You are viewing a single comment's thread from:

RE: Hate putting private keys into websites? Introducing Steem Keychain!

in #steem6 years ago

Yabapmatt, for sure 100% fantastic but i have a fear with these extensions. Is there any possibility that another extension can see what you are doing? Some of them are granted "Read all actions, websites, etc.?". As a developper, can you tell us it is 100% safe?

Posted using Partiko Android

Sort:  

This is actually yet another reason why using an extension to store your keys is better than putting them into websites. As far as I know extensions cannot access any data stored by other extensions, but they can access data on websites, as you pointed out. So if you copy/paste your key into a website like steemit.com or Steem Connect, then a malicious extension could steal it, but a malicious extension cannot steal it from the Steem Keychain extension.

I get it, so true! Gratefull thanks for replying. We still have to be carefull off course, another extension could do phishing, mimic same behaviour and one step up in the OS hierarchy, any process can read all our keystrokes but yes, it is better than anyhing we have now and difficult to do better, thumbs up @yabapmatt, thanks, thanks, thanks!

Posted using Partiko Android

Yes, phishing is always the biggest problem, so you must always be very careful about that!

Great addition. Still. I trust my savings wallet more then anything. 😀 goes and hides more stuff there