|
|
|
|
|
|
by vessenes
3741 days ago
|
|
|
Thanks for the note back. I think the attack vector that seems very likely here is an e-mail like this: User: Initiates Support Request around a transaction that's funky Naughty BlockCypher Employee: "Let's try to debug this. Can you get me a private key from an early address you sent from, one which you WON'T USE AGAIN? I want to check that we're doing our math correctly. Make sure it's not an address with an existing balance!" I propose that well over 99% of developers would think "Will I use this address again? If not, should be fine to pass on this private key." |
|
|