Juicy...

"Born in the nhs" 🎵

It would be just a task and get for most projects.

Yes I get it. Umbrel should make sure setup pages are completed, and disable services after x mins. Not blaming Umbrel or anything. It's just a lesson that can be learned from.

In the umbrel scenario there are a load of projects that would be impacted by autopopulating funding sources. I would say Umbrel is responsible for not creating backdoor. As I said we can also add safeguards fkr that scenario.

Sure, but in Francis instance it was Alby

It didn't happen to lnbits it happened to alby.

Which is what happened to alby in this example?

Reading replies was this umbrel connecting the funding source?
Then if any fixes should be applied thats where it should start. We can also add something.
Bitcoin is built on blood and sacrifice of early adopters, it sucks, and no future users understand the pain and suffering of those who came before them.

As far as I can gather the issue was autopopulating the funding source for lnbits by alby, and Francis enabling lnbits but not setting up from lnbits launch page? We didn't autopopulate the funding source, alby did. We can add an extra safeguard to help albys flow, by disabling the setup page after x mins, but using lnbits this way by a service like alby, is not something we do or account for. I'm not playing the blame game, but its a vulnerability not created by us. We can try safeguarding it, but any service that alby autopopulates should be monitored by alby and disabled if not set up correctly.
As far as I understand the issue.

Yeah, it looks like it @nprofile1q...
I assumed they were being proton 😍

This is great