panmores Posted June 24, 2017 Share Posted June 24, 2017 (edited) The recent demonstration of accountability by CoinPayments and GDAX is encouraging, to say the least. They were basically stating that coin deposits are protected, similar to banks. Now let's take GateHub exchange and its two Ripple storage systems: GateHub gives its customers access to native Ripple wallets which are not accessible by them. The only person that can decrypt and use them is the user himself. It's the same way as Ripple stores many of its coins. Then there are the hosted wallets, storing the funds in air-gapped cold wallets operated by GateHub. Both sound reasonably safe to me, assuming that the important keys are stored securely? Edited June 24, 2017 by panmores Lando 1 Link to comment Share on other sites More sharing options...
pucksterpete Posted June 24, 2017 Share Posted June 24, 2017 I sure hope so, could you imagine the impact if a Ripple Gateway was to get hacked panmores 1 Link to comment Share on other sites More sharing options...
ZIGXRP Posted June 24, 2017 Share Posted June 24, 2017 If your GH password is captured, all bets are off...Ripple or hosted wallet. Adding 2FA is essential to this weakest link, same goes for any exchange. I'd like to see some kind of password lockout delay policy too on user authentications. And if users can opt in for forced password reset periods, all the better. panmores and pucksterpete 2 Link to comment Share on other sites More sharing options...
JackTheRippler Posted June 24, 2017 Share Posted June 24, 2017 7 hours ago, panmores said: GateHub gives its customers access to native Ripple wallets which are not accessible by them. The only person that can decrypt and use them is the user himself. One thing to note in the case of Ripple wallets from what I've read: The secret key is stored on Gatehub's servers, although encrypted. The other way to access a Gatehub wallet is if someone manages to log in into your Gatehub account. Link to comment Share on other sites More sharing options...
T8493 Posted June 24, 2017 Share Posted June 24, 2017 7 hours ago, panmores said: GateHub gives its customers access to native Ripple wallets which are not accessible by them. The only person that can decrypt and use them is the user himself. It's the same way as Ripple stores many of its coins. AFAIK GateHub (still) has access to your (unencrypted) password and can decrypt your Ripple account secrets with this password. enrique11 and segra 2 Link to comment Share on other sites More sharing options...
panmores Posted June 24, 2017 Author Share Posted June 24, 2017 41 minutes ago, T8493 said: AFAIK GateHub (still) has access to your (unencrypted) password and can decrypt your Ripple account secrets with this password. Guess we'll never find this out for sure. Link to comment Share on other sites More sharing options...
T8493 Posted June 24, 2017 Share Posted June 24, 2017 9 minutes ago, panmores said: Guess we'll never find this out for sure. Just audit their JavaScript code and you'll see. It is easy to see that they have access to your (unencrypted) password in Chome/Firefox/IE developers tools (network tab). Therefore, GateHub has access to all info that your browser has and your browser is capable of decrypting your secret keys. segra, Xilobyte and Xi195 3 Link to comment Share on other sites More sharing options...
panmores Posted June 24, 2017 Author Share Posted June 24, 2017 1 hour ago, T8493 said: Just audit their JavaScript code and you'll see. It is easy to see that they have access to your (unencrypted) password in Chome/Firefox/IE developers tools (network tab). Therefore, GateHub has access to all info that your browser has and your browser is capable of decrypting your secret keys. That means not a single Internet connection / login is safe. Xilobyte 1 Link to comment Share on other sites More sharing options...
ZIGXRP Posted June 24, 2017 Share Posted June 24, 2017 31 minutes ago, panmores said: That means not a single Internet connection / login is safe. Best to assume so. Just trying not to be the lowest hanging fruit is the best you can do. panmores 1 Link to comment Share on other sites More sharing options...
Graine Posted June 24, 2017 Share Posted June 24, 2017 11 hours ago, panmores said: They were basically stating that coin deposits are protected, similar to banks. No. Your bank deposit is guaranteed by the special fund of your government as clearly stated in law. Your balance on an exchange is guaranteed by the "honest word" of its owners. Sharkey 1 Link to comment Share on other sites More sharing options...
Xilobyte Posted June 24, 2017 Share Posted June 24, 2017 11 hours ago, panmores said: The recent demonstration of accountability by CoinPayments and GDAX is encouraging, to say the least. They were basically stating that coin deposits are protected, similar to banks. Now let's take GateHub exchange and its two Ripple storage systems: GateHub gives its customers access to native Ripple wallets which are not accessible by them. The only person that can decrypt and use them is the user himself. It's the same way as Ripple stores many of its coins. Then there are the hosted wallets, storing the funds in air-gapped cold wallets operated by GateHub. Both sound reasonably safe to me, assuming that the important keys are stored securely? Sorry bud but who said they do not have access to your wallets on Gatehub? Was it maybe Gatehub? As root on any server you have no idea what I have altered and what I have access to. You can be sure that a bunch of angry girlfriendless nerds are responsible for maintenance on the servers. You nor I have any idea what they are doing when not being watched. Do not trust a single exchange or online entity. Do not use an online wallet provider to restore the keys to your cold wallet. Rememebr Mt. Gox? Bet they all thought there wallets could not be access too. Link to comment Share on other sites More sharing options...
Xilobyte Posted June 24, 2017 Share Posted June 24, 2017 3 hours ago, T8493 said: Just audit their JavaScript code and you'll see. It is easy to see that they have access to your (unencrypted) password in Chome/Firefox/IE developers tools (network tab). Therefore, GateHub has access to all info that your browser has and your browser is capable of decrypting your secret keys. FINALLY someone who gets it ! Link to comment Share on other sites More sharing options...
Zen1 Posted June 24, 2017 Share Posted June 24, 2017 A Ledger Nano S hardware wallet is a good option for secure long term XRP storage. https://www.ledgerwallet.com/ SimpleLife 1 Link to comment Share on other sites More sharing options...
kyur4thich Posted July 5, 2017 Share Posted July 5, 2017 Maybe not the right thread, but what is the deal with hardware wallets? I have been looking into the NANO S, but not much detail on the process and procedures for its use I have some questions that I hope I can get clear answers for 1. Is there a wallet that can hold my entire portfolio (btc, etc, eth, xrp, xem, ltc)? 2. How do I get the coins in there? And how do I get them out? 3. Do I need to send these to my gateway (coincheck) in order to trade them? 4. What about cash at my exchange account. Can this fiat be stored in my hardware wallet? thanks so much fellow zerpies. Kyur Link to comment Share on other sites More sharing options...
ZIGXRP Posted July 5, 2017 Share Posted July 5, 2017 The Ledger is nothing but a physical "key" that provides your access to manage coin balances for the respective online blockchain ledgers of the currencies you own. For the major coins, the Ledger has small wallet app support that allow for sending and receiving. In a storage use case, you use your Ledger public keys for receiving currencies off an exchange or online purchase. The Ledger can sit in a shoebox and never be turned on or connected unless you want to send any balances back to an exchange for cash or trade. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now