Who do you trust with your private key?

That’s the question that may be on the minds of EOS token holders, who while incentivized to help the much-anticipated technology finally go live, haven’t yet done so. As EOS is set up to enable self-governance by its users, it’s these individuals and companies who have to make the first move, electing who they’d like to process transactions that occur on the network in an elaborate global vote.

But at the time of writing, they haven’t exactly done that. Rather, EOS’s blockchain is locked in a middle ground between “launched” and “live” that rests on the willingness of users to complete that process.

The issue is that, to vote, users have to prove they hold their tokens, a process that requires the use of their private keys, sensitive cryptographic strings that prove they own their funds, and if lost, would be gone forever. As such, it seems that while users are eager to take part, they are nervous that the tools that would enable them to vote might put their holdings at risk.

“The biggest ‘miss’ in EOS launch is the failure to understand that retail EOS investors will be reluctant to vote with their private keys on the line,” one EOS user wrote on Telegram.

As detailed by CoinDesk, the only voting software that has been subject to third-party security review is CLEOS, a command-line tool issued by the creators of EOS, Block.one. However, due to the degree of technical competency required to interact with the tool, many EOS token holders have been forced to opt for less trusted software.

Indeed, across community forums, distrust in third-party software created for EOS is matched only by the confusion faced by users engaging with the voting process.

While several pieces of software have been produced to address the issue, some are voicing concerns about the lack of third-party security auditing. Plus, there’s the risk of scams and attacks that can intercept even the most honest developer effort.

“Whenever something is too complicated for people, then bad actors appear which try to exploit those weaknesses,” Krzysztof Szumny, the lead developer of a voting tool called Tokenika, told CoinDesk.

That said, there’s some evidence that such concerns could be contributing to the slow-moving voting, which is, in turn, contributing to the sluggish start of the EOS experiment. At the time of writing, a mere 37.35 percent of the 150 million necessary votes to get the blockchain running have been cast.

As one EOS user on Telegram wrote:

“Pretty sure I’m not the only one who’s waiting until there’s 100 percent safety in terms of putting private keys into new wallets.”

Security spectrum

Backing up, it’s helpful to understand why private keys are needed to cast votes on EOS in the first place.

A private key is required with the use of any of the EOS voting software for two reasons – verifying the vote is legitimate and correlating that vote to a users’ holdings, which is used to determine the weight of a vote.

“Your private key is required to vote whether you are voting from a wallet, a command line tool or anywhere else. No one can bypass this requirement,” said Yudi Levi, CTO and co-founder of Bancor, a blockchain project whose large ICO wrapped in June 2017 and is vying for a block producer candidate spot.

Bancor has also developed a voting tool for the new blockchain called LiquidEOS.

Essentially, using a private key for the voting process equates to transaction signing – where the same type of signature required in order to send a standard crypto transaction is needed.

However, the question boils down to in what way the private key is exposed.

Speaking to CoinDesk, Alexandre Bourget, co-founder of block producer candidate and voting software provider EOS Canada, said the current voting tools are on a spectrum of security, from trustworthy to extremely high risk.

On the one hand, there’s command-line tools, like CLEOS, in which private keys have a minimal risk of exposure. As software adds code to provide user-friendly interfaces, it becomes increasingly hard to secure. Plus, the closer the code gets to the internet, the higher the chance private keys will be intercepted.

“You have websites that will ask you to put your private key in and do things with it,” Bourget told CoinDesk, adding:

“They might be perfectly legit but this is a big, big risk because we’ve seen time and time again websites that were very well-intentioned but got hacked.”

And it’s notable considering EOS token holders are in a sensitive phase. Bourget emphasized that the majority of EOS users have come straight from the token crowdsale and probably haven’t reconfigured the access control to their EOS accounts. Or put another way, while it’s possible to create multiple private keys to manage an account, for now, most users’ tokens probably all correspond to one private key.

For hackers, this adds a significant incentive on phishing that alphanumeric string.

Best practices

That said, there are ways in which EOS holders can protect themselves when voting.

For instance, Bourget suggested that users reconfigure EOS account settings to generate a private key that could be used for vote signing but which isn’t link to the actual wallet itself.

While there’s limited documentation for how to do this, Bourget hinted that EOS Canada may create a video explainer soon. Until then, though, there are several simpler measures that users can undertake.

Bancor’s Levi said, “Use a downloadable voting tool that runs locally on your machine and outside the browser where votes are susceptible to manipulation by toolbars, botnets and other bad actors.”

Plus he encourages people to utilize tooling that has been produced by established companies, saying:

“Established brands have more to lose.”

For example, while open-source voting tools like Scatter, Greymass, LiquidEOS and EOS Canada’s “EOSC” have not been third-party audited, each company or project behind those applications has made an effort to limit the degree of private key exposure and carefully document these processes.

And as mentioned, because private keys are more susceptible to theft when they’re used online, Tokenika has designed a tool that generates the vote offline, only connecting to the internet to publish the record of the vote.

“For maximum security, we strongly encourage people to never use their private key on a device while being online,” Tokenika’s Szumny told CoinDesk.

Although, there’s always still a chance that users will have malware active locally on their device.

“Knowing the source of the binaries and who built it are very important, because there are risks, and it’s cold catch, it’s easy to just get away with it,” Bourget told CoinDesk.

As such, Szumny warned EOS holders not to experiment, to be diligent about the use of their private keys and to take part in the voting process slowly so as not to make quick mistakes.

The developer concluded:

“It is important to vote rather sooner than later, but it is more important to not make any mistakes in the process.”

Money burning image via Shutterstock