EOS HandBook
Version 1.81.20190829 β. This document is all allegedly.
About
EOS Handbook is an independent project currently with no sponsors.
Please get in contact if you would like to be a sponsor.
For a list of recommended projects see the 🔗 Links section

Earn EOS on Coinbase

Card image


Coinbase is currently allowing users to earn $10 of EOS by completing introductory lessons to start learning about EOSIO and EOS.
You can earn ever more EOS by referring your friends!

coinbase.com/earn/eos

Get EOS Handbook

Card image


EOS Handbook is an independent project to create a up-to-date resource that gives basic needed information on how to use EOS.

.pdf .html
Contents

What is EOS?
EOS is
Crypto
Usually refers to crypto-currency as a topic or your holdings of crypto-currency.
The root word means "hidden".
Crypto can be short for Cryptography, Cryptographic, a Crypto-Currency or Crypto-Asset.
.
EOS is a Proof Of Stake
POS
POS stands for Proof of Stake, the next generation of crypto-currencies like EOS and the new POS style Ethereum. Consensus is acheived through voting with staked tokens on the network.
blockchain.

If you do not know what Proof of Stake means then please see the section on "What is Crypto?".

EOS

The letters EOS do not stand for anything specific.
In greek mythology EOS is the Goddess of the Dawn.

eos.io

eos.io
github.com/EOSIO is the open source software that runs the eos blockchain.
is the software that EOS uses.

"EOSIO is a next-generation, open-source blockchain protocol with industry-leading transaction speed and flexible utility. Introduced in May 2017, it has since been widely recognized as the first performant blockchain platform for businesses across the world."

eos.io

The Chestahedron

The Chestahedron is the symbol for EOS:
It is the first heptahedron of this configuration in the history of geometry.
Created by Frank Chester



EOS Chains

Anyone can run the software and there are already several other active networks running the same sotware.

These networks can all be accessed now using
Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
:

The EOS MAINNET Chain

The main network running the EOS.IO software is called EOS or mainnet the EOS MAINNET.
You can see the state of the network using any
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.
.
The eosio contract is controlled by the elected
BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
s.

What can I do with EOS?

Too many things.

EOS Accounts

To use EOS you must get an EOS account.

The EOS Token

The EOS token is a utility token that can be staked for
Resources
In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
.

EOS Sister Chains

Sister Chains run the eos.io software:
TELOS
" Telos will have the most even money supply distribution of any blockchain. This token distribution improves governance so the network is more secure and sustainable."
WORBLI
An EOS blockchain that uses KYC.

EOS Side Chains

Side Chains are running modiied version of the software:
EOSFORCE.IO
"EOSForce is dedicated to exploring a more open set of cryptoeconomic infrastructure. Through consistently developing a multichain architecture protocol, EOSForce fulfills needs for diverse consensus and facilitates blockchain applications in all fields."
BOS (Business Operating System)
"The goal of BOS(Business Operating System) is to build an EOSIO ecosystem that supports more DApp and solve real-world problems using blockchain technology..."
⚿Wallets: Accounts, Authenticators and Tools

Wallets, Authenticators, and Toolkits


Wallets on the blockchain are not like physical wallets.

The word WALLET is ambiguous and can mean:
  • Authenticator: The software or hardware you use to access your account.
  • Account: Your account on a blockchain.


We are going to call all wallets that store your keys AUTHENTICATORS.

"the term ‘wallet’ is potentially misleading if the user’s intention was to ‘authenticate’ with a service or to ‘sign’ a transaction ... traditional wallets functioned as a place to store tokens, the blockchain community adopted the term ‘wallet’ in the early stages of its development ... we have considered a number of terms that would more accurately describe the purpose of ‘wallets,’ from ‘signature providers’ to ‘authenticators’ to ‘transaction signers’. Ultimately, we have decided that for the purposes of this library and our future literature in the wallet ecosystem, we will be referring to all ‘wallets’ as ‘authenticators’. "
from eos.io
EOSIO Labs™ Release: The Universal Authenticator Library (UAL)

In EOS the "wallet" has 3 different aspects: Authenticators allow you to access your account (wallet) and have tools (often also called a wallet).
  • Authenticator Wallet
    These store your
    Keys
    Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
    The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
    .
  • Account Wallet
    The address or name of your crypto account.
  • Wallet Tools
    Allows you to manage your account by permforming contract actions.
EOS permissions are a powerfull way to control access to the wallet.

