Actually, they posted that a vulnerability existed, https://x.com/xyz3va/status/1807330215955177937:

> someone from @a16z get in touch, now. its bad. security related

So they didn't disclose the bug publically... They simply disclosed that there was a bug.

That isn't IMO disclosure. Nearly anything has a bug if you look hard enough.

I don't remember what your post originally said, but posting about a vulnerability is not the same as disclosing the vulnerability. Especially when you're asking for a contact.

The difference, in case you really want to know is that one actually tells everyone what the issue is, another tells everyone that there is an issue.

That's not what happened at all, and the article you link doesn't say that.