Aliucord EncryptDMs Incident

Plugin Release

EncryptDMs is an Aliucord plugin made by User:Mantikafasi on 26 November 2021.

The plugin's primary goal was to encrypt Discord DMs end-to-end, ensuring that neither Discord nor anyone without the encryption keys could read their contents.

The Incident

After User:Mantikafasi pushed the first changes, some individuals acquired it through a GitHub repo with PluginDownloader despite him not yet officially releasing the plugin. (Those individuals had zero idea what they were doing.)

 
EncryptDMs user getting banned for spam

Because the plugin was unfinished, it automatically started exchanging public keys when someone sent them. Whenever somebody shared their public key on a Discord server, all other people who had the plugin automatically responded with their public key.

 
Vendicated getting confused when plugin sends public key all by itself

Results

After several incidents, the text <ewd:publickey was banned from the Aliucord server, and User:Mantikafasi pushed an update that removed the functionality of the plugin.