Cyber security is a crucial part of all digital asset. Traditional banking centralization in nature give access to your Financial accounts using password and OTP and banks are protected by insurance. Traditional bank which conducts KYC it is difficult to withdraw the money even if you hack the users account since bank will able to track data like location, customer responsible for the same. However same is not the case in Cryptocurrency account
Crypto accounts can be accessed by the combination of public key and private key. Public key like your bank account number. You can give your public key to anyone who wants to transfer the money to your account. Private key is like your bank account password which will enable you to access your account to transfer the funds and other features
Custodial is one the largest problem in Crypto economics which is hindering the entry of Institutional investors to this space. If investors loose their the private key even by some mistake they will loose all the money inside that account (Think of Billions of dollar!!!). But in traditional banking system you can report it to your bank and they will block the account. That is why Institutional investor still rely on Traditional Banking
Security Feature in EOS Blockchain
EOS network has resolved many of the above problem one of them is loosing your private key.
1. Use of Scatter for identity verification :
Never ever directly enter your EOS private key directly in any website. All website which requires identity verification will ask to verify through Scatter
Scatter stores your private key only in the local system and used only for identity verification. Your private key will never be reveled and scatter only confirms it for the account which you want to login. Scatter provides both chrome extension and desktop wallets apps
2.Use of Active key and owner Key :
Everyone would have heard about your active key and owner key. Seen in your eosflare or other block explorer like this under permission category.
So what is Active key and Public Key ?
Active key is the one which enables you to send the transaction and enable you to conduct all the transaction except change of private key. Confused ??
The Use of owner key is to change the active key. If any hacker steals your active key they will be able to try to withdraw the staked tokens it will take 3 days to complete it . So always use EOS authority tool to get the alert https://eosauthority.com/alerts so you know when ever unauthorized user has accessed your account. Since your active key is already lost now you can use your Owner key to change you active key and save your staked tokens.
That is the reason why everyone say to always stake your EOS token if you are planning to hold it for long term.
How to Change your Owner Key or Active Key?
By Default both your active key and owner key will be same. It is of my recommendation to change your owner key and write it in a paper and save it offline and keep your active key same. There are many tools which enable you to change the owner key. My favorite is meet.one app and EOS Toolkit
Step 1 : Generate the public key and private key in meet.one app (If you dont user meet.one then got to this link https://nadejde.github.io/eos-token-sale/ .In GitHub there is offline generation tool also)
Step 2 : Go to My account >> Authority Management and Select Change in Owner key option. Copy paste the public key which you have generated
In case of EOS Toolkit Generate the key, Go to Manage Account>>Manage Permission >>Change Permission. (Snapshot below)
That is it… So if you ever lost your private active key to any hackers or social engineering technique
- Make sure to setup the EOS Authority Alerts.
- If you observe any unauthorized activity use your owner key to login using scatter to meet.one or eos tool kit.
- Use the above step. Now instead of changing the owner key change the Active key
- You are back in Control
Stay tuned with lot of up votes for more such security Tips