Certainly consensus code is very costly in itself. However mishandled security failures are even more expensive on the long-term, e.g TheDAO hack and the moral hazard culture this generated in ETH.

Of course, this is always an option to go to publish a pinning toolkit and see the Lightning ecosystem jeopardized. In those matters it’s always good to have ethical self-restraint and respect a strict boundary on how much sensitive information you reveal.

In my opinion, this PR is pretending to fix Lightning vulnerabilities, while in fact it lets wide area of attack surface opened.

Sadly, you have to be a cross-layer expert to understand this and I’m not even sure the v3 PR reviewers sufficiently understood what they were reviewing and I did ostensibly call to test more this change. So it sounds like pure “security theater” in my opinion.

“Gradient" solutions are rarely acceptable in network security, as you’re just increasing the re-deployment costs for any future full and sounds mitigation.

I have not seen achow commenting in public on this decision merge.

Overall, calling to have achow stepping down is disproportionate, achow is one of the most reliable maintainers in my experience. However, having achow explaining more this merging decision in the present case would be very welcome.