Tesla Developers Help Patch Flaw in Open-source Bitcoin Pay Software
In a tweet, the masterminds behind the popular payment processor and crypto wallet service BTCPay Server wrote,
“We want to thank Tesla for submitting the disclosure that led to these fixes and helping us with remediation. Thank you for contributing to the community and helping keep our users safe.”
After spotting a potentially critical flaw in code posted on the GitHub repository by BTCPay Server, Tesla reached out to the project and helped the developers create a patch.
A lead developer and project founder, Nicolas Dorier, took to GitHub to write that the new patch was a “security release that patches one critical and several low-impact vulnerabilities that affected BTCPay Server versions 18.104.22.168 and older,” adding,
“We strongly recommend affected users to update their instances to mitigate the risk.”
Dorier wrote that Tesla deserved credit for “filing a responsible disclosure,” and also took the time to thank an independent web-security researcher named Qaiser Abbas for its “additional responsible vulnerability disclosure.”
On social media, crypto community members expressed their approval.
On Reddit, one user wrote that “the beauty of open source” software was that “everyone benefits when you share and contribute to the community.”
“Shows you the real quality of engineering in Silicon Valley. I guess those folks get paid an arm and a leg for a reason.”
BTCPay Server is essentially an open-source alternative to the centralized BitPay gateway. It was founded in 2017 and calls itself “a self-hosted, open-source cryptocurrency payment processor” that is “secure, private, censorship-resistant and free.”
- In Devs We Trust: Bitcoin Bugs Die in Secret, Leaving Altcoins At Risk
- BitPay vs BTCPay: Which Bitcoin Payment Processor is Right for Your Business?
- Potential Buyers Divided on the Wisdom of Spending Bitcoin on a Tesla