RE: ANN - Re Launch of STEEM AUTO
Hi,
This is wrong:
"Everything could be done without your active key. Giving them your active key means they can transfer your steem."
You necessarily need the active key to change authorities (add or remove) of an account. This is at blockchain level and there is no other way to change account authorities. And there is no other way to use a service like steemauto except giving your posting key directly to an app, which is not recommended. Of course you can use any other method to authorize an app "with your active key" without using steemlogin. You can do that with any steem library or Keychain if you are not feeling secure with steemlogin.
As @futureshock and so steemlogin, we take seriously security issues with steem users accounts. When you use steemlogin we can potentially access to your keys that's right and that was always an issue with steemconnect but we never do/did this, we don't store any keys more than needed and will never do it. Remember also this, when you use steemlogin on any app, this app doesn't see your keys but only receive an oauth token.
FYI we are not related to steemauto or any other team. We are offering this service for free and only to make things easier for dapps developers. We are publicly known people (you can even find our address on the web) and would never dare to hurt/rob anyone, in our eyes respect and trust are much more important than money.
Best regards,
Hightouch
There is no active posting key. It can be rather private posting key or private active key. And yes both have different uses.
Voting/posting use private posting key, and other things like transfer or changing account autorithy require private active key. There are also other keys like the private memo key which permit to decode memo encoded with your public memo key etc.. .
In this case, you are not willing to give any key but just give the authority for an app to post for you. The other possibilities would be:
So in order to do that you are using your private active key to give posting authority to the app. Which means this app can post/vote for you whenever he need/want and that until you revoke the posting authority, again using your private active key.
Well I'm sorry for you but I guess you just fell in with the wrong crowd as we all already did at least once.
Hopefully other witnesses will come to confirm all what I said there.
Best regards,
hightouch
It's me again...
can you share your website address?
Thank you for this comment @futureshock
However ... correct me if I'm wrong, but it seem that original steemauto never required active key. And this is main reason why some users are hestitant and seriously worried to use "steem login" and new steemauto.
How could they (original steemauto) achieve it? Any idea?
Yours, Piotr