Account Wallet (Holds your tokens)

Crypto accounts are called wallets. Your account is the location of your tokens and so conceptually like a physical wallet.

EOS accounts have a simple username, in BTC the address is a public key.

When you look up an account on a
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.
you see the account contents.
The contents of your account are said to be in your "wallet".
For example communitydev.



Authenticator Wallet (Access your account)

There are many "wallets" that act as an
Authenticator
Authenticators are the programs that allow you to authenticate a transaction. For example to authorize an account to send funds you will need an authenticator with the appropriate private key for the account.
Authenticators are often provided as "wallets".
:
These hold your
Keys
Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
.

Hardware Wallet
Never remember a password again... A "hardware wallet" is a "hardware authenticator". It holds your keys.
Blockchain as the Solution to the Insecurity of Passwords by block.one block.one News : Blockchain solution to the insecurity of passwords
- Tutorial on changing your EOS owner and active keys using Ledger Nano S:
s are authenticators.

Recommended Software Authenticators:
  • Scatter
    Scatter is a multi-chain wallet. get-scatter.com.
    It works on EOS and other chains.
    Scatter wallet is the EOS authenticator we recommend.
Other Authenticators:

Wallet Tools (Perform actions on your account)

Account Management sections of dApps and web sites are often called "wallets".
bloks.io calls it's services a "wallet", eostoolkit calls itself a "toolkit".

These Account Management "Wallets" currently provide more services than any authenticators.

Wallets Tools (aka Toolkit aka Wallets) Links
  • bloks.io
    bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.
  • eostoolkit.io
    eostoolkit.io is a wbesite that provid es many tools to administer accounts including dApp staking and airgrabs.
  • EOS Authority
    eosauthority.com is a wbesite that provides a wallet, block explorer and much more.
  • myeoswallet.one
    myeoswallet.one is made by AtticLab.
    MY EOS WALLET offers a free, open-source, client-oriented interface for transferring EOS & Tokens.

For example in bloks.io/wallet:
In addition to the account "wallet" which shows your balance there is an additional "wallet" section which has a tools menu :
bloks.io/wallet
bloks.io/wallet
EOS account management
EOS accounts can be managed from
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
apps and web sites.

Some
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
also have EOS account management.
Here is a picture of an EOS account information on
bloks.io
bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.
:
EOS account information on bloks.io
EOS account information on bloks.io

The EOS tokens can be in several states: Total EOS Balance is your total quantity of EOS tokens.
Available shows your liquid balance;the amount you can move.
Refunding shows EOS currently being un-staked.
Staked shows the amount Staked to CPU NET or Others
REX shows your investment in the Resource Excahnge.
Remember EOS is D
POS
POS stands for Proof of Stake, the next generation of crypto-currencies like EOS and the new POS style Ethereum. Consensus is acheived through voting with staked tokens on the network.
. Delegated Proof of
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
, not Delegated Proof of Token.

In order to use the network or vote you must have EOS Staked.

1. STAKE You need to have EOS staked to use dApps or vote. Any wallet and most dApps allow you to Stake and Unstake.


2. VOTE You can vote for up to 30 Block Producers. If you do not renew your vote every 7 days the effect will decay more over time.
Recommended: You can use scatter to vote for a proxy and set the vote to be renewed every 7 days.



3. REX You can earn interest on your EOS by putting it in the
REX
REX allows you to lend EOS tokens and maintain ownership and voting rights.
so others can lease it.

Resources Management
Currently we need to manage our own resources;unstaking or staking EOS for CPU or NET and buying and selling RAM.

Management of resources will likely be abstracted from most users in the future.

Most dApp users will not need to manage resources at all.

For now, EOS users may need to manually adjust resource allocations to avoid running out of CPU, NET or RAM.

RAM
RAM is a resource which is purchased with EOS tokens.

You don't need to worry about it unless you max out your RAM. 1k surplus RAM is enough to cover several RAM consuming actions.
When you reach close to 100% RAM usage then actions which require RAM will not work. Buy more RAM in 1k increments.
You can see what is using up RAM using the RAM Usage tool from labs.dfuse.io on with the RAM Explorer in
bloks.io
bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.

RAM Explorer on bloks.io
RAM Explorer on bloks.io

WARNING

The RAM price can go up and down but speculation on RAM prices in not recommended.
The network will try to keep prices low so buying RAM with the goal of selling it at a high price is likely to fail.

Solutions will probably emerge to assist with RAM management and let you manage your RAM usage.

CPU and NET:
These are resources on the network. EOS is a utility token.
It is used to gain access to the EOS network.
This is done by STAKING EOS to get CPU and NET. How much CPU or NET you need depends on your actions. In general 0.1 NET seems to be fine for everything and 1 EOS on CPU sill allow you to perform basic actions.
In the image gaingang.e has 4.2 EOS staked as CPU and this gets us 557.3ms of CPU usage. The amount of CPU time you get changes depending on the use of the EOS network.

View a live and historic graph of CPU available on the netowrk using EOS Titan Labs
⚐ STAKE

EOS is a DPoS system

DPoS = Delegated Proof of Stake


"Staking is the new Mining"


There are around a billion EOS tokens. These EOS tokens are only being used when they are STAKED on the network.

You can "STAKE" EOS from any
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
s and most
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
.
  • Staked EOS is locked up and cannot be transfered. It takes 3 days ( 72 hours ) to unstake EOS.
  • Staked EOS gets
    Resources
    In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
    Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
    as CPU or NET.
  • Your voting power is how much you have staked.
  • Staked EOS is locked so anyone who temporarily gains access to your account cannot take the EOS.
    You will have 72 hours to regain control of the account before the staked EOS can be unstaked and taken.
  • EOS can be staked to any any account.
    You can stake EOS to someone else and still maintain ownership.
  • EOS in the process of un-staking will be listed as refunding and can be re-staked at any time.

Types of Staking and Lending


The
REX
REX allows you to lend EOS tokens and maintain ownership and voting rights.
allows you to profit by a small percentage lending out your staked EOS.

If you need staked resources someone with a lot of more staked resources than they need can easily stake some of there resources to you.

There are other staking or staking-like resources:

stakemine.io allow you to get dividends for staking CPU or NET to a project.

chintai.io is a loaning platform so you give out your EOS and get it back after some time.
Here is a video on using stakemine from March 19th 2019. Earn EOS Tokens From Staking EOS by Hodl EOS.
Stake about 2 EOS as CPU and 0.2 EOS as NET, this should be enough. If you are doing many transactions in a short space of time or the network is very busy you may need more resources.
🗳 VOTE
You must have EOS tokens
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
d to vote.
Votes count for Block Producers and Referendums:

Block Producers
Votes decide which 21
BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
s run the EOS network. You can choose up to 30 to vote for yourself.

Referendum
Referendums are proposals for changes to the network. Anyone can propose a change.
If a referendum proposal receives enough votes the Block Producers will enact the approved changes.

Researching and keeping up to date with BPs and referendums can be complicated and time consuming.

Voter Proxies

You can vote for a proxy that will select 30 BPs and referendums for you.

You can research BPs and proxies at alohaeos.com
Smart proxies can assign votes to more than 30 BPs using a contract to periodicaly changing their vote allocations.

Vote for ggvoterproxy using any number of
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
s.

If you do not renew your vote every 7 days the effect will start to decay slightly over time.

RECOMMENDED - Use a proxy like ggvoterproxy to avoid vote decay!
You can use Scatter to vote for any proxy and set the vote to be automaticaly renewed every 7 days to avoid vote decay.

Using Scatter to Vote for ggvoterproxy.
Using Scatter to Vote for ggvoterproxy.
🦕 REX
Accounts require only a small amount of
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
d EOS to perform actions the remainder can be lent out because you are not using it.

REX is the EOS Resource EXchange.

The
REX
REX allows you to lend EOS tokens and maintain ownership and voting rights.
allows you to profit by a small percentage for allowing others to use your staked EOS.
Others can lease these resources from REX at 30 day intervals.

REX allows you to lend staked EOS and maintain ownership and voting rights.
The EOS value of your REX balance is included in your account balance along with liquid and staked EOS.

The REX token:

When you put EOS into REX you buy REX token with EOS value.


How to use REX:

Use any
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
to move EOS into REX.
These sites explain and allow you to buy REX:
eosauthority.com has a good interface. eosrex.io was set up by the community.

To put EOS into REX it must be staked and you must vote.
Some wallets may stake and vote for their own proxy when you buy REX.

Please make sure you choose the proxy to vote for.

  1. Stake your EOS (optional).
  2. Vote for a proxy.
  3. Buy REX and receive REX tokens.
  4. REX tokens will be locked up for 5 days to "mature".
  5. When your REX is matured you can sell it back into EOS or put it into SAVINGS.

(Optional) Stake your REX in SAVINGS.

To protect your REX tokens from being moved if your account is compromised you can
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
your REX tokens into a savings account.
It takes 4 days to unstake the REX. This allows time to regain control over an account using an owner key.

The value of the REX in EOS can only go up. You cannot lose your EOS.

You can see the value in any EOS
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
.
Sell REX tokens back for EOS at any time when they are matured and unstaked.

chintai.io allows you to do a lend or borrow at a fixed percentage for 7, 14 or 28 days.
🦕T-REX TELOS
TELOS
TELOS is an EOS sister chain that uses the TLOS token.
This handbook supports EOS sister-chains because they works pretty much the same EOS.
If there are any differences emerge this guide will try to inform you in the appropriate sections.
is an EOS sister chain that uses the TLOS token and now has REX.
TELOS REX (T-REX) launched August 2019.

You can stake using bloks.io in the same way as EOS.
OR Sqrl Wallet :
Telos REX Guide guide on medium.com by EOS Miami :
An Overview of T-REX in Sqrl
[ https://medium.com/@eosmiami/an-overview-of-t-rex-in-sqrl-c48140beb04c ]


Short SQRL Wallet Instructions:
Get REX using liquid TLOS:
  1. Vote
  2. Deposit liquid TLOS by selecting "Deposit TLOS for Lending".
  3. Select "Lend Deposited TLOS" to get REX.
OR to get REX using staked TLOS:
  1. Vote
  2. Select "Unstake and Lend TLOS" to get REX.
$ TOKENS
You can find a list of EOS tokens and their related contracts at:
eosgo.io
bloks.io/tokens


You can trade EOS tokens at:
newdex.io
dexeos.io

The important token info is Market Cap, Volume (24h), Circulating Supply, Max Supply and Top Holders. Some tokens can be
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
d.
Some tokens use the eosio.token contract and are as reliable as the main EOS token.



The EOS Token

The EOS token is a utility token that can be staked for
Resources
In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
.
The EOS token also used for account creation on the EOS platform which runs the eos.io software.

Resources
In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
are used to run
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
and to vote.
The EOS token is used to
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
and vote.

The main EOS token uses the eosio.token contract.

Other Tokens and Contracts

Anyone can issue a token with their own contract.

Tokens other than the main EOS token can use the eosio contract.

Most tokens use their own custom contract.
The contract name is always listed with the token name in every
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.


WARNING
  • Many tokens can have the same name. Always check the contract name for the token is correct.
  • The contract owner can change, move or destory your tokens.
  • You can only trust tokens as much as you trust the owners of the token contract.

Cryptolions is creating a simple assets multi-sig to solve the problem of token trust.

⚙ CONTRACTS

dApps & Smart Contract

Contract actions (a.k.a. Smart Contract) are the code that run on EOS.

dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
are applications that use contract actions.

Resources
In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
are used to run
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
and to vote.

EOS uses the eosio contract.
The EOSIO contract is controlled by the elected
BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
.

Contracts on EOS

Any EOS account can set up it's own contracts.
Contracts provide actions and can issue custom tokens.


Transactions / Contract Actions

Contract Actions are listed on accounts in every
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.


When you use a contract action you will perform a transaction.

The eosio Contract

eosio Contracts

The eosio contracts control the EOS mainnet.

Instead of having one manager there are 21 elected
BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
s voted for by EOS token holders.

The voting determines which BP accounts are given authority to administer the main eosio contracts. The EOS token contract is called eosio.token. The permissions for this account are set to the BPs listed on eosio.prods.

