Table of Contents
- About Keychain
- Usage
- Operations
- hive_keychain
- requestHandshake
- requestEncodeMessage
- requestVerifyKey
- requestSignBuffer
- requestAddAccountAuthority
- requestRemoveAccountAuthority
- requestAddKeyAuthority
- requestRemoveKeyAuthority
- requestBroadcast
- requestSignTx
- requestSignedCall
- requestPost
- requestVote
- requestCustomJson
- requestTransfer
- requestSendToken
- requestDelegation
- requestWitnessVote
- requestProxy
- requestPowerUp
- requestPowerDown
- requestCreateClaimedAccount
- requestCreateProposal
- requestRemoveProposal
- requestUpdateProposalVote
- requestAddAccount
- requestConversion
- requestRecurrentTransfer
- hive_keychain
About Keychain
Putting private keys directly into websites is not safe or secure, even ones run by reputable community members. Yet this is currently how nearly every Hive-based site or service currently works. On top of that, most Hive users likely use their master password which is even worse.
The Vessel desktop wallet software is a secure alternative, but it is too difficult to use for the majority of Hive users and does not easily interact with websites - which is Hive's primary use case.
On Ethereum, you never have to enter your private key into a website to use a dApp. You can just use a browser extension like Metamask, which dApp websites can interface with to securely store your keys and broadcast transactions to the blockchain.
Hive Keychain aims to bring the security and ease-of-use of Metamask to the Hive blockchain platform.
Installation
You can download and install the latest published version of the extension for the following browsers:
- Google Chrome (or Opera/Brave): [on Chrome Store][62]
- Export your keys from Steem keychain (in settings)
- Download this repository as zip
- Unzip the downloaded folder
- Right click on any existing extension > Manage my extensions.
- Activate developer mode.
- Click "Load Unpacked" and select the unzipped folder.
- Import your keys (use the same master password)
- Firefox: [on Firefox Addon Store][63]
Features
The Hive Keychain extension includes the following features:
- Store an unlimited number of Hive account keys, encrypted with AES
- View balances, transaction history, voting power, and resource credits
- Send HIVE and HBD transfers, manage witness votes, and update HP delegation right from the extension
- Manage your Hive Engine tokens
- Power up or down
- Securely interact with Hive-based websites that have integrated with Hive Keychain
- Manage transaction confirmation preferences by account and by website
- Locks automatically on browser shutdown or manually using the lock button
Website Integration
Websites can currently request the Hive Keychain extension to perform the following functions / broadcast operations:
- Send a handshake to make sure the extension is installed
- Decrypt a message encrypted by a Hive account private key (commonly used for "logging in")
- Post a comment (top level or reply)
- Broadcast a vote
- Broadcast a custom JSON operation
- Send a transfer
- Send Hive Engine tokens
- Send Delegations
- Power up/down
- Vote for witnesses
- Create/Remove/Vote for proposals
- Create claimed accounts
- Sign Tx
Usage
Example
An example of a web page that interacts with the extension is included in the "example" folder in the repo. You can test it by running a local HTTP server and going to http://localhost:1337/main.html in your browser.
cd example
python -m http.server 1337 //or any other method to run a static server
NOTE: On localhost, it will run on port 1337.
Using Keychain for logins
To login, you can encode a message from your backend and verify that the user can decode it using the requestVerifyKey method.
See an example in this project by @howo (@steempress witness):
Alternatively, you can use requestSignTx and verify the signature on your backend.
@hiveio/keychain
This npm module makes it easy to add Keychain support within the browser. It also includes helpful functions to check whether Keychain was used before. It was developed by @therealwolf (witness).
Operations
The Hive Keychain extension will inject a "hive_keychain" JavaScript into all web pages opened in the browser while the extension is running. You can therefore check if the current user has the extension installed using the following code:
hive_keychain
Use the hive_keychain methods listed below to issue requests to the Hive blockchain.
requestHandshake
This function is called to verify Keychain installation on a user's device
Parameters
callbackfunction Confirms Keychain installation
requestEncodeMessage
This function is called to verify that the user has a certain authority over an account, by requesting to decode a message
Parameters
usernameString Hive account to perform the requestreceiverString Account that will decode the stringmessageString Message to be encryptedkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestVerifyKey
This function is called to verify that the user has a certain authority over an account, by requesting to decode a message
Parameters
accountString Hive account to perform the requestmessageString Message to be decoded by the accountkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestSignBuffer
Requests a message to be signed with proper authority
Parameters
accountString Hive account to perform the request. If null, user can choose the account from a dropdown (optional, defaultnull)messageString Message to be signed by the accountkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)titleString Override "Sign message" title (optional, defaultnull)
requestAddAccountAuthority
Requests to add account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain
Parameters
accountString Hive account to perform the requestauthorizedUsernameString Authorized accountroleString Type of authority. Can be 'Posting','Active' or 'Memo'weightnumber Weight of the authoritycallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestRemoveAccountAuthority
Requests to remove an account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain
Parameters
accountString Hive account to perform the requestauthorizedUsernameString Account to lose authorityroleString Type of authority. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestAddKeyAuthority
Requests to add a new key authority to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain
Parameters
accountString Hive account to perform the requestauthorizedKeyString New public key to be associated with the accountroleString Type of authority. Can be 'Posting','Active' or 'Memo'weightnumber Weight of the key authoritycallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestRemoveKeyAuthority
Requests to remove a key to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain
Parameters
accountString Hive account to perform the requestauthorizedKeyString Key to be removed (public key).roleString Type of authority. Can be 'Posting','Active' or 'Memo'.callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestBroadcast
Generic broadcast request
Parameters
accountString Hive account to perform the requestoperationsArray Array of operations to be broadcastedkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestSignTx
Requests to sign a transaction with a given authority
Parameters
accountString Hive account to perform the requesttxObject Unsigned transactionkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestSignedCall
Requests a signed call
Parameters
accountString Hive account to perform the requestmethodString Method of the callparamsString Parameters of the callkeyString Type of key. Can be 'Posting','Active' or 'Memo'callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestPost
Requests to broadcast a blog post/comment
Parameters
accountString Hive account to perform the requesttitleString Title of the blog postbodyString Content of the blog postparent_permString Permlink of the parent post. Main tag for a root postparent_accountString Author of the parent post. Pass null for root postjson_metadataObject Parameters of the callpermlinkString Permlink of the blog postcomment_optionsObject Options attached to the blog post. Consult Hive documentation to learn more about itcallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestVote
Requests a vote
Parameters
accountString Hive account to perform the requestpermlinkString Permlink of the blog postauthorString Author of the blog postweightNumber Weight of the vote, comprised between -10,000 (-100%) and 10,000 (100%)callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestCustomJson
Requests a custom JSON broadcast
Parameters
accountString Hive account to perform the request. If null, user can choose the account from a dropdown (optional, defaultnull)idString Type of custom_json to be broadcastedkeyString Type of key. Can be 'Posting','Active' or 'Memo'jsonString Stringified custom jsondisplay_msgString Message to display to explain to the user what this broadcast is aboutcallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestTransfer
Requests a transfer
Parameters
accountString Hive account to perform the requesttoString Hive account to receive the transferamountString Amount to be transfered. Requires 3 decimals.memoString The memo will be automatically encrypted if starting by '#' and the memo key is available on Keychain. It will also overrule the account to be enforced, regardless of the 'enforce' parametercurrencyString 'HIVE' or 'HBD'callbackfunction Keychain's response to the requestenforceboolean If set to true, user cannot chose to make the transfer from another account (optional, defaultfalse)rpcString Override user's RPC settings (optional, defaultnull)
requestSendToken
Requests a token transfer
Parameters
accountString Hive account to perform the requesttoString Hive account to receive the transferamountString Amount to be transfered. Requires 3 decimals.memoString Memo attached to the transfercurrencyString Token to be sentcallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestDelegation
Requests a delegation broadcast
Parameters
usernamedelegateeString Account to receive the delegationamountString Amount to be transfered. Requires 3 decimals for HP, 6 for VESTS.unitString HP or VESTScallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)accountString Hive account to perform the request. If null, user can choose the account from a dropdown (optional, defaultnull)
requestWitnessVote
Requests a witness vote broadcast
Parameters
usernamewitnessString Account to receive the witness votevoteboolean Set to true to vote for the witness, false to unvotecallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)accountString Hive account to perform the request. If null, user can choose the account from a dropdown (optional, defaultnull)
requestProxy
Select an account as proxy
Parameters
usernameproxyString Account to become the proxy. Empty string ('') to remove a proxycallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)accountString Hive account to perform the request. If null, user can choose the account from a dropdown (optional, defaultnull)
requestPowerUp
Request a power up
Parameters
usernameString Hive account to perform the requestrecipientString Account to receive the power uphiveString Amount of HIVE to be powered upcallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestPowerDown
Request a power down
Parameters
usernameString Hive account to perform the requesthive_powerString Amount of HIVE to be powered downcallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestCreateClaimedAccount
Request the creation of an account using claimed tokens
Parameters
usernameString Hive account to perform the requestnew_accountString New account to be createdownerobject owner authority objectactiveobject active authority objectpostingobject posting authority objectmemoString public memo keycallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestCreateProposal
Request the creation of a DHF proposal
Parameters
usernameString Hive account to perform the requestreceiverString Account receiving the funding if the proposal is votedsubjectString Title of the DAOpermlinkString Permlink to the proposal descriptiondaily_payString Daily amount to be received byreceiverstartString Starting dateendString Ending dateextensionsString Stringified Array of extensionscallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestRemoveProposal
Request the removal of a DHF proposal
Parameters
usernameString Hive account to perform the requestproposal_idsString Stringified Array of ids of the proposals to be removedextensionsString Stringified Array of extensionscallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestUpdateProposalVote
Vote/Unvote a DHF proposal
Parameters
usernameString Hive account to perform the requestproposal_idsString Stringified Array of Ids of the proposals to be votedapproveboolean Set to true to support the proposal, false to remove a voteextensionsString Stringified Array of extensionscallbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestAddAccount
Add a new account to Keychain
Parameters
usernameString username of the account to be addedkeysObject private keys of the account : {active:'...',posting:'...',memo:'...'}. At least one must be specified.callback
requestConversion
Request currency conversion
Parameters
usernameString Hive account to perform the requestamountString amount to be converted.collaterizedBoolean true to convert HIVE to HBD. false to convert HBD to HIVE.callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
requestRecurrentTransfer
Request recurrent transfer
Parameters
usernameString Hive account to perform the request (optional, defaultnull)toString Hive account receiving the transfers.amountString amount to be sent on each execution.currencyString HIVE or HBD on mainnet.memoString transfer memorecurrenceNumber How often will the payment be triggered (in hours).executionsNumber The times the recurrent payment will be executed.callbackfunction Keychain's response to the requestrpcString Override user's RPC settings (optional, defaultnull)
[62]:
[63]: