The Hive Blockchain operates like most other decentralized blockchain projects, where instead of selecting your preferred password strings, you are provided with a unique set of keys.
Moreover, since your account is not linked to your demographic information and there is no KYC process, these keys must be held securely as any breach or loss of these keys may result in one's inability to access their Hive account for a lifetime.
Imagine your years of work, or even months of effort, gone because you failed to keep your keys safe. That's a gross misfortune! So, in this episode of the Newbies Initiative Task 3, I'll be exploring in-depth Hive keys and security, discussing the important keys, key safety, and account recovery.
Summary of Hive Keys and Security
One important point to take note of with respect to Hive Keys and Security is that these keys are unique, with each designed to enable a specific level of a transaction on the Blockchain. The names of these keys could provide you with a clue as to what purpose they serve. Let's identify them:
1. Posting key
This key is vital for all posting-related activities on the blockchain. Thus, with the posting key, you can share posts, make comments, and vote on other users' posts.
Remember, almost all activities on the blockchain are transactions, thus, each key enables a level of expenditure on your resources.
The posting key uses Resource Credits (RC) as its currency. So, with your posting key, you can expend RCs through the normal engagement activities requiring RCs.
Other capabilities possible with the posting key are: post reblogging, following users, and editing posts and comments.
2. Active key
The active key is a higher level key whose currency extends beyond resource credit expenditure and can be used in managing other currencies on the blockchain. With this key, you can perform token-related transactions such as powering up Hive, transferring Hive/HBD, converting HBD to Hive and vice versa, placing orders on Hive-supported DEXs, and voting for witnesses.
For most people, this is the highest level of key usage required. This key needs to be protected as you can easily lose funds if this key is compromised.
3. Owner key
This is the highest level of key on the Hive Blockchain, enabling a range of actions possible by both the posting and active key and even more. As its name implies, it is the key that shows ownership.
With this key, you can reset all other keys, including itself. This key also enables you to recover your account in the event of a breach.
There are myriads of features enabled by this key, so it should receive a different level of care and protection.
Other keys such as the memo and public keys exist, but, it is unlikely that you will ever need to use them.
Front ends may provide users with a "password" or a "master key" when they are being signed up. This password or master key are considered non-posting keys and thus may not be required for any activity on the chain. They provide users with more granular controls like the owner key, but in a more in-depth fashion.
In your opinion, what are the best ways to keep your keys safe?
If you have noticed, the Hive blockchain when one is trying to log in does not provide users with the "forget password" option, because there is no way to retrieve the keys once they are lost.
With that in mind, the best course of action for a user is to ensure that his/her keys are safe.
The safety of your keys is your responsibility.
Here are some ways I prefer to keep my keys safe.
Save keys by order of priority
The master key/password and owner keys are barely required but are at the apex of importance compared to other keys. As a result, I prefer to keep them separate from my posting and active keys, but securely.
The posting and active keys are also vital, but a user needs to access them more often, so I keep them secure but more accessible.
You know, the basic principle of security is that the more accessible an item is, the less secure it is, and the more secure it is, the less accessible it is. So, that is the basic idea I am presenting here.
For me, like most people, my email draft and Google Keep notes are good enough to store my posts and active keys. While these are not top-notch secure options, to a fair extent, they are highly secure if best practices are ensured.
For my master key and owner key, a personal journal kept securely with my academic documents is my go-to solution. They are best saved offline, so offline they must go.
But it could be a pain to write them down and type them in whenever they are needed, so I made a smart move. With an online QR code generator, I generated a QR code for the keys so that I could easily scan and copy them whenever needed.
How do you check your recovery account and what process is needed to recover an account?
Checking Your Recovery Account
- To do this, visit Hiveblocks.com/your-username (e.g. https://hiveblocks.com/@zestimony)
- When you are here, scroll down the page till you find your recovery account. Like in my case, it is evident that my recovery account is @ocdb.
Change your recovery account.
For me, it is impractical to use OCDB as my trustee, as I couldn't find an account recovery service by OCDB at the time of writing. So, I will be changing it to available recovery services I could find (maybe @Hive or @hive.recovery). To do this, we will be using the @peakd front end.
Begin by making sure you are logged in and have your owner key ready/handy.
After logging in, go to your profile section, select account actions, and thereafter, keys and permissions:
Once you have done the above, navigate to the "Recovery Account" tab under the keys and permissions window and change your recovery account:
Click on "Change Recovery Account" and input the recovery account details, then paste in your owner key to confirm the process:
Account Recovery Proper
Here are some resources for recovering a Hive account that you may find helpful:
|3||Hive Developers' Portal||Link|
Phew! I was not expecting that this would go so deep. But it deserves an in-depth consideration nonetheless. Your keys are basically the foundation on which your Hive account is based. Do everything in your power to protect these keys.