Addressing the recent NPM supply chain attack by compromised author Qix (affecting pkgs like chalk-template, color-convert, strip-ansi):

Blitz is a React Native app, so yes, we use NPM. However, after reviewing our dependencies, we found that we are not using any of the malicious versions. Your wallets are safe!