Yesterday, I came to know that there was a huge hack on the Polygon chain, and looks like it is one of the biggest hacks in crypto history. As I'm also involved in multiple crypto projects, I know how sad it could be for the team and especially for a platform that is just emerging. The account that hacked the chain is pretty rich right now.
https://mobile.twitter.com/PolyNetwork2/status/1425073987164381196
Many people reading this news might have started to wonder if Hive is secure and safe for us or not. I'm going to cover that a little bit in this article. There are always security issues and vulnerabilities and there are no systems that are failsafe. Blockchain is a technology that is used to store the data in a pretty structured manner in the database so that tampering is not that easy. But we can never be 100% sure because there can be vulnerabilities somewhere.
This is not the first hack incident that is happening. During the early days of WLEO, there was a hack and lots of funds were stolen from the wallets. Even then the problem was from the ETH side I believe. I remember seeing a few more hacks on other smart contracts on ETH.
How safe is Hive?
Let's talk about how Hive is safe for us. First of all, having witnesses signing transactions for us in a pattern itself adds the first layer of security to the blockchain. So consenses is definitely helping us out but in spite of that, there are a few more things that can keep our funds safe and secure. I personally have most of my earnings and investments only on Hive and I also had this doubt initially and some of the facts cleared it up for me.
Balance transfer
Let's say if someone is hitting the database directly and trying to alter the values. Let's say the balance of a particular account is moved to a different account. That wouldn't work because there are other witnesses out there with the proper data. The hack can be perfect only if all the available hive node databases are hit and the balance is transferred in the backend which is very unlikely. Even if this has to be done through a call, the keys are required for signing. So if someone gets access to the keys and does this, it is most likely an issue with one account and not the Hive chain itself. That way we are secure.
Funds Powered up
Keeping the funds powered up is one good thing to have. Even if an individual's account is hacked or if someone gets access to our keys, they cannot take away all our funds in one shot if we have it as Hive power. Thanks to the powering up mechanism we have on Hive. Even if the person has to do a power down, it is not going to be instant and meanwhile, the affected individual can escape with minimum loss by recovering the account keys.
Keeping the funds powered up or locked in the savings definitely helps. I always keep only minimum funds in my account. Mostly powered up or in the savings. That adds a small layer of security.
Remove access to unauthorized apps
Sometimes when we logging in to some of the dapps using HiveSigner, we would have given access to those accounts. We have to keep checking our authorization regularly and make sure we have not given access to any of the accounts that we are not using and also to the accounts that are suspicious. This removing access can be done with the help of HiveSigner.
Follow the safety
Even though I say that we are better in terms of security on Hive, there are still vulnerabilities at least for the individual accounts. It is always better to follow all the safety precautions to keep the keys safe. Next important thing is to keep an eye on the transactions and notifications from our account. That will help us look for suspicious transactions and react immediately.
Even though I have Kanibot that sends me notifications on the transfers happening on my account, I also make sure I keep checking the account activity history more frequently to make sure there are no suspicious transactions. If you find any suspicious transactions, then it is the best time to change your keys.
Posted UsingĀ LeoFinanceĀ Beta
This reminds me that I have to switch my recovery account on Hive!