[3np]

I thought that at this point it’s common sense that any secret pushed to a public GitHub repo should be considered compromised, regardless of how quick you roll it back.

There are many people writing automated tools doing their best to catch slip-ups like this before everyone else. Dark Forest and all that.

And as someone else said, why use a wallet holding mainnet private funds as a dev wallet? Separate your keys.

[anm89]

PRIVATE repo*. These should not he searchablr with that method.

[Buttons840]

> There are many people writing automated tools doing their best to catch slip-ups like this before everyone else. Dark Forest and all that.

And these scripts can see my private GitHub repositories? If so, what's the difference between public and private repositories?

Is this a failure of GitHub's security?

[spzb]

Maybe, maybe not. He admits that he shared the repo with at least one other individual. It's quite possible that what he thought was a private repo wasn't.

[hasangursoy]

A quick note, all of the wallets were the part of my experiment, not the main one.