except if you check the bitcoin core repo, all the PRs have extensive code revie... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gruez on Jan 2, 2023 \| parent \| context \| favorite \| on: “My PGP key is compromised, and at least many of m... except if you check the bitcoin core repo, all the PRs have extensive code reviews done before they're merged. the chance of a supply chain attack (eg. node-ipc) is low.

Nursie on Jan 2, 2023 [–]

Are we sure that the code review process hasn’t been compromised if one of the core developers’ key has been?

It seems reasonable that some due diligence in this area be done in light of this discovery.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact