As the staking smart contract allows users to deposit and withdraw from any address, does Nash plan to offer a method for users to add an additional public key (from a hardware wallet) to their KYC’d account allowing them to stake from a hardware wallet yet receive their dividends to their KYC’d account?
Was already aware of this post but thanks anyway, I was more trying to suggest that as long as there’s no hardware wallet support for the current solution then maybe they could allow users to register an alternative address they can stake from. Since trading and staking are two completely separate operations so there’s no need for users to use the address (key) in the extension.
Why do you want to stake from your hardware wallet?
Staking via the designed way makes it very safe because it’ll be locked up in a smart contract.
It’s just a small step to send from your hardware wallet to your Nash account from where you can stake right away.
Nash talks about the users have full custody over their coins. Along with this it should not matter if they want to stake from their nash account address, their hardware wallet address or any other type of wallet where they own their private keys.
I understand your point but you still have full custody over your funds in my previously described way. Anyways, the team said that they will look at hardware wallet support in a later stage, but it’s definitely not a priority because either way the user has full custody.
That is true, you still have full custody even with the solution you mentioned. The little concern I have is that you are forced into this solution. Also as you say they will find a solution for this topic in later stages and I’m fine with that.
The problem I’m trying to address is; Suppose a user wants to stake for 24 months starting from the first day of trading. At this point there’s no hardware wallet support so the user is forced to use the existing solution. Using the existing solution the password 2fa etc. used to access those keys are now as secure as the device(s) the user decides to use. The user then stakes for 2 years and after 6 months that device gets compromised along with the private key. Now the attacker has those keys and can perform the claim and withdraw functions within the smart contract, funds and dividends are no longer safu. Should the team allow a user to add a public key from which they’ll stake to their account even if their account is compromised only the funds relating to the users trading and their dividends can be taken but the ash tokens remain safu. The user can now close the compromised account create a new KYC’d account add the same public key from their hardware wallet and carry on receiving dividends.
Ah, I see your point. I think the Zero Knowledge key manager will fix this. If your device gets compromised then you can still login via another device and set things straight or something.