Skip to content

Latest commit

 

History

History
666 lines (447 loc) · 23.6 KB

README.md

File metadata and controls

666 lines (447 loc) · 23.6 KB

Table of Contents

About Keychain

Putting private keys directly into websites is not safe or secure, even ones run by reputable community members. Yet this is currently how nearly every Hive-based site or service currently works. On top of that, most Hive users likely use their master password which is even worse.

The Vessel desktop wallet software is a secure alternative, but it is too difficult to use for the majority of Hive users and does not easily interact with websites - which is Hive's primary use case.

On Ethereum, you never have to enter your private key into a website to use a dApp. You can just use a browser extension like Metamask, which dApp websites can interface with to securely store your keys and broadcast transactions to the blockchain.

Hive Keychain aims to bring the security and ease-of-use of Metamask to the Hive blockchain platform.

Installation

You can download and install the latest published version of the extension for the following browsers:

  • Google Chrome (or Opera/Brave): on Chrome Store
    • Export your keys from Steem keychain (in settings)
    • Download this repository as zip
    • Unzip the downloaded folder
    • Right click on any existing extension > Manage my extensions.
    • Activate developer mode.
    • Click "Load Unpacked" and select the unzipped folder.
    • Import your keys (use the same master password)
  • Firefox: on Firefox Addon Store

Features

The Hive Keychain extension includes the following features:

  • Store an unlimited number of Hive account keys, encrypted with AES
  • View balances, transaction history, voting power, and resource credits
  • Send HIVE and HBD transfers, manage witness votes, and update HP delegation right from the extension
  • Manage your Hive Engine tokens
  • Power up or down
  • Securely interact with Hive-based websites that have integrated with Hive Keychain
  • Manage transaction confirmation preferences by account and by website
  • Locks automatically on browser shutdown or manually using the lock button

Website Integration

Websites can currently request the Hive Keychain extension to perform the following functions / broadcast operations:

  • Send a handshake to make sure the extension is installed
  • Decrypt a message encrypted by a Hive account private key (commonly used for "logging in")
  • Post a comment (top level or reply)
  • Broadcast a vote
  • Broadcast a custom JSON operation
  • Send a transfer
  • Send Hive Engine tokens
  • Send Delegations
  • Power up/down
  • Vote for witnesses
  • Create/Remove/Vote for proposals
  • Create claimed accounts
  • Sign Tx

Usage

Example

An example of a web page that interacts with the extension is included in the "example" folder in the repo. You can test it by running a local HTTP server and going to http://localhost:1337/main.html in your browser.

cd example python -m http.server 1337 //or any other method to run a static server

NOTE: On localhost, it will run on port 1337.

Using Keychain for logins

To login, you can encode a message from your backend and verify that the user can decode it using the requestVerifyKey method. See an example in this project by @howo (@steempress witness):

Frontend

Backend

Alternatively, you can use requestSignTx and verify the signature on your backend.

@hiveio/keychain

This npm module makes it easy to add Keychain support within the browser. It also includes helpful functions to check whether Keychain was used before. It was developed by @therealwolf (witness).

Operations

The Hive Keychain extension will inject a "hive_keychain" JavaScript into all web pages opened in the browser while the extension is running. You can therefore check if the current user has the extension installed using the following code:

hive_keychain

Use the hive_keychain methods listed below to issue requests to the Hive blockchain.

requestHandshake

This function is called to verify Keychain installation on a user's device

Parameters
  • callback function Confirms Keychain installation

requestEncodeMessage

This function is called to verify that the user has a certain authority over an account, by requesting to decode a message

Parameters
  • username String Hive account to perform the request
  • receiver String Account that will decode the string
  • message String Message to be encrypted
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestVerifyKey

This function is called to verify that the user has a certain authority over an account, by requesting to decode a message

Parameters
  • account String Hive account to perform the request
  • message String Message to be decoded by the account
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestSignBuffer

Requests a message to be signed with proper authority

Parameters
  • account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)
  • message String Message to be signed by the account
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)
  • title String Override "Sign message" title (optional, default null)

requestAddAccountAuthority

Requests to add account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters
  • account String Hive account to perform the request
  • authorizedUsername String Authorized account
  • role String Type of authority. Can be 'Posting','Active' or 'Memo'
  • weight number Weight of the authority
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestRemoveAccountAuthority

Requests to remove an account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters
  • account String Hive account to perform the request
  • authorizedUsername String Account to lose authority
  • role String Type of authority. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestAddKeyAuthority

Requests to add a new key authority to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters
  • account String Hive account to perform the request
  • authorizedKey String New public key to be associated with the account
  • role String Type of authority. Can be 'Posting','Active' or 'Memo'
  • weight number Weight of the key authority
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestRemoveKeyAuthority

Requests to remove a key to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters
  • account String Hive account to perform the request
  • authorizedKey String Key to be removed (public key).
  • role String Type of authority. Can be 'Posting','Active' or 'Memo'.
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestBroadcast

Generic broadcast request

Parameters
  • account String Hive account to perform the request
  • operations Array Array of operations to be broadcasted
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestSignTx

Requests to sign a transaction with a given authority

Parameters
  • account String Hive account to perform the request
  • tx Object Unsigned transaction
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestSignedCall

Requests a signed call

Parameters
  • account String Hive account to perform the request
  • method String Method of the call
  • params String Parameters of the call
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestPost

Requests to broadcast a blog post/comment

Parameters
  • account String Hive account to perform the request
  • title String Title of the blog post
  • body String Content of the blog post
  • parent_perm String Permlink of the parent post. Main tag for a root post
  • parent_account String Author of the parent post. Pass null for root post
  • json_metadata Object Parameters of the call
  • permlink String Permlink of the blog post
  • comment_options Object Options attached to the blog post. Consult Hive documentation to learn more about it
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestVote

Requests a vote

Parameters
  • account String Hive account to perform the request
  • permlink String Permlink of the blog post
  • author String Author of the blog post
  • weight Number Weight of the vote, comprised between -10,000 (-100%) and 10,000 (100%)
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestCustomJson

Requests a custom JSON broadcast

Parameters
  • account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)
  • id String Type of custom_json to be broadcasted
  • key String Type of key. Can be 'Posting','Active' or 'Memo'
  • json String Stringified custom json
  • display_msg String Message to display to explain to the user what this broadcast is about
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestTransfer

Requests a transfer

Parameters
  • account String Hive account to perform the request
  • to String Hive account to receive the transfer
  • amount String Amount to be transfered. Requires 3 decimals.
  • memo String The memo will be automatically encrypted if starting by '#' and the memo key is available on Keychain. It will also overrule the account to be enforced, regardless of the 'enforce' parameter
  • currency String 'HIVE' or 'HBD'
  • callback function Keychain's response to the request
  • enforce boolean If set to true, user cannot chose to make the transfer from another account (optional, default false)
  • rpc String Override user's RPC settings (optional, default null)

requestSendToken

Requests a token transfer

Parameters
  • account String Hive account to perform the request
  • to String Hive account to receive the transfer
  • amount String Amount to be transfered. Requires 3 decimals.
  • memo String Memo attached to the transfer
  • currency String Token to be sent
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestDelegation

Requests a delegation broadcast

Parameters
  • username
  • delegatee String Account to receive the delegation
  • amount String Amount to be transfered. Requires 3 decimals for HP, 6 for VESTS.
  • unit String HP or VESTS
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)
  • account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestWitnessVote

Requests a witness vote broadcast

Parameters
  • username
  • witness String Account to receive the witness vote
  • vote boolean Set to true to vote for the witness, false to unvote
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)
  • account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestProxy

Select an account as proxy

Parameters
  • username
  • proxy String Account to become the proxy. Empty string ('') to remove a proxy
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)
  • account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestPowerUp

Request a power up

Parameters
  • username String Hive account to perform the request
  • recipient String Account to receive the power up
  • hive String Amount of HIVE to be powered up
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestPowerDown

Request a power down

Parameters
  • username String Hive account to perform the request
  • hive_power String Amount of HIVE to be powered down
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestCreateClaimedAccount

Request the creation of an account using claimed tokens

Parameters
  • username String Hive account to perform the request
  • new_account String New account to be created
  • owner object owner authority object
  • active object active authority object
  • posting object posting authority object
  • memo String public memo key
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestCreateProposal

Request the creation of a DHF proposal

Parameters
  • username String Hive account to perform the request
  • receiver String Account receiving the funding if the proposal is voted
  • subject String Title of the DAO
  • permlink String Permlink to the proposal description
  • daily_pay String Daily amount to be received by receiver
  • start String Starting date
  • end String Ending date
  • extensions String Stringified Array of extensions
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestRemoveProposal

Request the removal of a DHF proposal

Parameters
  • username String Hive account to perform the request
  • proposal_ids String Stringified Array of ids of the proposals to be removed
  • extensions String Stringified Array of extensions
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestUpdateProposalVote

Vote/Unvote a DHF proposal

Parameters
  • username String Hive account to perform the request
  • proposal_ids String Stringified Array of Ids of the proposals to be voted
  • approve boolean Set to true to support the proposal, false to remove a vote
  • extensions String Stringified Array of extensions
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestAddAccount

Add a new account to Keychain

Parameters
  • username String username of the account to be added
  • keys Object private keys of the account : {active:'...',posting:'...',memo:'...'}. At least one must be specified.
  • callback

requestConversion

Request currency conversion

Parameters
  • username String Hive account to perform the request
  • amount String amount to be converted.
  • collaterized Boolean true to convert HIVE to HBD. false to convert HBD to HIVE.
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)

requestRecurrentTransfer

Request recurrent transfer

Parameters
  • username String Hive account to perform the request (optional, default null)
  • to String Hive account receiving the transfers.
  • amount String amount to be sent on each execution.
  • currency String HIVE or HBD on mainnet.
  • memo String transfer memo
  • recurrence Number How often will the payment be triggered (in hours).
  • executions Number The times the recurrent payment will be executed.
  • callback function Keychain's response to the request
  • rpc String Override user's RPC settings (optional, default null)