Developer posts secret key on GitHub, loses $40K in 2 minutes - eviltoast
  • Web3 developer Brian Guan lost $40,000 after accidentally posting his wallet’s secret keys publicly on GitHub, with the funds being drained in just two minutes.
  • The crypto community’s reactions were mixed, with some offering support and others mocking Guan’s previous comments about developers using AI tools like ChatGPT for coding.
  • This incident highlights ongoing debates about security practices and the role of AI in software development within the crypto community.
  • elephantium@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    2
    ·
    7 months ago

    I see some of that in my job. We put encrypted data in settings files, and the keys for decryption are provided on the VMs where we deploy. The developers never actually see the keys.

    I suppose it’s as secure as the process for managing the production VMs, assuming the encryption isn’t just md5!