There is one big problem with your solution. It requires editing a post on user's behalf. It is only possible if the interface stores private posting key of the user on a server, access_token
+ refresh_token
in case of using SteemConnect, or to add posting authority directly to the interface's proxy account.
You are viewing a single comment's thread from:
Thanks for the info! I haven't taken this into account...
Does this mean that apps like smartsteem store the log in information on their servers because they also need to have offline access to my account (to make votes)?
I have never used SmartSteem, but if they vote on your behalf then yes.
However, as far as I know, they use SteemConnect, so the information they store isn't as sensitive as a private key.
If you want to know why I think the SteemConnect's
access_token
is not as sensitive as a private key, check this issue:Thanks for educating me!