Better programming languages are important but even the best mathematically rigorous proof will not protect you from a mistake made by the person preparing the specification. Which is what very much has happened here, IMO.
You don’t write in an arbitrary code execution like that by mistake. Someone has specified/decided it should look at the message and execute a matching function. They likely thought it would be a good idea, I am not claiming any ulterior motive here. However, it has been a conscious decision to do it, not a mistake.
The solution is not to try to eliminate all bugs — that is likely impossible as long as a human is involved in the design or implementation of code. The solution is to recognize that bugs happen and have a “safety net” so if you fail you fail gracefully and there is a way to recover.
Saying “Oh your 30 millions were robbed because of a dev’s mistake, tough luck. But we are improving our tools so that it won’t happen next time!” is not acceptable in my book.
