You are viewing a single comment's thread from:

RE: Scotbot launch! Time to make your own custom token powered by proof of brain on Steem!

in #steem-engine6 years ago (edited)

When you enter your private active key and pay the initial ENG fee, it is enrypted and securely transmitted to our server. We encrypt your private key as well as your token and account name, we do this using Steem's in-built encrypted memo feature.
We encrypt this memo which resembles a long string of gibberish text with a "#" infront of it, and only the steemsc account is allowed to decrypt this memo using its own private memo key. This creates an end-to-end encrypted chat message basically, only readable by both parties.
Your active key is NEVER stored as plaintext, so only the Scotbot server can see your key when the memo is decrypted and the Steem Engine team takes security very seriously.

This sounds a lit bit misleading. I believe, you also store the key of steemsc account on your servers. (Unless you do manual stuff for every action)

So, a potential attack on your servers still let an attacker access users' active private keys.

6 years ago in #steem-engine by
$0.00
    1 vote
    Reply 0
    Sort:  
  • Trending