Online vs offline Block Producer voting
We have recently been debating the risks of voting for block producers online. Since private keys can get compromised in the process, through phishing attacks and malware, we figured it might hamper the voting process, deter the users from voting, and indirectly affect EOS's integrity.
Less votes translate into a weaker, more random Block Producer election, and easier replacing of good BP’s with dubious ones - it takes less to vote good people out. Also, since votes decay over time, the process needs to be repeated every couple of months, increasing the risk accordingly.
We concluded it would be beneficial to be able to cast your vote offline, without ever exposing your private key on an online machine. This applies especially to people holding slightly larger wallets, as their loss from phishing and other attacks could be very painful, but can be beneficial for smaller holders as well.
Tokenika has developed a tool for a completely air-gapped, offline Block Producer voting. The main idea is to generate a voting transaction while being completely offline and make sure the private key is used only for signing the transaction and is never exposed afterwards. The actual signing and key handling process uses only official EOSIO unmodified codebase. Thus the eosjs library is the only external dependency, while the rest of the code is pretty short and simple.
Audit is welcome
We would like to hand over this solution to the community for code-review and use. We have checked with several coders who have examined the code for errors, and the checks came back clear. To our best knowledge and effort, everything in it works as it should, but we need your help to make sure it is so, as the code deals with private keys. The source code is quite concise, so for anyone qualified it should not pose a problem to go through it. We would appreciate your comments below or on GitHub if you find anything that needs our attention.
Legal disclaimer (sorry, we have to do this)
The code linked in this article is offered to the EOS community for peer review. Tokenika takes no responsibility for the execution and the results of the execution of this code, it is provided as is, under MIT license.
Most important: the URL
If you decide to use this voting method, (we ourselves will), make sure your address bar looks like this (this is from Google Chrome browser, others may vary in appearance, but the URL must be the same) :
Click on the
https certificate to make sure it is valid. You should see something like this:
If you see this, you are definitely on our GitHub, and are not being phished:
Close it and follow the instructions.
Here's an explainer video shot by @noisy, the lead developer of this tool: