|
|
|
|
|
|
by runeks
1592 days ago
|
|
|
> Doesn't it have to land in a public repo before it can be patched? No, they could have patched the contract before publishing the commit on GitHub. Granted, an attacker could watch the chain for such "contract upgrade" transactions and attempt to front-run it, but that would be a lot harder than just discovering undeployed security patches on GitHub. |
|
|