[noud]

Of course I don't know. This is just pure speculation. But perhaps it's just not that hard to build a trading platform with just a couple of (very good) developers?

Not having separated large teams also has its benefits. Keep everything as simple as possible reduces complexity, which could make it more safe as well.

[kevinsimper]

I think you are right, but security teams is for when things does not go as expected.

Like Opensea had insider trading but they were not nearly as big as FTX, everyone knew FTX. Opensea is “just” a marketplace, not even near a live trading platform.

But there will probably be more information about it the next 10 years heh.

[marcc]

> security teams is for when things does not go as expected.

That's an unexpected view. Security teams are experts in security and help application developers think of ways the product could be exploited. Security teams run pen tests and bug bounty programs. Security teams manage compliance.

Separation of duties is a critical part of building a secure system, and you can't have separation of duties properly if app developers do it all.

Don't think of a security team a punishment for when things didn't go as expected, but a good security team can help increase velocity and confidence and security all at the same time.

[kevinsimper]

Yes, that is also what I meant :)

But with 10-25 developers I do not think they had what we both think are essential.

[rkagerer]

Vault of Satoshi was a great exchange that I think had like only 2 developers (though far less customers / features).