We would like to remind you that Kinesis currencies are digital ownership of gold and silver on the blockchain; inherently there are processes and methodologies that need to exist in order to align with the core principles fundamental to operating on the blockchain.<\/p>\n\n\n\n
User details such as private keys are encrypted at rest using AES 256-bit cypher encryption and all traffic (both to serve the wallet app and communicate with the blockchain) takes place over secure HTTPS. This protects users in the event of their devices becoming compromised as well as against \u2018man in the middle attacks\u2019.
Furthermore, the password created by a user and used for browser-based (eWallet) decryption is not stored anywhere.<\/p>\n\n\n\n
If someone attempts to fake the Kinesis Blockchain Network and get the app running in the browser to communicate with it, it will fail<\/p>\n\n\n\n
If malicious JavaScript attempts to load into the running eWallet on the user’s machine, the stored user details are not readable since they are encrypted with the user\u2019s password<\/p>\n\n\n\n
If someone compromises the user\u2019s machine and somehow finds the browser data where the user\u2019s data is stored (which is itself encrypted), the user\u2019s private keys are encrypted using their password, making it unreadable\/usable.<\/p>\n\n\n\n
The eWallet user details such as their \u2018name\u2019, \u2018contacts\u2019 as well as encrypted private & public keys are stored in the browser. No eWallet user details or keys are stored centrally by Kinesis and this is by design.<\/p>\n\n\n\n
By not storing details centrally,<\/strong> it makes large-scale attacks that target Kinesis users very difficult since there is no server or data store that contains all user data, i.e. anyone that has an eWallet. Furthermore, browsers are not addressable (i.e. they don\u2019t have an IP address) that remote attackers can use to target.<\/p>\n\n\n\n Finally, it is worth bearing in mind that this design is intended to protect the Kinesis community<\/strong> as a whole, since as the Kinesis user base numbers increase, so does the scale of this problem for attackers attempting to perform malicious acts; the more Kinesis users, the harder it is to perform a large scale attack to get user data.<\/p>\n\n\n\n If a user decides to use password managers, air-gapped laptops, encrypted hard drive storage or any other manner of increased security policies, then the Kinesis wallet benefits as a result and an attacker’s ability to attack the whole network reduces.<\/p>\n\n\n\n Remember, Kinesis is here to allow you to become your own Central Bank \u2014 one where you should be able to find a way to securely store your own private key.<\/strong><\/p>\n\n\n\n Since Kinesis runs over a public API, custom third-party monitoring tools can be used by users should they want to monitor transactions emanating from an account.<\/p>\n\n\n\n Our blockchain uses the standard Stellar Horizon API and is entirely public. If users want to augment their own individual security postures, e.g. extra things like multi-signature, then they should, by all means, be allowed to do so. Users can use third-party integrations\/monitoring solutions (or even build their own) to watch their accounts and alert them in the event that transactions occur that they are unfamiliar with.<\/p>\n\n\n\n The security of a user’s machine is their responsibility and something that Kinesis (nor any other website) will ever be able to fully take responsibility for. The scope of what is compromised and how is simply too great.<\/p>\n\n\n\n With Kinesis there is no central database of usernames & passwords waiting to be compromised. In the present day, this is the far more common security liability<\/p>\n\n\n\n No plain text stored API tokens for communicating with backend systems are cached. With Kinesis, only the personal key is stored in the user browser, but it is encrypted and decrypted by the user-supplied password on every interaction with the blockchain<\/p>\n\n\n\n There is no ability to \u201cRemember me\u201d with the wallet. If a laptop is found on a train, they will still need to log in with a password<\/p>\n\n\n\n Any additional security the user wants to place around their wallet should be encouraged.<\/p>\n\n\n\n The wallet is secure at an application & infrastructure level, but enhanced security and practices by the user should always be encouraged. This is analogous to using password managers, or IT security policies around locking down sensitive data on laptops.<\/p>\n\n\n\n Disclaimer: The content of this Kinesis Wallet Security article is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content in this article. We would like to remind you that Kinesis currencies are digital ownership of gold and silver on the blockchain; inherently there are processes and methodologies that need to exist in order to align with the core principles fundamental to operating on the blockchain. SECURE CODEBASE, RUNTIME & HOSTING 1) Encryption Everywhere: User details such as […]<\/p>\n","protected":false},"author":9,"featured_media":6262,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[20],"tags":[146,4,6],"class_list":["post-111","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-guides","tag-security","tag-technology"],"acf":[],"yoast_head":"\nWhat does this mean to me?<\/h3>\n\n\n\n
3. Blockchain = auditable & extendable by design:<\/h2>\n\n\n\n
What does this mean to me?<\/h3>\n\n\n\n
4. Some common questions:<\/h2>\n\n\n\n
What if my machine is compromised?<\/h3>\n\n\n\n
Should a user use a standalone\/air-gapped\/locked-down\/another laptop to store wallet funds?<\/h3>\n\n\n\n
\nWe make no representations, warranties or guarantees, whether express or implied, that the content of the article is accurate, complete or up to date.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"