pull down to refresh
0 sats \ 1 reply \ @elysia 15 Dec 2023 \ on: LNbank Vulnerability Recap ยท d11n ๐ฏ๐ฆกโก๏ธ๐๐ bitcoin
NYK, NYC
This was more of a #reckless than a "No keys no cheese" situation.
Affected users had their keys. The issue was that they delegated those keys to an algorithm that automates signing. A bug in the algorithm allowed attackers to "trick" the software into signing wallet draining transactions.
Only delegate signing to audited or time tested code. Or mitigate loss by only delegating keys with minimal funds.
reply