The WBTC contract is highly vulnerable to attack: Evidence

In order to prove that WBTC is exposed to a massive attack, I have deployed a copy of the contract to Rinkeby Testnet here:

https://rinkeby.etherscan.io/address/0x1e1234105171a08a26c68a61bc7a04f19311c103#code

There is human management and ownership of the private keys that manage WBTC. If those humans are phished, hacked, or get a virus on their computer, a hacker could get their Private Key. This happens weekly in the space. I will simulate that on Rinkeby and we will see what will happen.

First, I have put some Rinkeby ETH on the Uniswap Pair with WBTC on the Testnet.

Next, I will pretend that the owner of WBTC on Rinkeby (0x2a3A325317012Cf51A69630cc24988b1C7Afa1D8) was hacked. Here is the private key:

b5f78925f8c6cc1c535d8ab4a1c9be17a75aa37e56f49ce881650d6f96094146

Anyone who has that private key can import it into their Ethereum wallet, steal ownership of the WBTC contract, and/or mint infinite WBTC rinkeby tokens to any address in a single transaction using the mint() method. This means they can steal all the ETH on the liquidity pools for WBTC. Let the games begin!