You are viewing a single comment's thread from:

RE: Is our Eternal September coming?

in #adoption6 years ago (edited)

I agree. It should be made safe first. But I don't think it's the fault of Steem in itself but the dApps that use it. Any dApp that plans to onboard masses of people needs to make it possible for non-technical people and people of average IQ to handle it safely.

Sort:  

Moving transaction signatures outside of the app code is the first step. One day we will look back with horror at the idea of pasting our keys into a browser to do things. >_<

Well, SteemConnect exists.

SteemConnect is a nice band-aid for now and offloads trust to an arguably "trustworthy" third party, but it is not the correct solution. There are multiple problems with SteemConnect:

  • You need to paste your active key into a web browser in order to authorise new applications.
  • It reduces the decentralised nature of Steem authentication to a single, central point of failure. It failed just yesterday, for a couple of hours or so. Everyone using it to log into places got logged out because a server accidentally went down. That should not happen.
  • The application accounts it generates to use as account posting authorities are completely under its control. This means that an app integrating with SteemConnect must fully trust it to not do evil and, if it ever decides to start doing evil, it can.

There are those who refuse to allow any SteemConnect authorities on their accounts. I am far from that, but I want a real solution enough to work on building it :)

That's right. Those are the problems with it. But how would you go about eliminating the need to paste your active key into a web browser ever? A local storage on the user's computer? But isn't that what browsers have built in? A local storage that requires the users to activate with a password each time they engage in a session of using Steem to reduce the risk of an unauthorized person using the browser?

Actions on Steem are transactions, signed by our keys, just like any cryptocurrency. The difference is that we have extra types of transactions... but it all works the same way.

People with hundreds of Bitcoins don't keep their keys on their PCs. They keep "watch-only" wallets on their PCs which construct transactions for their dedicated offline device to sign. The PC only ever sees unsigned and signed transactions... never the keys.

Baby steps... the first part is removing transaction signing from apps. There is a balance to be struck between convenience and security, but the average Steemian's current workflow is heavily biased in favour of convenience, at great cost to security (as evidenced by the multiple phishing epidemics we've had in our short couple of years).

That's not right, and I want to change it.

Bitcoin transactions particularly from offline wallets that are infrequently used can be handled very differently from transactions done on a social media app. If you're using a Steem app, it would be very impractical to have each upvote, comment or whatnot signed by an offline device.

One pretty straightforward way to improve security is to have any large amounts of SP or liquid STEEM and SBD on accounts that very rarely interact with the blockchain and have those accounts delegate SP to your daily posting account.

Not sure if you seen this yet or if its even what you are looking for. I've not looked into it much myself as its a bit out of my own understanding.

https://steemit.com/steem/@yabapmatt/hate-putting-private-keys-into-websites-introducing-steem-keychain