You are viewing a single comment's thread from:
RE: NobleBot Is Introducing A New Tool
Hi @crokkon, I understand all of your concerns. I also advise nobody to trust a website with their private keys unless it is offered by Steemit Inc.
I can do SteemConnect for withdraw vesting routes, and removal of posting authority. But that won't be enough because with active and/or owner authority those can be re-added in a matter of seconds.
I just want to help the victim of hacking/scam to reset their account authorities as I failed to help them the first time when they posted their key. I know it not wise to trust a dude on the Internet but I am doing whatever I can. I do not keep logs of usage, not even errors.
Looks like my hands are tied at least for now but thank you for commenting.
Hi @noblebot, I just found out SteemConnect actively doesn't want to support account update operations: https://github.com/steemit/steemconnect/issues/206
So you're right, using SteemConnect for these goals will not work :/
You could maybe do it all on client side with steem-js. This way the key wouldn't have to be sent to the server and anybody (at least those tech-savvy enough...) could see what's happening in the source code?
Hi @crokkon, thank you for the suggestion. Though the code is very easy to write, but I do not want to share it publicly as anybody with very little technical knowledge can change 2-3 lines of the code and make a phishing site out of it and run from a free hosting provider.
But if you or anybody trusted by the community want to check the code, I am willing to share. :)