Hi again! I observe the HAS topic presented by You, and with each new post, I understand more and more, but still have a hole in knowledge. Could You share some online publications about out-of-band data ? Maybe it will be good to add some references about security topics mentioned here, to make the post more reliable.
Also, I have a question about malicious applications which sends requests for approval on behalf of other application, how does the HAS protocol prevent such an attack ?

Could You share some online publications about out-of-band data ?

Yes, more posts about it and how security is managed are coming... 😅

how does the HAS protocol prevent such an attack ?

That will be addressed in the coming posts too.
TLDR; auth_req sent by a malicious app to HAS will expire and be ignored if the user's PKSA is not running. If the PKSA is running, PKSA should ignore them if they did not retrieve a matching off-band auth_req_payload before.

What's the advantage of signing in with Hive Authentication Services instead of signing in with Keychain? Keychain also does the signing locally without sharing the keys to anyone. Would it be possible to collaborate with Keychain instead of building another login service?

The browser extension you are probably referring to in your comment does not work on mobile.

I am actively working with the Keychain team to support the HAS protocol in Keychain Mobile.
It will allow users to store their keys in one place (Keychain Mobile) and authenticate within any application that supports the HAS protocol, either a mobile, desktop, or website app, without installing anything else.

I am not a programmer. I have no clue about coding.

But I like to comment to show my support and respect for your work! My deepest respect goes to people who can program and implement something like this.


P.S. I already voted for the proposal.

I have loved this work you are doing and I think it is very cool. Although I am still learning about these systems, I liked the way you explain the whole process of operation of HAS. Really, this service is very useful. You have my support. Regards.

Thank you for your support @fragozar01

Too late to vote another wonderful project that you have put together. Instead I will send you some !PIZZA token and a tip! Merci mon ami! A bientot sur le HIVEFEST!

It's never too late to support. Every vote matter, especially for a proposal with a one year time-frame.

I have been happy to meet you again at HiveFest. 👍


It was good to see you again at HIVEFEST mon ami.

Thank you so much for the beer mon ami. I am saving up beer to give away with the !PIZZA because what is pizza without beer?

I was so excited to see this and hear your presentation at HiveFest. Are there plans for a Wordpress plug-in for us non devs? That would be a game changer for Wordpress users.

Thank you.

Are there plans for a Wordpress plug-in for us non devs?

Not that I know. But if you know people who have the skills to do it, don't hesitate to tell them about it. I will be happy to support it.


PIZZA Holders sent $PIZZA tips in this post's comments:
sgt-dan tipped arcange (x1)
@sgt-dan(1/10) tipped @beerlover (x1)
chrislybear tipped arcange (x1)

Learn more at

This is a very useful reference post. Ill come back to this when i am implementing it in an app i have been thinking about resurrecting from the Steem days.
One thing that always concerned me by being an app developer was having to be responsible for peoples private keys in some way. I'll take this for a test drive and see how it works.

Great to read you are interested to support HAS in your apps.
Feel free to contact me if you have any questions or need help.

Congratulations @arcange! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You distributed more than 570000 upvotes.
Your next target is to reach 580000 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Check out the last post from @hivebuzz:

Bee ready for the 2nd Hive Power Up Month challenge!
Trick or Treat - Share your scariest story and get your Halloween badge

This post has been manually curated by @steemflow from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share 80 % of the curation rewards with the delegators.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

Read our latest announcement post to get more information.


Please contribute to the community by upvoting this comment and posts made by @indiaunited.

I am not a programmer but has a few knowledge about it since we were taught some basics in college and I have a huge dream of becoming a programmer myself. But I should be totally honest, I still have to study this. I just can’t wait to comment to show support so here I am sending you virtual handshake 🤝. I voted for your proposal and recommended it to my friends. I also voted for you as witness. Congrats and best of luck.

I have a huge dream of becoming a programmer myself.

That's the way to go, leads to empowerment and freedom.
Thank you for your support and your virtual handshake @nikkabomb.
Here is a virtual hug and some !LUV 🤗






@nikkabomb, you've been given LUV from @arcange.

Check the LUV in your H-E wallet. (1/1)

One for all security on mobile interesting and necessary!

Full backing, although I never venture onto mobile and rely purely on PC, call me old fashioned 😌

Have a great day and thanks for what you do into blockchain security for community.







@arcange, you've been given LUV from @joanstewart.

Check the LUV in your H-E wallet. (1/5)

Thank you @joanstewart
I can be old-fashioned too but from time to time I jump into the present and use my mobile. 😆

Oh a few Apps never, banking or content creation would be dangerous with predictive text and fat finger syndrome.

The rewards earned on this comment will go directly to the person sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at

Am glad to read through this post, please do keep up the good work @arcange

How can I download it?
I can't find it in my app store

HAS is not a downloadable application