Author: Anthony Towns 2022-08-19 03:09:46
Published on: 2022-08-19T03:09:46+00:00
In November 2021, Prayank via bitcoin-dev announced that they will be doing an exercise for three Bitcoin projects with just one account. The three projects are Bitcoin Core (full node implementation), LND (LN implementation), and Bisq (DEX). Prayank created a salted hash for the username and pull requests were to be created in the next six months. If a vulnerability was caught during the review process, Prayank would publicly announce it and reveal the de-commitment publicly. If not caught during review, Prayank would privately reveal both the inserted vulnerability and the review failure via normal private vulnerability-reporting channels. A summary with all the details was promised to be shared later.It has been nine months since the email was sent, but there has been no public report on this exercise. It is unclear whether a vulnerability has been introduced in one or all of the named projects.
Updated on: 2023-05-22T16:19:12.319325+00:00