Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: 🤖 [PRE-ANN] 🤖 BROBOT - YOUR PERSONAL CRYTPOCURRENCY CHATBOT
by
vainhaver
on 20/12/2017, 10:53:41 UTC
Quote from: s2sallbygrace on December 20, 2017, 02:30:06 AM
Quote from: vainhaver on December 19, 2017, 11:43:54 PM
Quote from: tippytoes on December 19, 2017, 10:44:07 PM
Quote from: BroBot on December 19, 2017, 11:03:50 AM
Quote from: tippytoes on December 19, 2017, 06:34:38 AM
One thing that I have reservations with is the security of your private keys. Though the dev stated on how to handle such situation, still, I'm not yet convinced regarding security concerns. Is there a server that will serve as data storage of your clients?

It's a very understandable concern, that's why we put a lot of effort and development time into creating an air-tight environment where the servers are completely isolated from the internet and the data is encrypted both at rest and when sent.

Communication is done directly with the exchange via HTTPS, thus avoiding man in the middle attacks.

In addition the user can opt in to only unlock and decrypt when they enter the 2 Factor Authentication code.

We hope this answers your concerns.

Thank you for the clarification. Though we can't see the system that you are going to build for this project, but it seems that you know what you are doing. So good luck to the brobot team!




No problem, the security process has to be transparent in functionality but at the same time we cannot be very specific about it because we would increase our attack probability.
We will be as comprehensive as possible in the Whitepaper of course.


good to hear that brobot is still open for more developments in your security. It's a good thing because this project surely will gain more investors in the future. We all know that security is one of the priority in every company, because when an investor see that their investment is secure along with their data without any doubt they will invest more. Just one thing do you consider adding Double IP restrictions for your security?


Hi there,

Yes, we are open to handle any remarks about improving our overall security even further. It is true that security especially in the crypto space is extremely important given the past incidents.

Regarding Double IP restrictions, if by that you mean IP whitelisting yes, that is and will be available, whereas we supply fixed IP addresses from which all requests to the exchange API will originate.

Also something to add to this, API keys are ONE-WAY only, and are never retrieved back to the user in the backend of our application.

Let us know if you have more questions regarding this issue.