I just became aware of a conversation regarding security (or in this case, the lack thereof) of certain login methods on Hive. Before anyone freaks out, Hive Keychain is secure-enough for most regular users on Hive. Other login and broadcast methods were in discussion (it started from LeoAuth and Keystore, but PeakLock was also mentioned). For power users, Keychain has its security limits too, and they should look for alternative broadcasting methods, especially for sensitive transactions (offline signing, Clive?), if they are very security-concerned.
Now... we live in a world that holds in high regard the ease of use. Without it, you won't have any serious onboarding.
On the other hand, we live in a world that trusts a bank to keep their funds safe, as stupid as this thing seems now that enough people have learned about fractional reserves.
But banks do make things easy for customers while having relatively strong security that the customers aren't concerned about. That's the world we live in. The centralized and with delegated responsibilities (and as a consequence, powers) kind.
Some of us, in Web 3, want to flip the model to a more decentralized one. But it's tough, and it will never be fully decentralized for obvious reasons and we can see some issues with being too decentralized at certain times on Hive (as well as with being too centralized - we have both).
Not easy issues to navigate, especially being sort of pioneers in this field.
Interesting, the AI mostly thinks about KYC with fingerprint readers as a compromise between security and ease of use... And I've tried a couple of times and variations.
But let's get back to the issue at hand.
Many newcomers joining Hive want ease of use, or they don't want to bother. If they come from social media, they have the traditional platforms to compare with. If they come from gaming, they have those to compare us with, if they come from crypto, they ask: "why would I join another ecosystem and learn new tools and apps? is it worth it?".
In the latter case, maybe the offer is so irresistible that they would go through the hoops, but likely we don't have such offers (yet?). The alternative is to make it easy for them to join and use Hive using the wallets they already use or know.
It turns out this isn't very secure and the implementation can't be very secure, if ease of use is what is wanted. The question is, is it worth it?
It's probably debatable, since it's a tradeoff of security for ease of use. At the same time, it is very likely the new accounts would be very small, at first. They are full Hive accounts, but maybe we can look at them as "lite accounts" while they are young and underfunded.
What I would do - and that applies to all Hive front-ends, dapps, or tools! - at certain amount of assets in any account (let's just say HP, HIVE and HBD), I would warn the user to use a more secure login/broadcasting option (explaining the trade-offs, risks, and options to "upgrade" security).
That allows easier onboarding and initial user experience, but also doesn't put the account's funds at risk by using a login method with weak security, once they start having some skin in the game.
What do you think? Is it a too higher tradeoff to allow login methods (and broadcasting methods) with weak security for the increased user convenience? Should they be disabled if the account outgrows certain level of base assets (HP, HIVE, HBD)?
Posted Using INLEO
This is such a classic Web3 dilemma man, the whole security V convenience situation. I believe most people just want things to be easy. If it's too complicated, they leave like immediately unless if they'll earn money then they take their time to learn the system. But once you have real money in, security should be a must. Maybe a tiered system where newbies get easy logins but are warned to upgrade security when their assets grow, maybe that could work. That way, we don’t scare off the new users while keeping things safe. For me I get that Web 3 is still growing so having issues like this is bound to happen
Absolutely! It is a difficult issue to deal with in Web 3, but we need to find solutions that work for the regular people, otherwise we will not have a chance to grow. Security is very important, and the bad thing is most people understand how important it is after they lose their assets because of poor security measures or their own fault (scammed, etc.). That's why I said it would probably be a good idea to be reminded at the dapps' level to up their security once they have some skin in the game and continue to use weak security practices.
absolutely... And yes usually it's after they lose some assets that they start talking big on security
Is Clive useable now? Where can i learn about it please?
EDIT: i found this https://ecency.com/hive-139531/@thebeedevs/clive-updates-encrypted-profile-is-ready
What are the obvious reasons why Web3 will "never be fully decentralized" ?
This could help make it happen i think:
https://peakd.com/@atma.love/re-peaksnaps-sspi59
Yes, that's the one. @thebeedevs is a team that works with/under Blocktrades' team (coordination), if I understood well.
It's very difficult to reach consensus/agreements or to make quick decisions the more decentralized (and complex) a system is. If we are to think about bitcoin, which is probably more decentralized than Hive in certain aspects, they often don't come to agreements and have internal fights. The easiest for them is not to change anything at the base layer because that leads to disagreements, but others do not agree and feel they need to keep up with technology, so however they take this, some will be disappointed. In the past we had bitcoin forks because of such disagreements. We had such forks on our side, with similar blockchains over time, and people who wanted something else or who felt excluded or whatever. Or who wanted to preserve something as it happened with the way Hive was born out of necessity but also conflict.
I'm not sure if it's feasible, but having a main account for daily Hive usage and an alternative account for investments could be an option to balance between ease of use and security. But then, one would have to juggle between two accounts, different set of keys, etc. Basically more fiction too.
That's kind of what I have. My posting account (which is true has access to some funds), and my staking account or other accounts for investments, gaming, etc.
But you can't ask a newcomer to Hive to know this, or to create multiple accounts for every new person who joins. That's something they learn in time and choose to do or not.
The alternative is to "have all your eggs in one basket and watch it like a hawk". In this case, one account. And be very careful about security and what you do with your private keys, what authorities you grant (the fewer the better, and none for sensitive accounts).
It was proven in practice that our system with multiple private keys confuses even crypto people, even if it offers a tiered security. That's why, it is better to have something in-between to help with onboarding that is easier to understand and use. But unfortunately, that usually comes with a weaker security.
Definitely! Multiple private keys was a bit confusing for me at the start, especially their names, master, owner, active, etc.
I think when users grow their accounts and become more familiar with how the ecosystem works, taking security more seriously will come as a byproduct even if it carries some element of friction. For me, I view it more as the cost of freedom/sovereignty.
The easier thing to onboard people would be e-mail + password like normal social media do, even splinterlands and then after a while make them move to safer things
It would be interesting to know the limits of Splinterlands accounts using username and password as login.
It's important to know that even Web 2 websites started to move away from this model as it poses a high security risk.
Security matters when there's funds to secure. There's no point making it 10X harder to onboard just to secure a wallet with basically nothing.
I agree a tight security is an issue for onboarding. That's what I said in the post.
Regarding a hardware wallet (i.e. Ledger, the only one Hive is integrated with), it could make sense for accounts with few transactions and where security is paramount. It certainly makes no sense for an account where one needs to use the posting key for posting, voting, etc. But in this case, Clive would be kind of inconvenient too. Most likely a posting account should be kept with a less strict security, especially for more socially active people. If someone posts and comments every once in a while and votes the same way, maybe they could go through the hoops of tighter security, but it wouldn't be pleasant.
I guess they could keep a secure account and delegate to another account with that's almost empty.
That's what I do with my staking and posting account (plus other accounts, like gaming). But even like that, I have quite a few assets in my posting account, which have accrued by using the ecosystem and in some cases it would make no sense to move them to the staking account (tribe/curation tokens, for example).
Sounds like the smart thing to do.
I think it depends, but I think it's hard to get users when its a pain to login. I like Keychain for that reason because it makes it easy. I understand that there are security issues if you aren't careful though.
Keychain is great for most Hive users. For new users, it's not the easiest. It's not Keychain's fault, because it is made very user friendly. But there are some issues: for once, it is a Hive-specific plugin/interface, they wouldn't have seen it anywhere else. While crypto people might have seen similar wallets in other ecosystems, it can be a matter of trust. New wallet they never heard of. Why not have support from one of the major multi-chain wallets, they might think. The other thing is our multi-tier private keys, which is likely they haven't seen anywhere else in crypto, or in very few places.
Non-crypto people would have even more questions and possibly worries. Possibly thinking defensively first, about scams and stuff like that, even if it's the contrary, Hive with Hive Keychain offer a decent security (subject to user practices too).
I don't think it's bad to learn new things in web3, if you're coming from web2, it's either you learn or you remain stagnant. Personally I think every web3 ecosystem is not as simple as logging in a simple password and going about your business. The trade off and the experiences is rewarding in the short and long-term
I agree. But how do you convince them to learn? Plus, if each ecosystem/platform/application comes with a learning curve, most people would soon give up, or choose easier routes.