Security is something that is often discussed not only on Hive but throughout cryptocurrency. There is no doubt securing your private keys is vital. Interacting with blockchain is much different than dealing with a bank or some other traditional financial institution. There is no "password reset" button.
At the same time, we know a lot of hacks occurred, especially in 2022. Much of this is due to faulty smart contracts. Nevertheless, there is a lesson there we can take to heart.
For this reason, we have to utilize all the tools we can to protect ourselves. Many of the developers and technical people are Hive are doing things to enhance security. However, we can aid by doing our part.
In this article we will cover what I believe to be a simple yet practical way to protect ourselves.
A Lot Of Money
What happens if $HIVE reaches $1? $10? $100? Have you truly considered this?
The point being made is how much money, in USD terms, will be in your wallet? More importantly, how vulnerable is this?
One of the lesson that I take away from the hacks on Ethereum and some of the other EVMs is to avoid the honeypot. This is a single wallet that has a massive amount of money in it. It is a point of vulnerability because of the risk-reward that is in place.
In other words, am I going to spend hours trying to hack a contract with $100 in it or go after the one with $2 million? The answer is pretty clear.
While not a digital security expert, one thing I did learn is that a big part is simply creating a hassle. It is better to keep throwing obstacles in the way. As things get more difficult, those with nefarious intentions tend to move on. This is a world of "low hanging fruit". That is what is sought.
It is the concept applied with some of the time delays on Hive. The conversion times, 3 day delay on deposits, and 30 day window for governance are all deterrents. So is the 13 week power down. We all know this is a hassle to deal with and that is a good thing.
Going back to the first question in this section, let us take $HIVE at $5. For those who have 20K or more HP, this is $100K. It is not the largest sum in cryptocurrency but not an amount anyone wants to lose.
If this is all in one wallet, it is a point of vulnerability. Certainly being powered up is a protection yet that is one level. Why not go a bit further?
This is my goal, a process that I started.
Multiple Wallets
Hive Power is, by default, somewhat secure. However, liquid $HIVE along with HBD is not. The latter is either liquid or in savings, still presenting an opportunity. Having too much in a wallet might be tempting to some.
Therefore, my solution over the first half of 2023 is to increase the security tied to my accounts. This will start with simply spreading my holdings over more wallets. This way if one happens to get accessed, it is not a major honeypot.
We often discuss decentralization and all the merits. Ironic that we do so with our money sitting in one or two wallets.
Powering Down
The process is going to be a hassle (and that is a good thing). To start, this is going to require powering down my accounts. This could cause a temporary disruption in delegation and curation. Nevertheless, it is part of the process.
My idea is to spread the HP over many different wallets, then delegate it back to the main ones used for curation and engagement. This way the HP (and resource credits) are available, just resident under different accounts.
Another areas of disruption is going to be with governance. By powering down, the 30 day power up window is initiated. Again, this is a hassle but unavoidable.
The final area is in those projects that HP was delegated to. Here we see a time lag before the voting power is return to them.
Diversification in this manner makes sense. Do not put all your eggs in one basket is the old saying. I guess we can adapt it to not having all your crypto in one wallet.
Layer 2
Another area we cannot forget about is Layer 2. Right now, the numbers tend to be small; it is a bear market after all. However, what happens if one of your favorite games or projects takes off. It is not uncommon to see people with hundreds of thousands of a particular token. Of course, it tends to be in the same wallet as everything else.
What does a 25 or 50 cent price on your favorite token do to your account? Is this an amount of money, in USD terms, that you are comfortable with under one key?
It is equally as important to spread the Hive-Engine and DLUX holdings out. Many of them are not staked, hence susceptible. Moving them to some alternate accounts is probably prudent.
In Conclusion
Hive is flying under the radar right now. However, many of us believe that is not always the case. When the day arrives that Hive does get attention, it is going to attract all kinds of people. Unfortunately, not all of them will be good actors. The are going to be individuals with nefarious intentions.
There are many systems in place on Hive to protect people. The long power down is one of the most beneficial. So is the account recovery system. Nevertheless, the step of spreading one's holdings out before the masses arrive is probable a good idea.
One final point: use multiple different accounts for the recovery. Why go through this process if one can access one accounts and reset the passwords on all of them?
Remember, the goal is to simply to be a hassle. Make things more difficult for those trying to access the honeypot that is in place. There are other tools in place such as Hive Authentication Service along with a hard wallet that can help. This is just another layer in the process.
If you found this article informative, please give an upvote and rehive.
gif by @doze
logo by @st8z
Posted Using LeoFinance Beta
Isn’t the point of vulnerability in the initial account creation? The witness that creates accounts sent the keys out via email. That email containing the keys may still be in their sent folder.
Normally this can be done offline with most cryptos, but not the case with HIVE.
I am not sure they get the keys but it is a good idea to often reset the keys anyway.
Posted Using LeoFinance Beta
How do you reset keys?
You change your keys using your owner key.
Thank you for this post. I might not have a lot of assets but this idea is awesome! To have it spread around in multiple wallets and then delegate HP to main account is a great way to have it more secure and still useable.
🤑
P.S. I just realized that today is 1-year anniversary of me joining Hive! You're all invited for some cake! 🎂
Congratulations 🎊
!ALIVE
@pero82! You Are Alive so I just staked 0.1 $ALIVE to your account on behalf of @wandrnrose7. (4/10)
The tip has been paid for by the We Are Alive Tribe through the earnings on @alive.chat, feel free to swing by our daily chat any time you want.
Congrats on your 1 year.
Now onto 2.
Posted Using LeoFinance Beta
Thank you!
This is a topic that should be taking seriously, I often think now and then about security of my funds. I like with all funds being in a wallet, the compounding impact could be more but for security reasons, multiple wallet is a solution worth implementing.
Posted Using LeoFinance Beta
It simply will remove the honeypot. Help to spread things out a bit. A pain in the rear end but something that can still give us the utility needed.
Posted Using LeoFinance Beta
Another important option will be to make multi-sig on Hive easy to use. This could be done by supporting @stoodkev proposal or other project working to implement multi-sig feature on Hive.
https://peakd.com/hive-139531/@stoodkev/hive-multisig-proposal
So far I've got about 20 accounts that lie idle for the eventuality of a mainstream run on hive as a utility platform.
Even tho my stake is small, as you point out massive price rises in the native hive token could make a dolphins account large enough in $ value that they could, for example, pay off their mortgage, mitigating against life changing sums getting stolen is essential as things move forward for sure.
I also think recent developments with hive being storable on a ledger offers further high security options for storing liquid hive.
I think it's sound reasoning to also decentralize our token holdings thereby limiting the vulnerability and 'making it a maze' for nefarious actors. It's a situation that those with significant stake concentrated in one or two accounts will have to deal with in the future. Now is a good time to prepare for it.
Best time to prepare is before things truly take off.
Posted Using LeoFinance Beta
Really appreciate it you right about this very important topic, everything online is vulnerable for hackers but hive is relatively very safe all we need is to take every step to make over wallets secure
I once made a mistake holding hive into binance. Realized that they can freeze any time and so storing it only in my account. Binance and other exchanges can be scary these days.
Not your keys, not your crypto.
That should be the lesson from 2022.
Posted Using LeoFinance Beta
I use 2fa everywhere with one time pin authentication, would it be possible for Hive or Keychain to have 2fa too? Rn my account is small but my plan is to increase with time and have been thinking on how to keep it safe too
That would be at an app level. I would guess that Keychain could work something like that in.
Posted Using LeoFinance Beta
Layered protection is always the best. Like 2fa but in this case even better. If one wallet gets compromised it will be only a percentage lost rather than everything. But as you said, if you have 20 wallets with 10k HIVE, you are much safer (in terms of being a target), than one wallet with 200k HIVE.
Yes. To go after 20 wallets is a hassle and the payoff for each isnt there.
Posted Using LeoFinance Beta
I've actually been creating some separate accounts over the past couple of months. My main goal was brand protection which if I recall you didn't think was necessary, but the fact that I have those accounts now means that I could easily do something like you are now doing when the time is right. You raise a lot of good caveats and it is good that you have considered all of those before choosing to move forward. I think you overall plan is a smart one and it has some sound reasoning behind it. I can think of several accounts that already do something similar to this.
Posted Using LeoFinance Beta
Honeypots are a definite target. Removing that can only enhance one's security.
Posted Using LeoFinance Beta
Yeah and since everything is transparent, it is easy to spot the honeypots. One of the gives and takes of Blockchain!
Great info! Since my wallet is very tiny at the moment, I never thought of adding extra security to it, but after reading this, I think I might create a few alts and start the good habit early. Thank you 💙
~~~ embed:1620399815933972484 twitter metadata:MTQxNTE1NTY2MzEzMTQwMjI0MHx8aHR0cHM6Ly90d2l0dGVyLmNvbS8xNDE1MTU1NjYzMTMxNDAyMjQwL3N0YXR1cy8xNjIwMzk5ODE1OTMzOTcyNDg0fA== ~~~
The rewards earned on this comment will go directly to the people( @taskmaster4450le, @rzc24-nftbbg ) sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
It's an interesting discussion.
The funny thing is that since RC delegations, I've done the opposite.
Powered down my alts and brought all HP back under this account.
Simplifies my earnings on HP.
But as you point out in this post, it adds to my risk...
Ultimately my thinking is that with a properly set up recovery account, right now I'm secure enough.
Whether I'll feel the same way when HIVE goes to $10+, we'll see.
Posted Using LeoFinance Beta
!PGM
!PIZZA
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
I gifted $PIZZA slices here:
@rzc24-nftbbg(2/5) tipped @taskmaster4450 (x1)
torran tipped taskmaster4450 (x1)
Send $PIZZA tips in Discord via tip.cc!
Those are some good points and I should also consider making some accounts to ensure more security on my account. Fortunately, I do have some account creation tokens and they can be used to make them but I will have to wait till I have more time.
Posted Using LeoFinance Beta
Thank you for all the ideas you shared on how to protect one's account.
!PIZZA
!CTP
Posted Using LeoFinance Beta
My most valuable assets in the Hive ecosystem in dollar terms - the Splinterlands assets - are split among about a dozen accounts. But I might create another staking account for HP too.
If it creates a hassle for me to keep my money secure that means a way bigger hassle for someone to steal it. Criminals are basically lazy and will grab what is easiest for them to get. Taking the steps now to secure accounts avoids a much bigger hassle down the road.
!ALIVE
!CTP
!BBH
@taskmaster4450! Your Content Is Awesome so I just sent 1 $BBH (Bitcoin Backed Hive) to your account on behalf of @lisamgentile1961. (1/50)
Good Morning and Thank you, @bbhbot! Enjoy your day.😀
@taskmaster4450! You Are Alive so I just staked 0.1 $ALIVE to your account on behalf of @lisamgentile1961. (1/10)
The tip has been paid for by the We Are Alive Tribe through the earnings on @alive.chat, feel free to swing by our daily chat any time you want.
Good Morning and Thank you, @youarealive! Enjoy your day.😀