-
@ Braydon Fuller
2025-02-22 23:08:09I remember working on bitcoin libraries for multisig hardware wallets and thinking to myself, all that security is kinda moot when all it takes is *one* dependency from NPM to be compromised and every one of the signers, using identical software, signs the wrong thing. We ended up with zero third-party libraries and we checked the signatures of every package, with Git, when updating. Stay frosty.