The permissions show us that:
  • 15 BPs must sign for an active permission action.
  • 11 BPs must sign to run a major permission action.
  • 8 BPs must sign to run a minor permission action.
The 21 BPs on the eosio.prods account are listed on every
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.
:
The active EOS BPs listed on bloks.io
The active EOS BPs listed on bloks.io

The number 15 next to the lock symbol for active permission indicates that 15 out of 21 BPs listed must sign a transaction in order to complete it.

🔓KEYS or NO KEYS?

The Importance of Keys:

Crypto is said to be owned by you only if you have your own damn keys.

People talking about "having coins in a wallet" or owning a wallet. In reality all you have is your keys.

Keys are the highest.

An analogy with physical gold:
Having physical gold in your hands is like having your own
Private Key
The private key is a type of “password” that matches the public key.
The only part of the PUBLIC / PRIVATE key pair you need to keep safe is the PRIVATE key.
s.
In the same way that when you hold physical gold only you can touch it. Keeping the keys safe means only you can access your
Crypto
Usually refers to crypto-currency as a topic or your holdings of crypto-currency.
The root word means "hidden".
Crypto can be short for Cryptography, Cryptographic, a Crypto-Currency or Crypto-Asset.
.

EOS is a token of ownership in a shared de-centralized computer system; it is ownership of a utlity .

It is important to understand that EOS is a utility token that can be
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
d.


Having the keys to your a utility means you can use it or say who can use it.


Not using Keys:


You can hold EOS without managing your own keys by :
  • Use a wallet service that manages your EOS account


    wombat wallet
    Currently offers free account creation.
    Secure key storage and recovery is offered because wombat hold the keys, and ownership, of the account.
    WARNING:
    Not recommended for large accounts.

    You have an option to buy the EOS account and transfer true ownership to yourself at any time.
    If you have a high value of EOS then you can easily afford to buy an account.

    bancor.network
    Bancor allows you to hold tokens in an EOS account they own.
    Bancor allows you to log in with any SMS telephone number, facebook messenger account or telegram account.
    You will be able to hold tokens on several networks including the EOS network. You hold EOS in a wallet that Bancor own and manage.
    You will still need to get your own wallet to make full use of an EOS account.
    WARNING:
    Not recommended for large accounts.
    With bancor you do not create an EOS account name for yourself so there is no reason to buy the account.
    You can simply move tokens out into another account you own at any time.

    voice.com --- coming soon ----


  • Use a wallet that manages your keys

    A software
    Authenticator
    Authenticators are the programs that allow you to authenticate a transaction. For example to authorize an account to send funds you will need an authenticator with the appropriate private key for the account.
    Authenticators are often provided as "wallets".
    wallet will store your keys, encrypt them and allow you to take backups.

    You will need a Hardware
    Cold Wallet
    A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
    to get the extra protection of
    Cold Owner Keys
    Cold Keys that are set to a users owner permission.
    if you want to avoid managing your own keys.


  • Hold EOS on an exchange

      Potential problems with keeping EOS on an exchange:
    • You may not be able to vote and the exchange may vote with your tokens.
    • You may miss out on airdrops.
    • You may miss out on passive income from
      REX
      REX allows you to lend EOS tokens and maintain ownership and voting rights.
      .

    Please use a
    DEX
    Decentralized EXchanges like BitShares are much more secure than regular exchanges. BitShares, for example, has never been hacked.
    (De-Centralized Exchange) (like BitShares that has never been hacked).
    Centralized Exchanges are often not secure.
    ✓ DEX
    DEX
    Decentralized EXchanges like BitShares are much more secure than regular exchanges. BitShares, for example, has never been hacked.
    aka De-Centralized Exchanges offer the benefit of real ownership. Using a DEX means you hold keys to an account that actually holds your tokens.
    🗙 Centralized Exchanges
    When you hold any asset like gold or crypto on a centralized exchange, you do not really own it.
    The exchange is saying they are holding your crypto or gold and you must trust them to keep it safe.

  • Wait for any of the myriad of multi-sig solution to be deployed...
    Multi-sig offers incredible protection and convenience.
    There are too many ways multi-sig can be used to describe them all here.
    • A user could have keys in a wallet set up by a dApp for recovery or access to certain contracts.
    • Multi-signature groups could be added to allow specific dApp access or for new keys or permissions to be added.
    • MFA / 2FA
      Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two (2FA = 2 Factor Authentication) or more pieces of evidence. wikipedia : Multi-factor_authentication
      and
      Cold Wallet
      A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
      funcitonality could be added by groups or apps.



In the future more solutions will emerge that will allow you to have secure EOS accounts without ever learning about PUBLIC/PRIVATE KEY PAIRS.


🔑 What is Crypto?
Crypto
Usually refers to crypto-currency as a topic or your holdings of crypto-currency.
The root word means "hidden".
Crypto can be short for Cryptography, Cryptographic, a Crypto-Currency or Crypto-Asset.
is Short for Crypto-currency.

Digital Assets can include non-cryptographic digital assets.

The only type of digital assets we are concerned with here are assets protected by a public/private
Key Pair
Crypto accounts require a "cryptographic public/private key pair".
Together the public and private key form the "Key Pair".

The private key is the only critical part and can be used to generate the public key.
.
The one way cryptographic algorithm that gives us PRIVATE/PUBLIC key pairs is based on complex mathematics.
Few understand how these alorithms functions but it is important to understand what is achieved by having public/private key pairs.

Crypto accounts require a "cryptographic public/private key pair". The only part you need is the PRIVATE key. Your private keys you hold for your crypto accounts are commonly refered to as "your keys".

The public key allows you to tell people what your password is without telling them your actual password.
This is the main difficult thing for people to understand.

Put simply a public key is a kind of magic thing that allows someone to be able to confirm what your password is without knowing your password.
Even though that may seem impossible.
Cryptographic assets can be said to be owned or "held in a wallet" because the owner has control over the PRIVATE KEYS needed to acess those assets.

There are currently 2 main types of crypto:
POW
POW stands for Proof of Work, the first generation of crypto-currencies like Bitcoin and old Ethereum used this method. Consensus on the network was acheived through hashing work done by nodes on the network.
and
POS
POS stands for Proof of Stake, the next generation of crypto-currencies like EOS and the new POS style Ethereum. Consensus is acheived through voting with staked tokens on the network.


POW
POW stands for Proof of Work, the first generation of crypto-currencies like Bitcoin and old Ethereum used this method. Consensus on the network was acheived through hashing work done by nodes on the network.
blockchains like Bitcoin have many disadvantages:
  • Slow
    Transactions can take a long time.
  • Expensive
    The cost of wasted electricity in using POW networks makes it expensive. Bitcoin transactions can cost over $10 in fees.
  • Extremely Inefficient
    The process of running POW networks takes a lot of electricity. Bitcoin is extremely wastefull and therefore damaging to our environment.
    BTC uses around 75 TWh per year. that is more power than Austria, the 39th highest power consuming country. BTC consumes more power than 160 countries.
  • Environmentally Damaging
    This means a huge amount of enviromental damage and that an alternative must be found.
    Growth of bitcoin will cause more damage. BTC provides a product with benefit but all those goals can be achieved without this energy wastage.
  • Only for the Rich
    Due to the expense of performing transactions;bitcoin can only appeal to the rich. i.e. people who's average transaction is well over 1,000 dollars. This excludes most humans from being able to use it.
  • Not Scalable
    POW chains cannot support a large number of users. BTC for example has had only around 1 million active accounts in the last year and it cannot grow beyond this. POW blockchains are not capable of mass adoption and so are not able to fulfil the promise of crypto-currency technologies.

POS
POS stands for Proof of Stake, the next generation of crypto-currencies like EOS and the new POS style Ethereum. Consensus is acheived through voting with staked tokens on the network.
blockchains have solved these problems and have delivered:
  • Speed - Transactions feel instant. Delays of less than a second.
  • Efficiency - No waste, no enviromental damage.
  • Free Transactions - Anyone in the world can use it regardless of their wealth.
POS blockchains promise to solve the problem of scalability.
Only a practical demonstration can confirm that this has been achieved.

Take a look at blocktivity to see how chains are progressing with increasing their maximum transaction rates.


