Leak -- Compromised MEMO key successfully protected

10 mo
2 Min Read
421 words

❗❗❗ 💀 ⚠️ 💀 ⚠️ ❗❗❗
It's a new day and another user leaked one of their private keys into the Hive Blockchain.

They COMPROMISED their...

private MEMO key

HOW: in a transfer operation

The compromised account owner has now been notified in multiple ways. The identity of the user will be disclosed only in the monthly report in order to give them time to address the issue.

Compromised account stats:

  • Reputation: 25

  • Followers: 0

  • Account creation: 8/2021

  • Last social action on chain: 1969/12/31

  • Estimated account value: $ 151.43

Top 5 private ACTIVE keys protected:

1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee:
~$ 8,400
3. @runridefly:
~$ 3,300
4. @globalmerchantio: ~$ 250

5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)

Keys-Defender features:

- Keys protection [live scan of transfers/posts/comments/other_ops. Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]

To support this project..
- Delegations:
10, 50, 100
500 HP, 1000 HP
- Curation trail: Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.

10 mo

!discovery 25


This post was shared and voted inside the discord by the curators team of discovery-it
Join our community! hive-193212
Discovery-it is also a Witness, vote for us here
Delegate to us for passive income. Check our 80% fee-back Program
10 mo

This is misleading:

Compromised MEMO key successfully protected


What would you suggest I change it to?

  • compromised -> because it got leaked
  • protected -> immediate memo or reply based on the type of op, plus contacted on discord and hive chat if the handle matches
10 mo

compromised, yes
protected? not at all
it's just an attempt that was made to contact account the owner, nothing more than that
and that's fine, because nothing more than that could be done
it's just wrong to call it protected because it's way too late for that
victim might thing that's OK to just change it on time, but for example all past communication that used such key (i.e. messages encrypted with that memo key) are forever public since the very moment that key leaked


I agree.
Should I change it to “MEMO key leak damage successfully mitigated/reduced” ?
Or what else?

10 mo (edited)

No, that doesn't make sense.
There's no forward secrecy, once leaked, it's over.
With the active key (where consequences can be much worse as it controls finances) it is ironically much simpler, because first you could tell looking at account history if there were funds movements between leak and the moment key was changed.
In case of memo key you just know that it happened and you can do nothing but just let owner know.
It doesn't protect them, it just inform them (if successful at all) about the fact.


I see what you mean now. Their past encrypted messages are leaked forever, that's a good point.

  1. For memo keys I'll change the post title to "Compromised MEMO key detected"
  2. I'll add some text in the post that says something like "review for sensitive info all the encrypted messages that you sent with the compromised memo key. Now they are all public forever.."
  3. And following your thinking, it's probably better to not disclose their full account name in the "monthly" report.
10 mo

Your content has been voted as a part of Encouragement program. Keep up the good work!

Use Ecency daily to boost your growth on platform!

Support Ecency
Vote for Proposal
Delegate HP and earn more