|
|
|
|
|
|
by laverya
850 days ago
|
|
|
Only if the attacker only transferred funds to one wallet. I could also see a sophisticated attacker holding off on draining wallets until the amount contained started to drop or increased past a threshold. Draining funds as soon as a user attempts to setup the app gets you a few suckers but also means you'll be reported quickly. Giving everyone a failure message while recording the recovery key might let you go significantly longer before discovery. |
|
|