No, they would not be on an exchange but in your own "unhosted" (self custodial) wallet - that's what Keychain is- a personal wallet where you are responsible of your tokens.
You are viewing a single comment's thread from:
No, they would not be on an exchange but in your own "unhosted" (self custodial) wallet - that's what Keychain is- a personal wallet where you are responsible of your tokens.
Hi @sorin.cristescu! And thank you for your response!
That means a "hot wallet", because is online, right? Is it advisable to store them in a "cold wallet", like ledger, for example?
With Hive Keychain you can choose how "hot" it is. If you only store your posting key there, it can only sign posting-level transactions, which are generally the transactions that require the lowest level of security. eg. Votes, posts and comments
You can store your active key (which is used to sign transfers and other monetary transactions) in Hive Keychain or store it in a paper wallet or where-ever else you choose. If you keep it offline then it is equivalent to "cold storage".
There is a higher level key known as the "Owner Key". That is used for changing your keys and other transactions that require the highest level of security. Hive keychain won't even allow you to store it in the app.
Hi @demotruk! And thank you for the great explanation! So basically it's only hot when I log in, and cold when I go off, right?
One question, what about the memo key? I entered it in my Keychain, but what is it for?
Not exactly. A "hot" wallet is one where keys are kept on a computer connected to the internet, and the risks associated with that. If you have your posting key in Hive Keychain, it's still possible a hacker could get you to, for example, upvote something that you don't want to, or make a spam comment you don't intend to, but they couldn't get you to transfer money. Putting your active key into keychain makes it more "hot", because then transferring some of your liquid Hive or HBD would be possible if they managed to compromise that computer.
Memo key has no authority on the network, but can be used to sign and encrypt messages. This allows you to prove who you are without using a key that could be used for transactions if compromised.
I think I understand. So, to use Ecency, for example, I have to have to enter my posting key and my active key in Hive Keychain. There is no way around that, right?
But if I understand you correctly, my Hive Keychain can only, potentially, be hacked when I'm online (logged in), right?
If you want, you can use Ecency with just your posting key. You won't be able to make transfers, power up etc. without the active key though.
Your keychain is protected by a password, so as long as that is secure, the only way you can be "hacked" is if a site tricks you into signing transactions that you shouldn't. You can always look at the details of any transaction Keychain is requested to sign. If it only requires posting authority, it is low risk.
That's comforting to know. Thanks for all this valuable information!
!POB
!PGM
!CCC
To complement what @demotruk rightly says, I would like to invite you to consider reasons for keeping your Hive off an exchange and how much "hotness" might be interesting for you.
Keeping just the "posting key" hot allows you to post, vote, comment but no financial transactions. If you also let the active key "hot" then you become an investor, and you might be interested in "powering up" ("staking" in other blockchains) and then reading my last post to learn about the possibilities.
Hi @sorin.cristescu! Thank you for complementing what @demotruk said!
I basically enter active because "powering up" and things like that. Posting for obvious reasons, but I don't know what the Memo key is for or if I should enter it at all.
Memo key is the least important in the hierarchy of keys. It's used to sign and encrypt "memos" (messages). To send an encrypted message you start a 0.001 transfer and in the "memo" field you precede your text with a hash key: #. This will instruct the software to encrypt the message with the public memo key of the destinatary
Wow, enrcipted messages? 😮
I don't even know where to start with that? Messages, between users or just strictly when making a transfer?
Sorry I ask so many questions. This is a whole new world to me!