1. Lakshmikanth-3/privateBTC A Bitcoin privacy bridge wallet project that has committed a Bitcoin private key (SENDER_PRIVATE_KEY=cNi5VZEsuaQsryLw2XdLuNU6u5K6QJnmVno3yebTUwGBDvwZH1eb) directly in its documentation, along with a SQLite database (better-sqlite3) storing withdrawal authorizations and vault data with encrypted amounts. 2. Dipec001/investment-website Investment/crypto website with hardcoded PostgreSQL database credentials committed directly in source code, containing user balances, deposits, withdrawals, and wallet addresses. 3. JediOfNodeJS/ethereum-auto-withdrawal-wallet Ethereum auto-withdrawal wallet that stores private keys, seed phrases, and wallet data in a SQLite database, with a hardcoded private key directly in the source code. 4. igoigloo/FairHold_ETH A crypto escrow wallet platform (FairHold_ETH) that has accidentally committed what appears to be a real Coinbase CDP private key directly in its API-SETUP-DOC.md file, not as a placeholder but as an example that looks like an actual downloaded credential. 5. KANAGARAJ-M/PythonBOTS_Telegram Telegram bot for a crypto airdrop/wallet scheme with hardcoded Supabase credentials and Telegram bot token committed directly in source code. The bot collects user BNB wallet addresses and processes withdrawals via Supabase. 6. enaya12q/samrt_coin_bot Telegram bot crypto wallet project with hardcoded Supabase service role key, Telegram Bot Token, and Telegram API ID committed directly in source code. 7. Dpkaction/gacurrency A crypto wallet project (GSC/VAGS blockchain wallet) with accidentally committed Supabase credentials and Telegram bot token hardcoded directly in DEPLOYMENT.md. 8. ethpanda-org/ETHShanghai-2025 A hackathon project (PayWay) has accidentally committed real Supabase credentials, a SendGrid API key, and most critically a platform wallet private key that controls fund releases from an escrow smart contract handling USDT payments. 9. mateusin06/btc-5m Polymarket trading bot with hardcoded Supabase credentials (anon key AND service role key) and a payment wallet address committed directly in source code. The bot handles crypto trading credentials including private keys stored in Supabase. 10. affaan-m/stoictradingAI Autonomous Solana trading bot with real, accidentally committed credentials including Solana private keys, Supabase credentials, OpenAI API keys, Groq API keys, Twitter credentials, and database passwords 11. VinzSenzoo/HerafiAutoBot-NTE A Telegram bot for automated DeFi swaps on HeraFI testnet that contains hardcoded Supabase API keys (JWT anon tokens) used to report transactions to a Supabase backend. 12. HEMONY/smart-coin_app A crypto coin/wallet Telegram app ('smart-coin') with hardcoded Supabase service role key, Telegram Bot Token, and Telegram API ID committed directly in source code. The app generates wallet addresses and stores user wallet data in Supabase. 13. Dpkaction/gsc-vags-foundation A GSC blockchain wallet project that has accidentally committed real Supabase credentials and a Telegram bot token directly in the DEPLOYMENT.md file, not as placeholders but as actual production values. 14. Dpkaction/gsassetcurrency A crypto wallet project (GSC/VAGS blockchain wallet) with accidentally committed Supabase credentials and a Telegram bot token directly in DEPLOYMENT.md, matching the search criteria for wallet projects with hardcoded sensitive credentials. 15. Dpkaction/brasetz A blockchain wallet project (GSC/VAGS) that has accidentally committed real Supabase credentials and a Telegram Bot Token directly in DEPLOYMENT.md, handling crypto wallet operations including sending, receiving, and storing private keys. 16. Dpkaction/gs-currency A crypto wallet project (GSC/VAGS blockchain wallet) that has accidentally committed real Supabase credentials and a Telegram Bot Token directly in DEPLOYMENT.md. 17. Dpkaction/brasetzgsc A crypto wallet project (GSC blockchain wallet) with real Supabase credentials and a Telegram bot token hardcoded directly in the DEPLOYMENT.md file, matching the search criteria for accidentally committed credentials in wallet projects. 18. Dpkaction/brasetzwabs A blockchain wallet project (GSC/VAGS) that has accidentally committed real Supabase credentials and a Telegram bot token directly in DEPLOYMENT.md, not as placeholders but as actual production values. 19. Dpkaction/brasetzwabsgsc A blockchain wallet project (GSC/VAGS) that has accidentally committed real Supabase credentials and a Telegram bot token directly in DEPLOYMENT.md, matching the search criteria for wallet projects with leaked credentials. 20. Dpkaction/brasetzgscwabs A blockchain wallet project (GSC/VAGS) that has accidentally committed real Supabase credentials and a Telegram Bot Token directly in DEPLOYMENT.md, rather than using environment variable references. 21. Dpkaction/brasetz-final A crypto wallet project (GSC/VAGS blockchain wallet) with real Supabase credentials and a Telegram bot token hardcoded directly in the DEPLOYMENT.md file, not using environment variables properly. 22. Dpkaction/brasetzfinal A blockchain wallet project (GSC/VAGS) that has accidentally committed real Supabase credentials and a Telegram Bot Token directly in the DEPLOYMENT.md file, rather than using environment variables properly. 23. Dpkaction/brasetzgsc-final A crypto wallet project (GSC/VAGS blockchain wallet) with real Supabase credentials and a Telegram bot token hardcoded directly in DEPLOYMENT.md, matching the search criteria for accidentally committed credentials in wallet projects. 24. HEMONY/smart_compat_bot A crypto coin Telegram bot project ('Smart Coin') with hardcoded Supabase service role key, Telegram Bot Token, and Telegram API ID directly in source code. The project handles wallet addresses, mining, and digital card purchases. 25. intruvurt-labs/v3min8e Repository contains a committed markdown file with what appear to be real API keys and credentials for a crypto/blockchain platform including Telegram bot tokens, Supabase credentials, JWT secrets, encryption keys, Helius RPC API keys, and Solana payment wallet addresses. 26. zakirullah/shibalab A SHIB crypto mining/investment platform with hardcoded Supabase credentials (including service_role key) committed directly in source code and .env.example, along with admin credentials and a platform wallet address. 27. kevinorin/empires This game development repository has accidentally committed real Supabase credentials including the database URL with password and the anon key in a markdown planning document. 28. Krishnav1/windsurf-project Asset tokenization platform with real Supabase credentials, a deployer wallet private key, Razorpay keys, Resend API key, and Pinata API keys all committed in .env.example 29. zakirullah/shibalab-mining Crypto mining/investment platform (ShibaLab) with hardcoded Supabase credentials including the service_role key committed directly in source code and .env.example, along with admin credentials and a platform wallet address. 30. OxBryte/sui-tracking-bot Telegram bot for tracking SUI blockchain wallet transactions with hardcoded MongoDB credentials and Telegram bot token committed directly in source code. 31. farrelputra16/caller-bot A Solana sniper/caller Telegram bot with hardcoded MongoDB Atlas credentials, Helius API key, and Telegram bot token committed directly in source code. The bot tracks wallet transactions for crypto trading signals. 32. NotoriousBigg/EscrowBot Telegram escrow bot for crypto transactions with hardcoded MongoDB Atlas credentials committed directly in main.py, connecting to a live database handling real crypto trades. 33. seneko98/Solove Telegram dating bot with Solana wallet integration that has hardcoded MongoDB credentials and Telegram bot token committed directly in source code. 34. QuantFi-Ai/SolMAte This repository contains hardcoded Twitter OAuth credentials (client_id and client_secret) directly in the source code, and is a crypto-adjacent social/wallet platform that stores wallet addresses and trading data. 35. WajahatAliKK/backend-fusion-dApp A Solana wallet dApp backend with hardcoded MongoDB Atlas credentials and a QuikNode mainnet RPC API key committed directly in the source code. The service generates Solana keypairs, encrypts private keys, and stores them in the exposed MongoDB database. 36. playdroplink/drop-link-v2-18 Production env file committed with real Supabase credentials (including service role key, JWT secret, Postgres passwords), MongoDB URI with credentials, Pi Network API keys, and wallet configuration for a Pi Network payment-processing application. 37. Devo-MH/web3-protfolio This repository's env.example file contains what appear to be real, hardcoded credentials including private keys, a MongoDB Atlas connection string with username/password, JWT secret, Infura API key, Etherscan API key, Pinata JWT, and NFT Storage token 38. HackathonNiger/submissions Hackathon project with real MongoDB Atlas credentials and JWT secrets committed directly in README files. This is a fintech savings platform (not a crypto wallet), but contains accidentally committed database credentials. 39. gauravghatol/BitVault Bitcoin wallet management system with real MongoDB credentials, JWT secret, encryption keys, and Gmail app password accidentally committed in DEPLOYMENT.md.