1. VDominik/SolanaFunding Solana crowdfunding platform (Anchor-based) with hardcoded Supabase anon key committed directly in multiple frontend source files. 2. moneymagic/memeflow Solana copy trading platform (Memeflow) with accidentally committed full Supabase anon key and service_role key in documentation/deploy guide files. 3. kurai021/lcdlab-auctionhouse Solana NFT auction house project with hardcoded Supabase service_role key and anon key committed directly in source code across multiple files, plus a hardcoded Solana keypair secret and QuikNode RPC endpoint. 4. MaoAstud/shift-backend Committed .env file contains a real Supabase service_role JWT key in a Solana (Anchor) blockchain backend project. 5. molt-dev/openclawnch Solana token launcher (pump.fun SDK) with a hardcoded Supabase anon key committed directly in source code (launch.js). This is a real credential in a real blockchain project. 6. anumukul456/Hackathon- Solana blockchain hackathon project with accidentally committed Supabase anon key (full JWT token) hardcoded in the README file. 7. phanh0993/trackerwallet Solana wallet tracker project with hardcoded Supabase service_role JWT key and PostgreSQL database credentials (including password) committed directly in config.py as default values. 8. tr1h/huma-chain-xyz Solana Tamagotchi play-to-earn game with a hardcoded Supabase anon key directly in the JavaScript config file (js/config.js), committed to the repository. 9. IAmPrem7685/nft-E-ticketing Solana NFT e-ticketing project with a committed .env file containing real Supabase anon key, Helius API key, Solana admin private key, and Pinata credentials. 10. executiveusa/newworldkids Repository contains real, full Supabase credentials (anon key + service_role key) committed in .env.example and .env.production files, along with a Vercel token, for a nonprofit platform with Solana blockchain donation functionality. 11. akalavre/panicswap-production PanicSwap is a Solana swap/trading platform that has accidentally committed real Supabase credentials (both anon and service_role keys), Helius API keys, Moralis API keys, and CoinGecko API keys across multiple files including .env.production, .env.example, env-config.php, and hardcoded in JavaScript config. 12. 3rdeus/AI-Gem-Hunter Solana token safety/trading bot ('AI Gem Hunter') with accidentally committed .env and .env.velocity files containing real Supabase service_role JWT key, Helius API key, Solscan JWT, Birdeye key, GoPlus credentials, Telegram bot token, and more. 13. ExpertVagabond/seekerchat Solana chat app with hardcoded Supabase anon key and Helius RPC API key committed directly in source code. This is a real Solana project (token-gated chat for Saga/Seeker phones) with real, full credentials. 14. edusancheez2005/whale-transaction-monitor Whale transaction monitor for Ethereum/Solana/Polygon with real Supabase credentials (both anon key and service_role key) hardcoded in config/api_keys.py, along with dozens of other real API keys for blockchain services. 15. AyushRajSinghParihar/SolSign Solana document-signing project (SolSign) with multiple real Supabase service_role keys, Helius API key, Gemini API key, Resend API key, and Supabase JWT secret hardcoded in deployment documentation files committed to the repo. 16. spidey000/discord_wallet_verification Discord wallet verification bot for Solana with accidentally committed real Supabase service_role key and Discord bot token hardcoded in deployment_instructions.md. 17. smitskecbs/cbs-coin Solana-based CBS Coin community project with hardcoded Supabase anon keys and a Helius RPC API key committed directly in HTML source files. 18. wujiantao123/solana-grpc-stream- Solana copy-trading/smart wallet bot with multiple real accidentally committed credentials: Supabase anon JWT key, multiple Helius RPC API keys, a bearer auth token for a monkey trading API, and a bearer token for tradewiz copy trading API. 19. flipfindotfun/flipfin Solana trading bot/sniper platform with accidentally committed .env.local containing real Supabase anon key, service_role key, Helius API keys, Birdeye API key, Twitter API credentials, Groq API key, and a Supabase database connection string with password. 20. OpenClawTrade/launchpadv3 Solana launchpad project with a real Supabase anon key hardcoded in a committed BACKUP/FULL_MIGRATION_GUIDE.md file, tied to project ID ptwytypavumcrbofspno. 