mustaphee
Your password is not kept on the browser, it is only used when logging into your account to decrypt the data in the encrypted state below.

{"success":true,"encrypted":"{\"pbkdf2_iterations\":\"10000\",\"payload\":\"3d0646083ac0ecc7945d5217d2dfd258b59969c13c82bb18b7351048cf510017s2GXQ5N/IQJ8ALd3T0s8549TidVDYkS2MEAwrnNP9qHifZrzoUDKkh+qf986bbChn2kr4+r0w99bILulCpMaaXppe9kLpcSKit+TN3+kIeo=\"}"}

When you switch to any other device, GalacticTrade provides you with the following encrypted data and asks you to prove your identity by decrypt it in your browser.

In case you lose your password, you can regain access to your account from any device with the "mnenomic" backup offered during registration or your "secret key" that you can access in Settings -> Security.

    Ok. Thank you for taking your time to answer my question. It's really insightful. One more question though, how does your mnemonic seed not provide the same access to the encrypted data like password does?
    Does it not mean if I have access to the mnemonic key, I can as well get access to the person's private key?

    6 days later

    galactictrade I love it when people say their product is "completely safe".

    You encrypt with user's password. Is this same password sent to your server for authentication when they login?

        tmacshaq The user never sends his password to the server. GalacticTrade does not have a login system that requires a password to be sent to the server. I answered this before, but I still do not understand why it is not understood. Right now, you can try logging in immediately and test what information goes to the server while logging or registering.

            galactictrade Ok so if I spoof the username in the JSON request, I can obtain the encrypted private key of any other user of your system with no barrier whatsoever? Like I don't even need to break into your server. YOu literally just give it to me straight up

                tmacshaq
                I don't think it makes sense to continue this conversation further because you don't want to understand even a simple cryptographic scheme. Choosing a strong password is always the responsibility of the user.

                In addition, the user can put 2FA to provide an extra layer of security (the barrier you mentioned) when logging in (which will come with the loans update). Even if you have accessed the server, you will only have strongly encrypted data and trying to crack them is unreasonable because using a strong password is enough.

                    galactictrade Insulting me personally won't help you dodge a security question about your app that handles people real money. In traditional servers if the user picked a weak password (and many users do) the attacker still has to breach the server's own hardened defenses to get access to the hashed password table to try their attacks. Your app literally just hands it to whoever asks for it. You basically skipped 99% of the security other systems have and start out with what other systems would call a security breach.

                    If a GalacticTrade user pick a weak password they basically lose all their money immediately. This is not the case with any other system and most other systems don't even handle user's real money!

                    But the other common case which you completely discounted is the user's password was breached in another system. Most users tend to reuse username/passwords or have very similar passwords.

                        tmacshaq
                        It was pointless to discuss this issue unless there was anything realistic attack.

                        Putting extra extra layers of extra protection only makes access difficult, but since GalacticTrade controls these layers, they are never enough. As I said, the most important thing to do here is that the user chooses a sufficiently secure password. This applies to all systems including hardware wallets.

                        tmacshaq Your app literally just hands it to whoever asks for it.

                        That being so comes from trust in the security scheme anyway. This is a challenge, if you think the current security scheme is insecure, you can join this challenge. Simple, isn't it?

                            I already mentioned this. The difference with other systems is they have a whole layer of security and attacker has to breach first. Like someone needs to break into my house and take my hardware wallet first before they can enter the password!

                              tmacshaq Yes, that's exactly the difference. Instead of relying on extra extra extra layered security systems of other systems, in GalacticTrade you only provide a strong password for your own security without trusting GalacticTrade. Only in this way will you have full control.

                                  galactictrade I like your spin on the "no trust" part but its completely irrelevant. Your basically punting a tricky security problem to your own users and allowing them to shoot themselves in the foot. The thing in security you should not do. Users using your GalacticTrade will be mislead into thinking it works like any other software except its missing a whole layer of security. I cannot think of one system that is designed this way and I don't think its because everyone else is stupid.

                                      tmacshaq

                                      I answer for the last time, thinking that you are not malicious in these comments, only the lack of information.

                                      tmacshaq I cannot think of one system that is designed this way and I don't think its because everyone else is stupid.

                                      GalacticTrade uses the same authentication scheme I linked. I did not invent anything new, I used the safest way already.
                                      https://www.blockchain.com/learning-portal/how-it-works

                                      As I said, if you have any claim that there are any security issues, you can show it with evidence and take your imagination one step further in your comments.

                                      See you in the comments on another topic!

                                            galactictrade I just randomly logged in to galactic.trade account I didn't create. The password was "test".

                                            You left out some key details in your comparison to blockchain.com. blockchain.com doesn't let their users create an account with "test" as password. Also when you log back in Blockchain requires you to enter the 41 character wallet ID not your username. This is basically another mandatory secure password. Its very easy for people to attack your users accounts if they can guess the username because you use to lookup their data.

                                            FWIW I think it's very inconsiderate to Stellar users to publish something so half baked and insecure. Your way too cavalier about security. Its really scary since you called your thing is "completely safe". If you think your users have to actually lose money to an attack before you admit a security hole you should absolutely not be building software that handle other peoples money

                                              As far as I can remember, the original Stellar account viewer had this exact same issue, right out of the gate.
                                              The encrypted blobs where available for anyone who asked for them, so as soon as a new account was registered on the ledger, people did a reverse federation lookup to get the username, used the username to get the blob, and slurped away all STRs from accounts with weak passwords. This took seconds.

                                                dzham

                                                The way I think they dealt with it was to do the 2FA check before giving out the blob.

                                                  galactictrade Oh I see your the guy who did StellarPay. You won 450,000 XLM in SCF #2 and we never hear about StellarPay again. Now you come for second serving with different account. I see what Freitag means now about cash grab. I also see your perspective now. Win the SCF then sweep it under rug so people forget it about it. Hey if theres a security hole but no one will use it, is it still bad? 😆

                                                    2FA feature has been activated. You can start using this feature by going to the Account> 2FA page.

                                                    Also, the minimum password length requested from the user during registration was set to 10.

                                                    The next update is the "Loan" system, which works completely with Stellar smart contracts, which makes GalacticTrade special. I plan to release the "Loan" update within 24-48 hours unless something goes wrong.

                                                    Stay tuned!

                                                    Until 2FA is required to use your thing or you do BlockChain's wallet ID the security issue above still applies. If you read dzham's response again 2FA has to be done before giving out the blob.

                                                    Here's another hack where you compromise security for the sake of "convenience". Your app stores the users private key in cleartext as the "data" field in Local Storage. Again no other apps do this- not Blockchain not Stellarport. Again not something I'd expect from an app that's "completely secure"

                                                      tmacshaq If you read dzham's response again 2FA has to be done before giving out the blob.

                                                      You write here the claims you have produced using your imagination from the very beginning. Encrypted data (blob) is never presented to the user without entering the 2FA code. It is only a waste of time for you to come here and make negative comments even if you have not tested this.

                                                      Here is a small clip of how it works
                                                      https://cl.ly/ab34a42cb77b

                                                      tmacshaq Your app stores the users private key in cleartext as the "data" field in Local Storage.


                                                      This claim is unreal like the other. There is no private key data which is stored as a "cleartext".

                                                      tmacshaq Until 2FA is required to use your thing or you do BlockChain's wallet ID the security issue above still applies.

                                                      Forcing users to log in with a long id harms user experience. Minimum password length is 10 and it is pretty enough to keep them safe. I do not have a plan like login with long and complex ID instead of username. 2FA feature is here for those who want extra security.

                                                            Hey guys, I know you are looking forward to P2P Loans system, the unique feature of GalacticTrade!

                                                            P2P Loans system is almost ready and I'm working hard to get it live immediately. Before I go live, I want to make sure that all contracts are working smoothly and securely, and that the instructions are correct, so I have to test each step several times.

                                                            I can't wait to release it and get feedback from you. No doubt that it will be released before the voting begins (who knows maybe tomorrow). Stay tuned!