Keys Defender -- Development update: v2.2.1 released

in #hivedev2 years ago (edited)
source      


Time spent on these improvements:
Coding + Testing + Article = ~6 hs


Changelog:

1. Healthy nodes detection


Lately Hive is often having nodes issues (likely caused by Justin DDOSsing Hive). I want to give @keys-defender the ability to detect at run time which nodes are performing better and switch to those. In this way I will be able to guarantee that keys will be detected and protected as quickly as possible.

With that goal in mind, I used something similar to the code snippet that I posted on my blog earlier this week and when the amount of network errors reaches a given threshold I detect which nodes are healthy.

This is only the first part of the feature and for now it only prints out which nodes are stable. I usually check my server a couple times a day so if I see that warning I can restart @keys-defender pointing to another known healthy node.
The second step will be to automatically switch to a different node at runtime. I'll work on this next weekend, it will require some refactoring in order to be able to synch in one shot all multiple instances of the Hive API (these are currently spread across the code base).

2. Transfer of compromised funds to savings on both chains


A little intro: keep in mind that when a key is leaked on Steemit, it can be used on Hive as well if the key wasn't changed after the fork.

On Thursday night a user with almost $ 28,000 across Hive.blog and Steemit leaked his active key on Hive and I realized that, despite the fact that keys-defender runs on both chains, it does not transfer the user's funds of the other platform into their savings.
I therefore had to log in into the wallet of the user that compromised his key and perform the transfer manually.

With this new release, when @keys-defender detects a leaked active key, it automatically transfers the liquid funds of the compromised accounts into the owner savings of BOTH platforms.

2. Incoming transactions checker


Something else that I learned during the last leak is that, even if you warn the account owner of their leak and put their funds into their saving s, that does not fully protects them yet. For instance his account kept getting funds transferred into his wallet (I believe through automated trades) so these funds were at risk of being stolen since his private key was clearly displayed in the memo of a previous transaction of his.
I therefore had to log in again into his account and manually transfer his new liquid funds (1,600 HIVE) into his savings:

So, in order to avoid having to manually monitor compromised accounts, I decided to automate checks of funds coming into a compromised account.

The liquid funds of a compromised account will now be checked every second, on BOTH platforms. This goes on until it detects that the owner changed their keys on both platforms (the transfer to savings transactions fails due to invalid key) or I manually interrupt the guard because the owner notified me of the recovery of their account.

Testing

The key got intentionally leaked on Steemit and the funds on Hive got correctly transferred into Savings.

Additional testing will be performed next weekend.


Sort:  

Thanks mate for alerting me to the leak of my keys. Just transferred you 50 HBD as a small thank you for your efforts.

Thank you, much appreciated.   =}

Your post has been rehived.

Check my profile to rehive your posts

!discovery 30


Questo post è stato condiviso e votato all'interno del discord del team curatori di discovery-it Entra nella nostra community! hive-193212
This post was shared and voted inside the discord by the curators team of discovery-it. Join our community! hive-193212


Manually curated by @