Nostr Web Client

I reported a double-spending bug in Cashu, and they asked me not to disclose it for one year.

Floppy found a DoS vector, received a grant for it, and gave them how much time? Two weeks? Not happy with that, they threatened to attack the mints. What attracts these kind of psycos to the FOSS circles?

David A. Harding 1mo ago 💬 3

Who gave him a grant?

Thanks for making your disclosure responsibly.

Reply to this note

Please Login to reply.

Discussion

SatsAndSports 1mo ago 💬 1

Calle mentions a bounty here:

https://njump.me/nevent1qqsgxnm8s2y6fr9p0ccqeg45n9cm54c3mcg89fkvef7jttxy0x7zddcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygzsm98u9kzcp35zkpc62shck8335gqtq5yt4w26xwl0pp2a72qavvpsgqqqqqqsm0uy6y

lontivero 1mo ago

You're right. Bounty is the correct word. I didn't know the difference until now.

chrizzz 1mo ago

nostr:nevent1qqsgxnm8s2y6fr9p0ccqeg45n9cm54c3mcg89fkvef7jttxy0x7zddcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygzsm98u9kzcp35zkpc62shck8335gqtq5yt4w26xwl0pp2a72qavvpsgqqqqqqsm0uy6y

calle 1mo ago

We paid him a small bounty hoping it would show that it would show we're on his side. In hindsight, we shouldn't have done it. It turns out, ultimately, he's more interested in creating damage and drama than anything else.