The recent (and a really good) example of bad code here:
http://www.tangleblog.com/wp-content/uploads/2018/02/letters.pdfDom, David and the rest of the IOTA team,
We have found serious cryptographic weaknesses in the cryptographic hash function
curl used by IOTA, curl. These weaknesses threaten the security of signatures
and PoW in IOTA as PoW and Signatures rely on curl to be pseudo random and collision
resistant.
...