Replying to @sniko_ @samczsun and 4 others
They told us they knew it before we even reached out to them.
Yeah, I think this issue has been widely known for a long time, so I don't think a disclosure period applies. Alex is right to call us out for not addressing it sooner. Starting work on it now. Thanks for the kick in the pants, and sorry we needed it.
Andrey 
Petrov
Petrov@shazow
Great reason for NFT viewers to not render centralized metadata by default (http tokenURI links). Only render content-addressable storage links like IPFS, or on-chain base64 embeds. Also creates a valuable forcing function for NFT creators to Do It Properly™. twitter.com/kurtybot/statu