pull down to refresh
118 sats \ 0 replies \ @nullcount 15 Dec 2023 freebie \ parent \ on: LNbank Vulnerability Recap ยท d11n ๐ฏ๐ฆกโก๏ธ๐๐ bitcoin
This was more of a #reckless than a "No keys no cheese" situation.
Affected users had their keys. The issue was that they delegated those keys to an algorithm that automates signing. A bug in the algorithm allowed attackers to "trick" the software into signing wallet draining transactions.
Only delegate signing to audited or time tested code. Or mitigate loss by only delegating keys with minimal funds.