You are viewing a single comment's thread from:
RE: steemitchat.live : Chat Portal is LIVE for steemit users...
Great, I tried to log in and found that you are sending the private key over the network. It's not a safe way to authenticate a user. Network requests can easily be scanned by 3rd party or network provider. ⚠️
I agree. Please don't send any private keys off the client machine. Regardless of it being just the memo key, it's never a good idea. Also, check the key validity before making a call to your backend. You're exposing your backend to attacks with this. Good job on getting this up though.
Let me solve this problem
don't worry we are storing data on the server side not on the client side Which ISP is free to steal our memo key hehe
our steem API is live on Randor.com
team @stmpak.wit
dont worry all codes will be sent to you in private (if you want) you can check hows our call-back option working
Let me fix it thanks for your time dev payload will be encrypted before sending call
Agree, should be an option to use Steem Keychain as well
Code could be also open source so other devs can audit the code
cc @stmpak.wit
Noted: we will integrate with steem keychain asap