Understanding Posting & Active keys Authority

cryptokannon (74)in #security • 3 years ago

steem1.1.png

Hello Steemian!
I have published a post about issue on dapps of https://steemdb.online/ yesterday and I have been respond by @steem-supporter in this comments’ thread here

How steemdb.online curation trail works?
We also had a conversation in discord server this morning on my timezone as I had asked him about this the day before and was waiting for him to reply me there.
As I understand it from our conversation, his sites https://steemdb.online/ only have users’ posting key authority NOT the actual posting key itself.
The application that is used for getting the posting keys from users is steemlogin which is operated by @hightouch of @futurewitness

As I understand it from @steem-supporter, steemlogin only has our **active key authority **but not having any record of our active keys in their apps, as steemlogin only stores our active keys credentials in our web browser.

Why users need their active key to authorize steemdb.online service?
https://steemdb.online/ require users to put active keys via steemlogin because in order for posting keys authority to work with steemdb.online dapps,higher level keys, such as active keys is required by the steemlogin which will then making it possible for steemdb.online dapps posting key authority to work.

TL:DR

There is no way for dapps such as https://steemdb.online/ and steemlogin.com having record/store of your posting keys and active keys.

Is it safe to use any dapps on Steem?
There’s still a possibility that your account gets hacked if you’re using these dapps as hackers might have found a way to do it as you store the keys in your browser.
So in conclusion, use these dapps at your own risk, the creators of those dapps are not responsible or have anything to do with your stolen funds while you use their dapps as they do not store your actual posting/active keys, they only have your posting or active key authority.
It might have to do with your internet browser security or something as I’m not a developer or programer to know more about this on how your steem account could be compromised.

How to protect your Steem/SBD?

Go to your steemitwallet page and transfer any liquid steem/sbd into Savings

This will protect your funds for 3 days before they enable the withdrawal

If you or your community rely heavily on this curation trail service or any other dapps on Steem blockchain that require active key authority on their dapps, it is good that you transfer any of your liquid steem/sbd into saving so you will get notified when someone withdraws your steem/sbd in 3 days before it can be withdrawn. This way you can still have a chance to stop the stealing as opposed to you will lose your funds at an instant if you just let it sit there.

Thank you @steem-supporter for clearing things up for me and the Steem Community members.
Until then, keep steeming!

Regards,
cryptokannon

#dapps #curationtrail #safety #savings #steem

3 years ago in #security by cryptokannon (74)

$87.91

Sort:

Trending

[-]

speedask (59) 3 years ago (edited)

I am Korean
I want to share a lot of information with you.
If you send me an email or SNS, I'll send you a message.^^

$0.03

1 vote

[-]

cryptokannon (74) 3 years ago

Hi @speedask nice to meet you. What are the information that you want to share with me? You may find me on twitter too https://twitter.com/cryptokannon

$0.04

1 vote

[-]

rezamusic22 (60) 3 years ago (edited)

Thank you for information Mrs. @cryptokannon .,

Today I am trying to create a community that has the basics of history and culture. This idea has been around for a long time, I haven't seen steemians writing articles about history and promoting cultures. Because of that, my friends and I wanted to create a place for steemians who want to learn a lot about history and culture, and share them. History and culture will never run out. If we as millennials don't preserve it, then that history and culture will be lost.

This community will teach us how to love history and culture. This community will also unite us from all corners of the region to exchange stories that contain elements of history and culture. This community will raise many aspects of history and culture in each place where the steemian lives. It may not be easy, but I am doing my best to raise this community. so that this platform is progressing and developing rapidly.

Therefore, I really need your support and encouragement @cryptokannon, from @steemitblog, @steemcurator01, @booming. so that this community can flourish. Without your support this community would be nothing, without your support the ideas we wanted to bring about would not have happened. I came here to submit a proposal to you @cryptokannon and the other steemit team. I hope you consider it. I want to say a thousand thanks to you, Sincerely @rezamusic22 @hc-curator

Please visit the post Introduction of the new Community and the official "History & Culture" curator account on the Steemit Platform.

$0.00

8 votes

[-]

jansepu (36) 3 years ago (edited)

As a newbie, this is very informative and helpful. Thank you so much.

I can see they comment their introduction. here is mine
https://steemit.com/hive-172186/@jansepu/introduceyourself-hello-steemit

$0.00

2 votes

[-]

syahrul12 (25) 3 years ago

Terimakasih infonya bu 🙏

$0.00

[-]

ahsansharif (66) 3 years ago

Thanks for giving us information about this

$0.00

[-]

mark.heard (46) 3 years ago

They could say they don't store it but you never really know. How many times have an app from the app store ended up with a back door?

I save my keys on a trusted centralized browser. Google security for the win.

This is not an accusation. Must be phishing links...

$0.00

[-]

el-nailul (75) 3 years ago

Will translate it in SteemSEA for indonesia newcomers. it will definitely useful for them to have better understanding of using auto vote and giving authorities of the account to third parties

Thanks

$0.00

[-]