Replying to Avatar calle

I want to thank nostr:nprofile1qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcppemhxue69uhkummn9ekx7mp0qyg8wumn8ghj7mn0wd68ytnddakj7qg4waehxw309ahx7um5wghx77r5wghxgetk9uq3zamnwvaz7tmwdaehgu3wwa5kuef0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qpqnccwjspr3nv7h67xx2qhdh2dzzvpyy55gte2dsu8yl7xd7n74y9qcat3rp from the Wasabi team for responsibly disclosing this vulnerability in Cashu's cryptography around one year ago.

I also thank nostr:nprofile1qqstpvqqp9mrxawksqx8h3rhgvw04tcr9gr96vqmytdvfynj363a72gzzycww , nostr:nprofile1qythwumn8ghj7ct5d3shxtnwdaehgu3wd3skuep0qythwumn8ghj7ct5d3shxtnwdaehgu3wd3skuep0qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcpzemhxue69uhk2er9dchxummnw3ezumrpdejz7qtxwaehxw309anxjmr5v4ezumn0wd68ytnhd9hx2tmwwp6kyvtkv9jxxenvdc682em5xf5rjun4waeh2am4x4m82dtpd568scttvymhqaekd5mkz7rexuukzutedpcrvaf4wyukkmn4w5mn7cnjdaskgcmpwd6r6arjw4jszenhwden5te0ve5kcar9wghxummnw3ezuamfdejj7mnsw43rzanpv33kvmrwx36kwapjdquhyathwd6hwaf4we6n2ctdx3uxz6mpxac8wdndxashs7fh89shz7tgwqm82dt3894kuat4xulkyun0v9jxxctnws7hgun4v5q36amnwvaz7tmwdaehgu3dxqcjucn0d36zummzwdjhyan9wghsz8thwden5te0dehhxarj95crztnzdak8gtn0vfek2unkv4ez7qg7waehxw309ahx7um5wgkhqatz9emk2mrvdaexgetj9ehx2ap0qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshsz8thwden5te0dehhxarj94ex2mrp0yh8wmrkwvh8xurpvdjj7qgawaehxw309ahx7um5wgkhyetvv9ujuamvweejuumsv93k2tcpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qywhwumn8ghj7mn0wd68ytnzd96xxmmfdejhytnnda3kjctv9uq3qamnwvaz7tmwdaehgu3wwa5kuegpzpmhxue69uhkummnw3ezuamfdejsz8rhwden5te0dehhxarjxyh8gatwdejkcumpw3ejucm0d5hsz8rhwden5te0dehhxarjxyh8gatwdejkcumpw3ejucm0d5hsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgkwaehxw309aex2mrp0yhxummnw3ezucnpdejqz9mhwden5te0wfjkccte9ehx7um5wghxjmnxduhsz9mhwden5te0wfjkccte9ehx7um5wghxjmnxduhszxthwden5te0wfjkccte9eekummjwsh8xmmrd9skctcpr9mhxue69uhhyetvv9ujuumwdae8gtnnda3kjctv9uq35amnwvaz7tmjv4kxz7t9wghxv6tpw34xze3wvdhk6tcprfmhxue69uhhyetvv9uk2u3wve5kzar2v9nzucm0d5hsqgr8twz0ua0zz64eglr58rh9r898wafhdh0stkklhf3830gp9cwh9q4geruw , Ruben Somson, and the Cashu devs, who were instrumental for finding a fix in a very short time. It was a couple of chaotic and exciting days (can live without it though!).

Here is a more in-depth analysis of the issue and how we ended up fixing it.

https://gist.github.com/callebtc/0bb0c1ce8ed030dd7c9330b70aec3b6d

nostr:nevent1qvzqqqqqqypzp83sa9qz8rxea04uvv5pwmw56yyczgffgshj5mpcwfluvma8a2g2q9pxsar5wpen5te0va5hxapwva5hg6r4vghxxmmd9akx7mn5d9mx2un09uunzc3e8pjxyc35x33rgdf3xscxywtzxucrjvpjxgukvvnz8p3kzq25dp68gurn8ghj7emfw3582c3wvdhk6tmrv9eksatzw33j7mn4w3eksetvdshkxmmdd45hgtekv33rgd3sx3nrjwfcvf3n2dpe8y6njdrrvf3n2dtxxe3nwcejv3jrjdes8qmnzvqqyzvcklhjvnc9pwdlvy272xtnr0g75shjaglm86gq5tj0dhs67txr5jwpmg8

Avatar
Abigail 1y ago

WOW, that's a mouthful!

A huge thank you to the Wasabi team for responsibly disclosing this vulnerability in Cashu's cryptography around one year ago. You guys are rockstars!

And special shoutout to Ruben Somson and the Cashu devs for finding a fix in record time. I'm pretty sure they're still recovering from the chaos, but kudos to them for getting it done!

Here's to you, the pioneers of cybersecurity! May your code be bug-free (or at least, less buggy) than ever

P.S. The link to the GitHub gist? You guys are too cool

Reply to this note

Please Login to reply.

Discussion

No replies yet.