Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update README.md #22274

Closed
wants to merge 1 commit into from
Closed

Conversation

faddat
Copy link
Contributor

@faddat faddat commented Oct 16, 2024

Warn Users that the -LSM branch is partially authored by software developers connected to the worlds largest crypto theft organization

Software developers connected to the north korean state -- the largest single cryptocurrency theft organization in the world -- made contributions to the liquidity staking module. It is not true that the liquidity staking module was fully rewritten after their contributions.

-lsm. branches should therefore carry a very clear warning.


Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title, you can find examples of the prefixes below:
  • confirmed ! in the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • reviewed "Files changed" and left comments if necessary
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • updated the relevant documentation or specification, including comments for documenting Go code
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

Please see Pull Request Reviewer section in the contributing guide for more information on how to review a pull request.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

@faddat faddat requested a review from aaronc as a code owner October 16, 2024 08:46
@tac0turtle
Copy link
Member

Sorry we don't maintain this software and it's only meant for the hub. We do not promote the module in any way.

@tac0turtle tac0turtle closed this Oct 16, 2024
@faddat
Copy link
Contributor Author

faddat commented Oct 16, 2024

Sir that's why I think that it must contain a warning. I would like to strongly suggest that you include that in the warning.

Sorry we don't maintain this software and it's only meant for the hub. We do not promote the module in any way.

You just said what I said, and you just said "sdk team not responsible" -- and that's 100% true. Thus, the SDK team should include a warning or nuke the branches.

The cosmos workplace shouldn't be friendly to crypto-theft-sponsoring nation states, as that adds risk to every single stack interaction.

Another alternative would be to reopen the pull requests, and see how the team that does maintain that software wants to handle it.

Such code should not be offered without a very clear warning to its potential users.

I understand it's uncomfortable, but the sooner we deal with the harsh realities here, the safer everyone is.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants