Login with Hivesigner

Hivesigner allows you to sign transactions most secure way, so that applications you are using won't have direct access to your private keys while allowing you to perform actions within defined scopes.

About the UI component

When you login to Hivesigner, your private key is available within the interface to sign transaction and message, keys never leaves the browser. We never have access to your private keys. The access_token on Hivesigner are just simple message signed with Hive private keys and encoded in base64u. User Interface (UI) gives you easy way to handle your authorities and keys.

Code is here: https://github.com/ecency/hivesigner-ui

About the API component

When you login to a website like https://ecency.com, https://hive.blog, https://peakd.com, etc. using Hivesigner, you are requested to Authorise the relevant Hive account @ecency.app, @hive.blog or @peakd.app which broadcasts posting operations on your behalf. This is a feature supported by the Hive protocol.

If you go here https://hivesigner.com/auths you can see which account(s) you authorised and which authority you give them. The Hivesigner API hold the hive account @hivesigner posting key, when you cast a vote on Ecency, Hiveblog or Peakd, access_token is being sent from those applications to Hivesigner API, the API then verifies that token, if it's valid, transaction is broadcasted using @hivesigner posting key.

This is possible using double delegation of posting authority, for example @bob authorize the @ecency.app account to do posting operation on @bob behalf and @ecency.app authorise @hivesigner to do posting operation on @ecency.app behalf.

This flow is perfect for security and at any moment your keys are safe from malicious apps.

Code is here: https://github.com/ecency/hivesigner-api