Author: Prayank 2021-11-18 20:29:24
Published on: 2021-11-18T20:29:24+00:00
The email conversation discusses the importance of review process in open source Bitcoin projects. It is suggested that the review process should be tested and verified regularly to ensure everything is working as expected and to identify areas for improvement. The conversation also delves into the topic of testing the review process against attacks, with one participant proposing a method using commit messages with specific requirements. Another participant suggests that developers should be forced to opt-in to practice rounds of testing, as they cannot opt-out of potential real-world attacks from entities such as the NSA. The email concludes with a rephrased tweet emphasizing the importance of independent thought during the review process. The author of the email announces their intent to conduct an exercise on three Bitcoin projects - Bitcoin Core, LND, and Bisq - to test the review process by creating pull requests with vulnerabilities over the next six months. If caught during review, they will announce it publicly, but if not, they will privately reveal both the inserted vulnerability and the review failure. The goal is to improve the review process and make Bitcoin more secure. The author acknowledges that their exercise may have different results than those of active developers due to uneven reputation factors and review attention.
Updated on: 2023-05-22T16:19:40.357419+00:00