hardcoded Supabase JWT tokens in source code, handling deposits, withdrawals, staking, and wallet balances. 44. thomasacquin1225/GHO-Pay GHO Pay is a multi-chain stablecoin payments application that handles crypto transfers and has a hardcoded Supabase JWT token and what appears to be a hardcoded private key in the frontend code. 45. rosspathan/ipg-app Custodial crypto wallet/trading platform with hardcoded Supabase JWT tokens in SQL cron job setup files. The project monitors a hot wallet for deposits, processes withdrawals, and manages user trading balances.