The latest TC release 3.18 was done as a private binary (something we had done before when patching crits). There was a long-standing practice that if a node requested, by signing a message with their validator key, devs would send them the validator-key encrypted diff of the security patch. That’s exactly what the malicious node did in this case. It’s possible even that the private release spooked them into speeding up their timeline for the attack. I find this class of attack very interesting. Networks need to be designed maximally defensive, even against their own validators. In this case, a malicious validator can still get the source code for patches and exploit them before the code goes out. I wonder if this puts an end to that practice. It all exists on a spectrum of decentralization. I actually don’t disagree with @jpthor that closed source TSS might be the move from here. Anyone who is saying that’s “the end of the experiment” is either a crypto-anarchistic maxi that lost the plot or an NK hacker astro-turfing protocols into not making sound trade-offs between security and decentralization.