You are viewing a single comment's thread from:

RE: What are you building right now?

in #steemdev-megathreads7 years ago

My keys are in the cloud as well. ;)

Short of being hacked (or steemit going rogue), my steem isn't getting lost.

Regarding a desktop wallet, can you store a copy of it somewhere else? Is that a valid firesafe mechanism? I always assumed the concept of a hardware wallet was that it was tied to that particular hardware. If that isn't the case, then I can see how controlling your own wallet with offsite backups is the safest approach.

Sort:  

All it takes is one clever guy using an XSS attack while you're trying to do a transfer, and your steem would be gone.

Your keys are just text - you can store them wherever you want. Paper someplace laminated, etched into metal, whatever.

Ok, I'm new to cryptocurrencies, so can you describe the process of say sending me sreem/sbd from a desktop wallet vs the online wallet?

Sure, happy to share.

Any operation on the Steem blockchain requires the creation of an operation (JSON) which is then signed by a private key associated with the originating account (or an account auth... but we won't dive into that). These signed operations are then broadcast to the blockchain and added to blocks. The only thing you need to create one of these operations is a valid private key of the appropriate type for the operation. For a transfer - it'd be the active key.

For clarity on terminology - the private keys, which start with 5, are the actual keys. Each private key has a level of permission - posting, active, owner. The master password that steemit.com uses, which starts with P, is different in that it's a seed of sorts that generates all of your private keys. This makes the security of your master password just as critical as security of your owner key.

This is the one piece of information you're always sharing with whatever software you use: your private key. The one exception being SteemConnect using auths, which fixes some of these issues but also raises some different ones. I won't dive into that here.

Since all transactions require some form of private key - now there's a choice of what you can trust with that private key:

  • You can trust it in your web browser, with all of your extensions, and trusting the web page's code you're visiting.
  • You can trust it in the cli_wallet application (built by Steemit Inc) running on a server you secure.
  • You can trust it in a mobile application (like Steemit Inc is building or eSteem by @good-karma) running in an isolated, sandboxed application, on a secure mobile device.
  • You can trust it in a desktop application (like Vessel) running in an isolated, sandboxed application.

With the first option, in your browser, you're trusting that everything is going to work perfectly, none of your extensions have malware, the webpage you're visiting isn't infected, and that you trust the team behind the site with all of your wealth. You're trusting this every time you enter that private key or master password.

The remaining 3 options all save your private key (potentially encrypted) in an isolated app - that's never going to ask for your key more than once. If encrypted, it'll ask for a password to unlock, but that key isn't being exposed repeatedly to the same risks that the browser has.

The mechanics behind how a site like steemit.com makes a transfer vs how Vessel makes a transfer aren't all that different - but the improvement comes from where that code is firing. Hardware wallets kick it up another notch where you have a dedicated device to house the keys - we don't have that yet for Steem, but if we did, it'd be integrated into something like Vessel :)

Got a little long winded, but you asked a fairly broad question. I hope I answered it and if I didn't, I can try again lol.

So can you clone/backup your desktop wallet for safe keeping, or are you totally fucked if that one device gets stolen/destroyed?

Currently you'd backup the private keys themselves - though adding a backup/restore feature to the wallet would also be an awesome feature. I opened a github issue for it :)

I have my private keys backed up on multiple USB drives at multiple physical locations - all encrypted with a very long password. If I lost my desktop + laptop, my backups, and my entire house burnt down, I'd be able to retrieve my keys from one of those USB drives, decrypt it, and import them to a brand new wallet.

Ok, so your crypto isn't tied specifically to any hardware. It's all still registered on the blockchain(?) so as long as you can produce the keys you can claim it?

It makes me wonder about those stories of that guy who lost about $70million worth of bitcoin when he accidentally threw out his hard drive. If he still had his keys, could he still have claimed them?

Yup, as long as you have the keys, you can use those keys on any wallet to access your funds.

The guys who lost 70m worth of bitcoin in a landfill is because those hard drives had the wallet files on them - and they didn't create backups of the keys.

This actually happened to me, though not nearly as much. I mined bitcoin in 2010 after discovering talks of it on a phpBB forum (no idea which one). I mined for about 2 weeks, and after that time, how much ever I had (I don't remember) wasn't much, so I stopped. BTC was like $0.06 back then, so maybe I had found a handful of blocks? I didn't really get back into crypto again for about 4 years. By that time, after a cross country move, I had trashed the PC that I did mining on. I didn't have backups, it was literally something I threw away because it was a gaming machine and I didn't really think about what bitcoins future was.

So those bitcoin are likely lost forever, unless someone found my HD in a dump or something and managed to decrypted the wallet I had on there. If I had backups of those keys - I'd be able to access those funds today.

Keys are everything - and the only way you actually own your crypto is if you control the keys.

Also, what happens if someone steals your computer with your desktop wallet on it... can they bruteforce the password and then have access to all your crypto?

If you had a shitty password - yes they could try. With a strong password, it'd likely take them more time to brute force it than it would take you to use a backup to alter the keys, rendering what they stole invalid (once they get it cracked).