You are viewing a single comment's thread from:

RE: Steemit powering down 30M Steem, and still hasn't figured out how to secure their keys

in LeoFinance5 years ago

Well, I don't like being called unsmart but... when going through exchanges I would often have this kind of conversation with myself:

Ah time to transfer to an exchange, ah.. copy-pate the private active key for the transfer. copy paste the memo value from the exchange to the wallet for transfer. I hope I got that right...

Thank goodness for Hive Keychain, Hive Signer, and Metamask. Why isn't there one for Bitcoin?

5 years ago in LeoFinance by
$0.05
  • Past Payouts $0.05
  • - Author $0.03
  • - Curators $0.03
2 votes
Reply 3
Sort:  
  • Trending
    • [-]
     4 years ago  

    And you are right in your inner conversation. Their error was to provide private key material to a third party (exchange) site.
    For many, Hive will be their first contact with the cryptocurrency world, we have to do better when it comes to education on our way to mass adoption.

    [-]
     4 years ago  

    I agree that putting a memo-private key into a field definitely is a mistake and not an accident. It's a kind of mistake I had not heard of before this article.
    Putting an active key into a memo field is probably an accident and a worse mistake.

    As I recall there is some white-hat bot that scans the blockchain for private-active-keys to put them into a three-day lockup, and a black-hat bot that does the same in order to steal the funds.

    $0.14
    • Past Payouts $0.14
    • - Author $0.07
    • - Curators $0.07
    1 vote
    Reply
    [-]
     4 years ago  

    When I posted the text of the memo keys in this discussion, @peakd warned against sharing your private keys. So good protection is possible at the interface level.