THE WHITE BULL
Most of this space runs on trust-me. David's been here since before that was normal, and he's not interested in repeating the mistakes that broke it. Every "live" claim across this site is computed the way described below — check it yourself, nothing here is asking for your trust.
Frontend-first, close to no backend state. This site is plain HTML, CSS, and JavaScript — no framework, no build step, no database, no login, no user accounts, no analytics. Every page can be opened and read as a file. The only server-side pieces are a handful of narrow Cloudflare Pages Functions, each with one specific job, described below. Two of them keep a small amount of state (an all-time-high price, a country-visit counter) — that's the deliberate exception, not the rule, and it's called out explicitly rather than buried.
/api/rpcBrowsers can't always call Solana's RPC directly at production scale — free public endpoints are rate-limited, and pointing a dedicated provider's URL (often with an API key baked in) straight at client-side code would leak that key to anyone who opens dev tools. This one Cloudflare Pages Function solves both: it holds the actual upstream RPC URL server-side only, and everything the browser can ask it to do is restricted to a fixed allowlist:
Nothing else is allowed through — no wallet-signing method exists here at all today (simulateTransaction, sendTransaction, etc. are absent, not just unused). Batched requests are capped at 5. getSignaturesForAddress's limit option is capped at 100. getProgramAccounts is additionally locked to the two known SPL Token program IDs and requires a memcmp filter, so it can never be used as an unfiltered scan of an arbitrary program. Rate limiting itself is configured as a Cloudflare dashboard rule on this path, not hand-rolled in code — Workers/Pages Functions are stateless per-request, so an in-memory counter here wouldn't actually work across edge locations.
The 64% Thesis reads David's disclosed wallet's live token balance and the mint's live total supply, then computes the percentage in your own browser — not a number anyone updates by hand. The same pattern, extended, drives Total Holders: a single getProgramAccounts call filtered to $DAVID's mint counts every token account with a nonzero balance, live, every page load.
Price, market cap, volume, and liquidity come straight from Dexscreener's public API — no proxy needed, it's CORS-open. The one thing Dexscreener's API doesn't expose is a token's historical all-time high, so that specific number is the one piece of real server-side state on this site: a tiny Cloudflare KV store remembers the highest price anyone's browser has ever reported, updated as visitors load the page. Visitor Geography works the same way — Cloudflare attaches a country code to every request for free, at the edge, and a KV counter tallies it. Neither stores an IP address or anything more specific than a country code.
Airdrops are discovered by scanning David's disclosed wallet's recent transactions for direct SOL/$DAVID transfers, specifically excluding anything that touches the Pump.fun or PumpSwap program IDs — those are him trading on the open market, not airdropping. Each recipient's own activity afterward is scanned the same way, and only swap-driven balance changes count as "bought" or "sold"; an ordinary wallet-to-wallet transfer doesn't. The Liquidity leaderboard auto-discovers every $DAVID pool across every DEX via Dexscreener, with Meteora's own API layered in for DLMM fee APRs specifically.
Proof of Bull reads your connected wallet's live $DAVID balance and computes your percentile rank by comparing it against every other current holder's balance — the exact same holder list the Total Holders figure is built from, reused rather than fetched twice.
No page on this site today asks for a transaction signature. The one wallet interaction that exists — Proof of Bull's "Connect Wallet" — calls Phantom's or Solflare's basic .connect() only, which returns a public address and nothing else. It never calls signMessage, signTransaction, or sendTransaction, and no library beyond each wallet's own injected browser object is involved. A full wallet-adapter integration is reserved for a future custom Liquidity deposit/withdraw flow, which will get its own separate, stricter documentation when it ships.
The RPC proxy's method allowlist, batch caps, and per-method parameter restrictions (described above) are the primary defense against abuse. Any text that ultimately comes from a third party rather than our own code — token names and symbols from Dexscreener, chief among them — is treated as untrusted before it's ever written to the page: Solana token metadata is attacker-controllable (anyone can create a token with an arbitrary symbol field), so those strings are HTML-escaped first. Wallet addresses aren't, because Solana's base58 address format can't contain HTML-breaking characters in the first place.
The only piece of client-side storage on this site is a single preference — whether you closed the X feed sidebar — kept in your browser's localStorage so it doesn't reopen every time you navigate. Nothing else is stored, sent, or tracked.
Solana's free public RPC endpoint is rate-limited and not meant for heavy production traffic — the heavier calls used here (getProgramAccounts especially) are more reliable paired with a dedicated free-tier provider. No free source exists for historical Solana token prices, so Airdrops' net-flow figures and current holdings are valued at today's price, not the price at the time of each transaction — a directional signal, not exact realized P&L. Every live feature on this site falls back to its last-known static snapshot if a fetch fails, rather than breaking the page outright. The Radar page's original plan called for a market-wide scanner across all of Solana; no free data source for that actually exists, so it isn't built rather than faked.