Posts

Ledger on HIVE tips

avatar of @empoderat
25
empoderat
@empoderat
·
·
0 views
·
4 min read

Hello!

In recent days I have been tinkering with what I believe is a very important security enhancement in Hive. Nothing less and nothing more than the addition of a Hardware wallet feature on Hive through Ledger.

The person responsible for this is @engrave, and if you're not doing it already, you should vote for him as a witness (you can vote for him through this link). It's the least someone on Hive can do for people who develop (very!) useful and necessary features.

This post isn't intended to be a tutorial (which by the way you can find here), but wanted to report a couple of things about the use of ledger in Hive and an important security improvement for my project, SEED.

HIVE on Ledger, important remarks

I'm not going to go into the minor details of the installation but go straight to the most important step, which is to change your current private keys to ones derived from your Ledger, which you can see in the step ''How to associate your account with ledger device'' in the aforementioned @engrave's tutorial.

As you can see in the pic, you will be asked if you want to ultimately change ALL of your keys or only the Owner key. This has some serious implications (as I have experienced it myself).

The thing is that for testing purposes, I tried changing the Owner + Active in one of my alt accounts (letting the posting as it is to keep with the blogging features).

What is my surprise when I realize I'm unable to use peakd or any other frontend (since the ledger app interface doesn't have a Keychain integration yet).

Not only that. I was completely UNABLE to use Hive-Engine. My account was only able to send/receive/power up/down Hive & interact with savings.

I didn't panic because I knew that the worst-case scenario was to wait for a Keychain integration, but being realistic this is a few months away, at bare minimum. I was locked out of my own account for a while because I'm a monkey and didn't think about this little detail, and didn't check for HE support first.

Fortunately, I was able to reach engrave through discord and with a bit of skill and another guide I was able to recover full control of the account in a few hours. Thanks again @engrave!

Then, what to do?

My recommendation: backup your Owner key through Ledger and keep unchanged your Active & Posting.

This way you'll be able to keep using your account until now, but instead of worrying about the security of your (encrypted or not) .txt file you'll sleep better at night knowing that if your active/posting keys ever get compromised (random power down starts or something like that). You'll have a very reliable way to recover your account (if you backed correctly your Ledger and all that stuff).

Bonus feature: Full cold Hive wallet

Maybe this post has probably got you thinking about ways to back up your account and assets (it's exactly what happened with me). And this is only one of those use-cases: a hive account under your control with ALL the keys derived from your Ledger.

My account has a lot of activity (transfers in/out, recurring payments, etc), and sometimes is a bit hard to keep track of everything. So it makes sense to create an account, with the only purpose of 'keep stacking' and to keep safe those assets that you're holding long-term anyway (you know, just in case).

If you stake Hive as Hive Power, you can always (and it's highly recommended) to delegate it to your main account.

This feature is even juicier since you can stack your HBD at +20% APR there and sleep even better at night.

Bonus feature #2 (for Project Owners like me!)

SEED isn't a stackable asset. I mean, you're holding it fully liquid into your account.

If you're holding a few hundred of something isn't a problem, but in my case, I've been holding ~50% of the total supply of SEED for a few months.

One of my deepest fears all this time has been someone gaining access to my account, and dumping everything at once, destroying the HE market and the Liquidity Pool.

Even worse, sometimes I log in very late at night to make a trade (usually I try to avoid it but sometimes I don't have any other option), and sometimes I'm afraid of 'market selling' the 'wrong token' and fat-fingering the market. A simple market sell of 3K SEED would be enough to make a lot of damage and put a lot of SEED in hands that shouldn't be.

Jeez, I still remember when someone missed on a few zeros and did a massive 'market sell' which emptied the GDAX order book and 'flash crashed' eth to 0,1$ ... from 320$... in a few seconds.

It would be a very big mess, and probably a new token must be issued... with the loss of trust and problems that this would generate. definitely a problem I don't want to run into.

Solution? Locking you out (temporarily) of your assets.

And this is exactly what I did. I sent my SEED stash (exactly 50% of the supply or 50K SEED) to a fully cold wallet of mine (without Hive-Engine support yet).

If required I can have access to those tokens through commands, but since I don't want to touch them for a long-time anyway this feels like a proper & very convenient solution.

To sum up

Ledger is a very reliable system to keep your assets safe. The recent addition is Hive is a great step ahead although there's still a lot of work to do in terms of integrations, etc.

Definitively the possibilities that open up are very significant.

--

Vote for My Witness!

If you like what I do consider voting for my witness, it's free!

Witness account: @empo.witness

Hive (main chain) witness vote - https://vote.hive.uno/@empo.witness Hive Engine vote - https://tribaldex.com/witnesses

Posted Using LeoFinance Beta