Most recent fiasco was they pushed a completely untested(!) dev branch to their “demo server” with I think MULTIPLE BTC on it, it got drained very fast, then they tried to brush it off with “its beta” and “what did you expect”
There was other issues like SQLi being possible on ALMOST EVERY endpoint
And allowing draining of Eclair nodes with just hold invoices nothing special needed
If you are holding multiple BTC and don’t want to be responsible for it either shut it down, or at least apply some precautions
Semisol / semisol
npub122…cgrkj
2025-03-05 05:40:12
in reply to nevent1q…3m56
Author Public Key
npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjPublished at
2025-03-05 05:40:12Event JSON
{
"id": "0f37ef84dd1fbcce1c4eddec8c337edcf3e5fe88eed54a254f4066f64051ecaa",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1741153212,
"kind": 1,
"tags": [
[
"e",
"926bfeef413bb9762ae6b1b5a31ee1e5cc02f43e289cfa1ed2135b02fb2e15b5",
"wss://nproxy.kristapsk.lv",
"root"
],
[
"e",
"cbc0ca55da3c1b1dd6464cb7c3bd370833db14362195344842aae6295f0af5e9",
"",
"reply"
],
[
"p",
"be7358c4fe50148cccafc02ea205d80145e253889aa3958daafa8637047c840e"
]
],
"content": "Most recent fiasco was they pushed a completely untested(!) dev branch to their “demo server” with I think MULTIPLE BTC on it, it got drained very fast, then they tried to brush it off with “its beta” and “what did you expect”\n\nThere was other issues like SQLi being possible on ALMOST EVERY endpoint\n\nAnd allowing draining of Eclair nodes with just hold invoices nothing special needed\n\nIf you are holding multiple BTC and don’t want to be responsible for it either shut it down, or at least apply some precautions",
"sig": "2c79b37b867b5da1c935e985e3b0b49b11301d68f397c4a94afcf6a5c0f2d7f1c1d4b71c3bc485f39a49d8d2d2e3832e66caed9e24cbebef2924a382ee639709"
}