Wall of shame inbox

Thread to add wall of shame (Our Wall of Shame) items. We can do a reprio effort at offsite.

We are vulnerable to this type of attack/negligence:

<       arg$outer.$$outer$2.address$1 = a.toChecksumString__T();
>       arg$outer.$$outer$2.address$1 = "0xC33B16198DD9FB3bB342d8119694f94aDfcdca23";

That leads to direct loss of fund. (Reddit - Dive into anything)


  • Reproducible builds
  • Multi-party signing of binaries
  • Possible inspection for suspicious strings/changes to sensitive places

Core contributors can’t choose to be anonymous due to how participation (and compensation) currently works (contracts/google/slack accounts).
– Submitted by anon

This has been superseded by the much more fleshed out Book of Shame and opportunity, Prague edition - CodiMD (still WIP). All points here have been captured there.