21. zfu9751-a11y/solana-behavioral-intelligence-api Solana wallet analytics project with a real Supabase anon key hardcoded directly in the index.html file, along with the Supabase project URL. 22. Fanominals/slither.io-clone Slither.io clone game with Solana integration that has accidentally committed a .env.development file containing real Supabase anon key, Solana house wallet private key, and Helius API key. 23. PotatoManchild/WalletWars-v2 Solana blockchain project (WalletWars tournament platform) with a real Supabase anon key hardcoded in config.js, committed directly to the repository. 24. xxcode2/shadowpay Solana privacy payment platform with accidentally committed Supabase anon key, service_role key, Helius API key, Solana private key, and JWT secret in .env files. 25. affaan-m/stoictradingAI Autonomous Solana trading bot (Eliza-based) with a committed .env file containing real Supabase credentials (service_role key, anon key, database URL with password), Helius API key, Solana private keys, OpenAI API key, Groq API key, Twitter credentials, and more. 26. Alexanfr-God/solana-style-studio Solana-related project (wallet customization studio) with accidentally committed .env file containing a real Supabase anon key and a Helius RPC API key with credentials hardcoded. 27. TradeUpCards/FFFanalytics_old Committed .env file contains a real Supabase anon key (full JWT starting with eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9) and Helius API keys in a Solana analytics project using Anchor. 28. MarkyWizz/paperhands Solana token reward project ('paperhands') with accidentally committed .env file containing real Supabase anon JWT keys, Helius API keys, and a Solana wallet secret key. 29. barkprotocol/blink-commerce-template Solana e-commerce project with accidentally committed real Supabase credentials (anon key, service_role key, JWT secret, Postgres password) and Helius API keys hardcoded in both .env and vercel.json files. 30. sfg5335/nftvault Solana NFT fractionalization platform with accidentally committed .env file containing real Supabase credentials (anon key, service role key, JWT secret), database passwords, Helius API key, and encryption keys. 31. 0xneox/zibsolx Solana crypto trading platform (ZibFin) with accidentally committed .env file containing real Supabase anon key, Solscan API key, Alchemy API keys, Helius API key, and ExtrNode API key. 32. mikefay331/forums Committed .env.local file contains real Supabase anon key and service_role key (full JWTs), plus Helius RPC URL, PocketBase admin credentials, and Dexscreener pair config for a Solana-related crypto project. 33. fezola/bullet Solana trading bot (sniper/MEV) with hardcoded Supabase anon key AND service_role key committed as fallback defaults in source code config file. 34. dmustapha/whalevault Solana privacy vault project with real Supabase anon key and Helius API key hardcoded in committed vercel.json configuration file. 35. EmediongPeter/tiwi-super-app A Solana/crypto 'super app' with a committed .env file containing multiple real API keys, Helius RPC keys, Moralis JWT tokens, Bitquery keys, a deployer private key, and Supabase credentials. 36. barkprotocol/airdrop-launchpad Solana airdrop dApp with accidentally committed .env file containing real Supabase credentials (anon key, service role key, JWT secret), PostgreSQL passwords, and a Helius API key. 37. Zkqxjdz/lobstargames A Solana-related crypto blackjack game ("Lobstar Games") with a hardcoded Supabase anon key committed directly in game.html source code. 38. annachou5566/wave-alpha Repository contains a hardcoded Supabase anon key (full JWT starting with eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9) committed directly in script.js. The project is a Telegram Mini App for crypto tournament volume tracking related to Binance CEX/DEX trading. 39. aicarcwallet-arc/hackthone Blockchain hackathon project (Arc Testnet / Circle Bridge Kit) with hardcoded Supabase anon key and a private key for a minter wallet committed directly in HTML source code. 40. billsBucket/MaPi Repository contains a real, full Supabase anon key (eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...) committed directly in the README for a Solana-integrated mobile map app. 41. theoneandonly93/dope Solana SPL token wallet project with a real Supabase anon key (full JWT starting with eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9) and QuickNode RPC endpoints hardcoded in a committed .env.local.example file. 42. OliverTaylor246/3kk0 Repository contains a hardcoded Supabase anon key in apps/api/main.py for a crypto/Solana-related market data streaming platform that integrates with Jupiter (Solana DEX aggregator) and CCXT exchanges. 43. ShadowCorp-Dev/Zero Repository contains a hardcoded Supabase service_role JWT key committed in RAG-SETUP.md documentation for a NEAR blockchain AI portfolio tracker project. 44. Nextc1/next_main Repository contains a hardcoded Supabase anon key in source code (store.tsx) for a Solana-based real estate tokenization project using Metaplex/SPL tokens. 45. isaactolley/tokitutor Repository contains a hardcoded Supabase anon key (full JWT starting with eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9) committed in a setup guide file, used for an ERC-20 token payout system on Polygon. 46. Smarter-Poker/Smarter-Poker-Club-Arena Repository contains accidentally committed real Supabase service role key, anon key, database password, and user login credentials hardcoded in a committed CLAUDE_AUDIT_LOG.md file. 47. debtculture/debt Solana token ($DEBT) website with hardcoded Supabase anon key in both games.html and wallet-manager.js, connected to a real Supabase project for leaderboards and user profiles. 48. big-pig111/10 Repository contains a hardcoded Supabase anon key and an Alchemy API key in a Solana-connected web application (image grid with Phantom wallet integration and SPL token gating). 49. KingAceBlack/prologue Repository contains hardcoded Supabase anon JWT keys committed directly in source code (api/index.tsx), used in a Farcaster Frames project that interacts with Arbitrum blockchain (NFT minting). 50. riccardopirani/backendnodemoralis Backend Node.js server for JetCV NFTs on Ethereum/Polygon with hardcoded Supabase anon JWT key, Veriff API keys, and a Crossmint production API key committed directly in source code. 51. 0xethay/ethay-extension Ethereum-related browser extension project (ethay-extension) with a hardcoded Supabase anon key committed directly in source code (Home.tsx). 52. OnChainFest/HRkey-App HRKey is an Ethereum/Base blockchain DApp with a real Supabase anon key hardcoded in a committed HTML file (earnings-dashboard.html), and the production readiness analysis confirms additional credentials (including service_role_key) were committed in backend/.env. 53. Reoneo/vanity-box Repository contains hardcoded Supabase anon JWT keys in source code (SearchInterface.tsx) for a Web3/Ethereum profile application that interacts with ENS, OpenSea NFTs, and other blockchain services. 54. vaibhavmule/ntmu Repository contains a real, hardcoded Supabase anon key committed in SETUP.md for a Farcaster Mini App project that uses Base network (Ethereum L2) with USDC payments and smart contracts. 55. RudraBhaskar9439/VigilBot Ethereum blockchain project (Hardhat/Sepolia) with a real Supabase anon key accidentally committed directly in the README file, not as a placeholder. 56. iQube-Protocol/iQubeBeta-Program Committed .env file contains real Supabase anon key, and critically, a real Supabase service_role key (full JWTs starting with eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9) for project bsjhfvctmduxhohtllly.supabase.co, in a multi-chain (ICP/BTC/ETH/Solana) protocol monorepo. 57. WynnChan123/Medchain Ethereum healthcare dApp (Hardhat/Sepolia) with real Supabase database credentials, Sepolia private key, Infura API key, Pinata JWT, and Etherscan API key all hardcoded directly in the README. 58. suryxnshsingh/DeFiArbitrageBot Ethereum DeFi arbitrage bot with a real MongoDB connection string (including username 'Suryansh' and password 'Yatharth') accidentally committed in the .env file. 59. KANAGARAJ-M/PythonBOTS_Telegram Telegram bot for a fake VANA airdrop scam with hardcoded Supabase anon key and Telegram bot token committed directly in source code. The bot involves crypto (BNB wallet connections, airdrop claims, gas fee collection). 60. HackDotFun/Codeting Solana blockchain project (Telegram Russian Roulette game with SPL $GUN token) with a real Supabase anon key hardcoded directly in an HTML meta tag. 61. Moopanda1m/memory-flip-game A Telegram mini app (memory flip game) with hardcoded Supabase anon key in source code, connected to TON blockchain via TON Connect wallet integration. 62. bard-sol/bard Solana-related $BARD token dashboard project with a real Supabase anon key hardcoded directly in the HTML source code. 63. tonworkspace/RhizaCore TON blockchain Telegram Mini App (RhizaCore) with hardcoded Supabase anon key committed directly in multiple test JavaScript files. The full JWT token is exposed in at least 4 files.