Login with Hivesigner
How Hivesigner login works?
Last updated
Was this helpful?
How Hivesigner login works?
Last updated
Was this helpful?
Hivesigner allows you to sign transactions most secure way, so that applications you are using won't have direct access to your private keys while allowing you to perform actions within defined scopes.
When you login to Hivesigner, your private key is available within the interface to sign transaction and message, keys never leaves the browser. We never have access to your private keys. The access_token
on Hivesigner are just simple message signed with Hive private keys and encoded in base64u. User Interface (UI) gives you easy way to handle your authorities and keys.
Code is here:
When you login to a website like , , , etc. using Hivesigner, you are requested to Authorise the relevant Hive account , or which broadcasts posting operations on your behalf. This is a feature supported by the .
If you go here you can see which account(s) you authorised and which authority you give them. The Hivesigner API hold the hive account posting key, when you cast a vote on Ecency, Hiveblog or Peakd, access_token
is being sent from those applications to Hivesigner API, the API then verifies that token, if it's valid, transaction is broadcasted using posting key.
This is possible using double delegation of posting authority, for example @bob
authorize the @ecency.app
account to do posting operation on @bob
behalf and @ecency.app
authorise @hivesigner
to do posting operation on @ecency.app
behalf.
This flow is perfect for security and at any moment your keys are safe from malicious apps.
Code is here: