Table of Contents

• About Keychain
• Usage
• Operations
  • hive_keychain
    • requestHandshake
      • Parameters
    • requestEncodeMessage
      • Parameters
    • requestVerifyKey
      • Parameters
    • requestSignBuffer
      • Parameters
    • requestAddAccountAuthority
      • Parameters
    • requestRemoveAccountAuthority
      • Parameters
    • requestAddKeyAuthority
      • Parameters
    • requestRemoveKeyAuthority
      • Parameters
    • requestBroadcast
      • Parameters
    • requestSignTx
      • Parameters
    • requestSignedCall
      • Parameters
    • requestPost
      • Parameters
    • requestVote
      • Parameters
    • requestCustomJson
      • Parameters
    • requestTransfer
      • Parameters
    • requestSendToken
      • Parameters
    • requestDelegation
      • Parameters
    • requestWitnessVote
      • Parameters
    • requestProxy
      • Parameters
    • requestPowerUp
      • Parameters
    • requestPowerDown
      • Parameters
    • requestCreateClaimedAccount
      • Parameters
    • requestCreateProposal
      • Parameters
    • requestRemoveProposal
      • Parameters
    • requestUpdateProposalVote
      • Parameters
    • requestAddAccount
      • Parameters
    • requestConversion
      • Parameters
    • requestRecurrentTransfer
      • Parameters

About Keychain

Putting private keys directly into websites is not safe or secure, even ones run by reputable community members. Yet this is currently how nearly every Hive-based site or service currently works. On top of that, most Hive users likely use their master password which is even worse.

The Vessel desktop wallet software is a secure alternative, but it is too difficult to use for the majority of Hive users and does not easily interact with websites - which is Hive's primary use case.

On Ethereum, you never have to enter your private key into a website to use a dApp. You can just use a browser extension like Metamask, which dApp websites can interface with to securely store your keys and broadcast transactions to the blockchain.

Hive Keychain aims to bring the security and ease-of-use of Metamask to the Hive blockchain platform.

Installation

You can download and install the latest published version of the extension for the following browsers:

• Google Chrome (or Opera/Brave): on Chrome Store
  • Export your keys from Steem keychain (in settings)
  • Download this repository as zip
  • Unzip the downloaded folder
  • Right click on any existing extension > Manage my extensions.
  • Activate developer mode.
  • Click "Load Unpacked" and select the unzipped folder.
  • Import your keys (use the same master password)
• Firefox: on Firefox Addon Store

Features

The Hive Keychain extension includes the following features:

• Store an unlimited number of Hive account keys, encrypted with AES
• View balances, transaction history, voting power, and resource credits
• Send HIVE and HBD transfers, manage witness votes, and update HP delegation right from the extension
• Manage your Hive Engine tokens
• Power up or down
• Securely interact with Hive-based websites that have integrated with Hive Keychain
• Manage transaction confirmation preferences by account and by website
• Locks automatically on browser shutdown or manually using the lock button

Website Integration

Websites can currently request the Hive Keychain extension to perform the following functions / broadcast operations:

• Send a handshake to make sure the extension is installed
• Decrypt a message encrypted by a Hive account private key (commonly used for "logging in")
• Post a comment (top level or reply)
• Broadcast a vote
• Broadcast a custom JSON operation
• Send a transfer
• Send Hive Engine tokens
• Send Delegations
• Power up/down
• Vote for witnesses
• Create/Remove/Vote for proposals
• Create claimed accounts
• Sign Tx

Usage

Example

An example of a web page that interacts with the extension is included in the "example" folder in the repo. You can test it by running a local HTTP server and going to http://localhost:1337/main.html in your browser.

cd example python -m http.server 1337 //or any other method to run a static server

NOTE: On localhost, it will run on port 1337.

Using Keychain for logins

To login, you can encode a message from your backend and verify that the user can decode it using the requestVerifyKey method. See an example in this project by @howo (@steempress witness):

Frontend

Backend

Alternatively, you can use requestSignTx and verify the signature on your backend.

@hiveio/keychain

This npm module makes it easy to add Keychain support within the browser. It also includes helpful functions to check whether Keychain was used before. It was developed by @therealwolf (witness).

Operations

The Hive Keychain extension will inject a "hive_keychain" JavaScript into all web pages opened in the browser while the extension is running. You can therefore check if the current user has the extension installed using the following code:

hive_keychain

Use the hive_keychain methods listed below to issue requests to the Hive blockchain.

requestHandshake

This function is called to verify Keychain installation on a user's device

Parameters

• callback function Confirms Keychain installation

requestEncodeMessage

This function is called to verify that the user has a certain authority over an account, by requesting to decode a message

Parameters

• username String Hive account to perform the request
• receiver String Account that will decode the string
• message String Message to be encrypted
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestVerifyKey

This function is called to verify that the user has a certain authority over an account, by requesting to decode a message

Parameters

• account String Hive account to perform the request
• message String Message to be decoded by the account
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestSignBuffer

Requests a message to be signed with proper authority

Parameters

• account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)
• message String Message to be signed by the account
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)
• title String Override "Sign message" title (optional, default null)

requestAddAccountAuthority

Requests to add account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters

• account String Hive account to perform the request
• authorizedUsername String Authorized account
• role String Type of authority. Can be 'Posting','Active' or 'Memo'
• weight number Weight of the authority
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestRemoveAccountAuthority

Requests to remove an account authority over another account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters

• account String Hive account to perform the request
• authorizedUsername String Account to lose authority
• role String Type of authority. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestAddKeyAuthority

Requests to add a new key authority to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters

• account String Hive account to perform the request
• authorizedKey String New public key to be associated with the account
• role String Type of authority. Can be 'Posting','Active' or 'Memo'
• weight number Weight of the key authority
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestRemoveKeyAuthority

Requests to remove a key to an account. For more information about multisig, please read https://peakd.com/utopian-io/@stoodkev/how-to-set-up-and-use-multisignature-accounts-on-steem-blockchain

Parameters

• account String Hive account to perform the request
• authorizedKey String Key to be removed (public key).
• role String Type of authority. Can be 'Posting','Active' or 'Memo'.
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestBroadcast

Generic broadcast request

Parameters

• account String Hive account to perform the request
• operations Array Array of operations to be broadcasted
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestSignTx

Requests to sign a transaction with a given authority

Parameters

• account String Hive account to perform the request
• tx Object Unsigned transaction
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestSignedCall

Requests a signed call

Parameters

• account String Hive account to perform the request
• method String Method of the call
• params String Parameters of the call
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestPost

Requests to broadcast a blog post/comment

Parameters

• account String Hive account to perform the request
• title String Title of the blog post
• body String Content of the blog post
• parent_perm String Permlink of the parent post. Main tag for a root post
• parent_account String Author of the parent post. Pass null for root post
• json_metadata Object Parameters of the call
• permlink String Permlink of the blog post
• comment_options Object Options attached to the blog post. Consult Hive documentation to learn more about it
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestVote

Requests a vote

Parameters

• account String Hive account to perform the request
• permlink String Permlink of the blog post
• author String Author of the blog post
• weight Number Weight of the vote, comprised between -10,000 (-100%) and 10,000 (100%)
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestCustomJson

Requests a custom JSON broadcast

Parameters

• account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)
• id String Type of custom_json to be broadcasted
• key String Type of key. Can be 'Posting','Active' or 'Memo'
• json String Stringified custom json
• display_msg String Message to display to explain to the user what this broadcast is about
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestTransfer

Requests a transfer

Parameters

• account String Hive account to perform the request
• to String Hive account to receive the transfer
• amount String Amount to be transfered. Requires 3 decimals.
• memo String The memo will be automatically encrypted if starting by '#' and the memo key is available on Keychain. It will also overrule the account to be enforced, regardless of the 'enforce' parameter
• currency String 'HIVE' or 'HBD'
• callback function Keychain's response to the request
• enforce boolean If set to true, user cannot chose to make the transfer from another account (optional, default false)
• rpc String Override user's RPC settings (optional, default null)

requestSendToken

Requests a token transfer

Parameters

• account String Hive account to perform the request
• to String Hive account to receive the transfer
• amount String Amount to be transfered. Requires 3 decimals.
• memo String Memo attached to the transfer
• currency String Token to be sent
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestDelegation

Requests a delegation broadcast

Parameters

• username
• delegatee String Account to receive the delegation
• amount String Amount to be transfered. Requires 3 decimals for HP, 6 for VESTS.
• unit String HP or VESTS
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)
• account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestWitnessVote

Requests a witness vote broadcast

Parameters

• username
• witness String Account to receive the witness vote
• vote boolean Set to true to vote for the witness, false to unvote
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)
• account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestProxy

Select an account as proxy

Parameters

• username
• proxy String Account to become the proxy. Empty string ('') to remove a proxy
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)
• account String Hive account to perform the request. If null, user can choose the account from a dropdown (optional, default null)

requestPowerUp

Request a power up

Parameters

• username String Hive account to perform the request
• recipient String Account to receive the power up
• hive String Amount of HIVE to be powered up
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestPowerDown

Request a power down

Parameters

• username String Hive account to perform the request
• hive_power String Amount of HIVE to be powered down
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestCreateClaimedAccount

Request the creation of an account using claimed tokens

Parameters

• username String Hive account to perform the request
• new_account String New account to be created
• owner object owner authority object
• active object active authority object
• posting object posting authority object
• memo String public memo key
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestCreateProposal

Request the creation of a DHF proposal

Parameters

• username String Hive account to perform the request
• receiver String Account receiving the funding if the proposal is voted
• subject String Title of the DAO
• permlink String Permlink to the proposal description
• daily_pay String Daily amount to be received by receiver
• start String Starting date
• end String Ending date
• extensions String Stringified Array of extensions
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestRemoveProposal

Request the removal of a DHF proposal

Parameters

• username String Hive account to perform the request
• proposal_ids String Stringified Array of ids of the proposals to be removed
• extensions String Stringified Array of extensions
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestUpdateProposalVote

Vote/Unvote a DHF proposal

Parameters

• username String Hive account to perform the request
• proposal_ids String Stringified Array of Ids of the proposals to be voted
• approve boolean Set to true to support the proposal, false to remove a vote
• extensions String Stringified Array of extensions
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestAddAccount

Add a new account to Keychain

Parameters

• username String username of the account to be added
• keys Object private keys of the account : {active:'...',posting:'...',memo:'...'}. At least one must be specified.
• callback

requestConversion

Request currency conversion

Parameters

• username String Hive account to perform the request
• amount String amount to be converted.
• collaterized Boolean true to convert HIVE to HBD. false to convert HBD to HIVE.
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)

requestRecurrentTransfer

Request recurrent transfer

Parameters

• username String Hive account to perform the request (optional, default null)
• to String Hive account receiving the transfers.
• amount String amount to be sent on each execution.
• currency String HIVE or HBD on mainnet.
• memo String transfer memo
• recurrence Number How often will the payment be triggered (in hours).
• executions Number The times the recurrent payment will be executed.
• callback function Keychain's response to the request
• rpc String Override user's RPC settings (optional, default null)