First you say client side do not need key handling, then you say they should code a proper key storage ...
Isn't it contradictory ?
You are viewing a single comment's thread from:
First you say client side do not need key handling, then you say they should code a proper key storage ...
Isn't it contradictory ?
It really depends on a purpose of the app. For an interface like Steemit or DTube there is no need to store keys on the server side nor access tokens. But there are certain types of apps that need that, and as far as I know, it is way more secure to store OAuth2 tokens than private keys.