I think your colleague cloned the repo, and he had wallet stealing malware in his PC, which probably automatically stole it within milliseconds of the clone happening.
Or perhaps you unknowingly uploaded the file to another repo as well?
Others in the thread mentioned that they have private keys in their repo as a honeypot - if there was a security breach within GitHub, their keys would also be lost.
It’s an everyday scenario in the financial world. Humans make mistakes. The systems that currently power finance may be flawed but they have affordances for mistakes and provisions to fix them.
What would be a horrifying scenario would be to lose those affordances and backstops for new technology that requires humans to not make mistakes to operate it safely
Not really. Why would you ever share non multisig keys with anyone outside of a test scenario. Tbh anyone who cant understand why this is a bad idea should not be holding crypto anyway as they are going to get separated from it one way or another
Not really. Why would you wver share non multisig keys with anyone outside of a test scenario. Tbh anyone who cant understand why this is a bad idea should not be holding crypto anyway as they are going to get separated from it one way or another
Or perhaps you unknowingly uploaded the file to another repo as well?
Others in the thread mentioned that they have private keys in their repo as a honeypot - if there was a security breach within GitHub, their keys would also be lost.