A dev reported a vulnerability via email and the bounty payment to them was made in ...

2024-06-27 19:46:19

A dev reported a vulnerability via email and the bounty payment to them was made in ecash via email as well.

Nice.

Thank you Nodesignal Podcast (npub1n0d…02cy) 👏

quoting
nevent1q…z6ef
The first bounty has been claimed by tragic (npub1u07…ez97). He responsibly disclosed and fixed a vulnerability in the Nutshell's multinut payment feature that could have lead to loss of funds if abused by an attacker. Nutshell mint runners are unaffected if they're running a release version since the vulnerability was caught before making it into any new release.

Of course the bounty of 100k sats was paid out as Cashu tokens (and sent as a simple string via email.

Thank you tragic (npub1u07…ez97) for contributing to cashu🧡
note162d…texm

Author Public Key

npub12rv5lskctqxxs2c8rf2zlzc7xx3qpvzs3w4etgemauy9thegr43sf485vg

Seen on

wss://nostrpub.yeghro.site wss://nostr-pub.wellorder.net wss://nos.lol wss://relay.noswhere.com

Show more details

calle 👁️⚡👁️ on Nostr: A dev reported a vulnerability via email and the bounty payment to them was made in ...