nunchuk_io on Nostr: Nunchuk apps are NOT vulnerable to the recent NPM security exploit. Our apps are ...
Nunchuk apps are NOT vulnerable to the recent NPM security exploit.
Our apps are fully native, with no Javascript or NPM dependencies. This was a conscious decision to reduce our supply chain to the bare minimum.
We believe that for mission-critical software like a Bitcoin wallet, avoiding Javascript and the web-based ecosystems is a fundamental security principle.
Published at
2025-09-09 04:31:49 UTCEvent JSON
{
"id": "faf50f542f68a5c529d9f1ec3ed443096973cab9b0699858bee6d14cc55cc469",
"pubkey": "c301f13372c8f0d9bc8186d874fa45fa33aede13e66f4187a3bd22ee41c95b2a",
"created_at": 1757392309,
"kind": 1,
"tags": [],
"content": "Nunchuk apps are NOT vulnerable to the recent NPM security exploit.\n\nOur apps are fully native, with no Javascript or NPM dependencies. This was a conscious decision to reduce our supply chain to the bare minimum.\n\nWe believe that for mission-critical software like a Bitcoin wallet, avoiding Javascript and the web-based ecosystems is a fundamental security principle.\nhttps://blossom.primal.net/e9dc042be7a97c228f65cc513c591c51e091ccf25f626616559379268304620a.jpg",
"sig": "4941bdb67957b4722f2c05e77b6bea8f1e174013c25b4214ad098977b28d082d3cec34740987b0cbb07f124f37cf7ff4b9340a39a37a828fba730637b5546cc0"
}
