Security/Censorship questions for steemit.com
There are a few questions that I have had lately related to the steemit.com website and it's relationship with the actual blockchain and the mining process. Since these questions are related to the security and potential censorship of the community, I feel like they're worth asking and having a nice discussion about.
1. Who operates the steemit.com website?
2. Is the website source code also open, and if so how can we verify that the distributed code is the one that is being used to generate the website?
Since the majority of users will be interacting with the blockchain through steemit.com, how can we verify that the website is legitimate and does not contain malicious code?
3. What are the risks of censorship through the steemit.com website?
The whitepaper briefly mentions that "Individual websites such as steemit.com may censor content on their particular site, but content published on the blockchain is inherently broadcast traffic and mirrors all around the world may continue to make it available." My concern here is that, as far as I know, steemit.com will most likely be the ONLY way that the vast majority of users interact with the network. Thus, although anyone could technically still publish to the blockchain, and advanced users could still see those posts, for all practical purposes steemit.com could still choose to censor certain posts to the majority of users. Is this a legitimate concern? Is there any procedure that periodically checks the posted content on the website against the blockchain?
Could our private keys be stolen by steemit.com?
Since, as the whitepaper suggests, there is a risk of censorship on steemit.com, isn't there also a risk that our private keys could be stolen, or improperly stored by the website owners? Clearly the website interacts with our private keys, since they are required for posting, etc... Is there any way we can verify that this is being done securely? Are our stored keys encrypted with our login passwords?
Obviously I'm not implying that there is any funny business going on, these were just a few questions that I had been thinking about lately, and I thought others might like to hear the answers as well.
Best,
Trogdor :)
Hi trogdor:
1 - Steemit, Inc operates steemit.com
2 - We are in the process of open sourcing the website. We can "live source it" once we have the resources to do so.
3 - Only on the level of web-app, the risks of censorship are similar to other sites that take direction from the government in they reside in. We're a US based C Corp, meaning we will likely need to be compliant in the way other sites are. However, Steemit is unique from others in that it's blockchain based so the most we can do is "hide" content. Users will always be able to point to our site and say hey Steemit is censoring because I can see that content on the blockchain and IPFS. The transparency helps everyone and puts us in a great position where we don't really have the power to censor anything.
4 - Steemit doesn't store private keys or passwords and with the coming source code the community will be able to monitor this to ensure complete security. This should become standard for any Steem-based web apps.
As an aside, please see steemd.com as a reference for what other web apps also see from the Steem blockchain.
Great, thanks for the answers. It sounds like a lot of exciting things moving forward.
Yes, of course.
The wallet built into this website, as it is programmed right now, runs entirely on your own computer. Your private keys do not leave your own machine. That's good - it means that if a hacker breaks into the steemit.com website he won't find a database of keys he can steal.
What a hacker can do, though, is replace the wallet software built into the website. He could modify the code so that it automatically sends all your funds to his own account, right after you log in. He could modify the code to change your account keys to his own, locking you out. He could do whatever he wants with your account.
It doesn't take much to do that. A simple XSS injection would be sufficient. I believe there was an injection bug in the early days of the site, but AFAIK no damage was caused.