Porting the code for preventing accidental leakage of private keys to Wax’s transaction construction code.
Accidental leakage of private keys?
Sorry, but how is that even possible?
Should we worry?
How easily a hacker can intercept a private key in this case?
I am grateful and thankful about what you are doing for the blockchain, it is really a huge work, but security should come first and foremost, and the accidental leakage of private keys should not happen under any circumstances.
This is protection against "user error".
In many Hive applications, a user can send a transfer or some form of custom_json, and sometimes they don't understand the instructions of an app, and accidentally put a private key into their actual transaction. Most commonly this is done when someone puts a private key into a memo field. This is pretty rate, but it does happen, and then everyone can see their private key (hence we call it leaking a private key).
We're designing Wax so that any app that uses it to construct transactions will automatically get a check that detects such leaks and prevents these transactions from being broadcast.
So there are no real leaks technically, but the users are publishing their own private keys with the custom_json transactions by their own mistake, and the goal is to prevent these transactions to protect the accounts of the users.
Now I understand.
Thank you for the reply.
Amazing 🥲