FUN FACTS about Cryptography:
• Cryptographic algorithms were developed by the military and not revealed officially to the public until the 90s.
• The RSA encryption algorithm was developed by the military in the 70s.
• A military is just a big gang. So crypto was started by a gang as a gang secret.


https://en.wikipedia.org/wiki/Public-key_cryptography
“Their discovery was not publicly acknowledged for 27 years, until the research was declassified by the British government in 1997”

https://en.wikipedia.org/wiki/RSA_(cryptosystem)
The acronym RSA is made of the initial letters of the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who first publicly described the algorithm in 1978

https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
EOS uses ECC to generate keys.
The Elliptic curve cryptography functions: Private Key, Public Key, Signature, AES, Encryption, Decryption are available at: https://github.com/EOSIO/eosjs-ecc
🔑 PUBLIC/PRIVATE KEY PAIRS
Many don’t know, and it is relatively complicated to fully explain.

A password is a key.
A normal 1 key password uses
Symmetric-Key Cryptography
Symmetric-Key Cryptography uses the same password to encrypt and decrypt data.
:

[orignal data] ---> PASSWORD 🔑 encrypt ---> [encrypted data] ---> PASSWORD 🔑 decrypt ---> [orignal data]


Asymmetric Cryptography
Asymmetric Cryptography is another name for Public-key cryptography. more info and descriptive images @ wikipedia : Public-key_cryptography
uses 2 keys. They make up a key pair 🔑🍐 . One to encrypt and one to decrypt:

[orignal data] ---> PUBLIC 🔑 ---> [encrypted data] ---> PRIVATE 🔑 ---> [orignal data]


Private Key:
The PRIVATE KEY is your “password”.

Public Key:
The PUBLIC KEY allows you to set the password (private key) without ever revealing your password.
The PUBLIC KEY is not secret.

The existing public keys are visible to everyone on the blockchain. They are listed under permissions on
bloks.io
bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.


Example of a real EOS key pair


Below are keys i generated using an EOS Key Generator to use as an example:

Private key: 5JS7FAreLxFxCV5qLMHMJCqYGFPJznM2xJJPiHGLxNPu2rRWHMb
Public key: EOS88Y6zYLd7a5eRy3YPrekRtMbbsdYwPRDChQYHD41U4usHXT28w

Let’s take a look at each part of the key pair:

PRIVATE KEY


Private key: 5JS7FAreLxFxCV5qLMHMJCqYGFPJznM2xJJPiHGLxNPu2rRWHMb
The ONLY ONE of the pair you NEED is the PRIVATE KEY.
The PRIVATE KEY is your PASSWORD and needs to be kept secret.

PUBLIC KEY

Always begins with EOS
Public key: EOS88Y6zYLd7a5eRy3YPrekRtMbbsdYwPRDChQYHD41U4usHXT28w

The PUBLIC KEY part allows anyone (including the block chain) to validate the private key part ( the password part ).
The PUBLIC KEY is NOT a PASSWORD, it is more like a lock than a key to be honest.

Many blockchains like BTC, ETH and LTC use the public address as the account name.

On these chains there is no way to change the private key.
Therefore in the event that the private key (password) is stolen or lost it cannot be changed.


EOS allows you to change your keys.

EOS also has an advanced permission system. Permissions can allow users to be protected again lost or stollen keys and even avoid dealing with keys altogether.



EOS keys use Elliptic-curve_cryptography (ECC)
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
the Elliptic curve cryptography functions: Private Key, Public Key, Signature, AES, Encryption, Decryption are available at: https://github.com/EOSIO/eosjs-ecc
🧮 How to Generate Keys
There are many key generator available some are listed here:
eosauthority Blog : How to generate EOS private and public key pairs

The official eosio generator code for keys is here: https://github.com/EOSIO/eosjs-ecc

Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.

Any wallet will generate keys that are fine for use as
Hot Keys
Keys that have ever been on any computer which is then connected to the internet.
.
Scatter will guide you through the process. It has a button called "Add Keys". The Scatter vault keeps your private keys and you can recover them by selecting EXPORT.
Scatter provides key generation and management.
Scatter provides key generation and management.

Cold Key
Cold Keys are a key pair where the private key has not been used online.
If the private key is used and the account is accessed the keys are “HOT”.
To make an account use cold keys change the keys to the newly generated offline keys using the PUBLIC key of the new key pair. This method has most of the same advantages as a cold wallet system.
s

EOS Paper Wallet is a web page you can download and run offline.

eospaperwallet is the simplest to run an any device that can run a web browser.
make sure you have the correct web site and then download
More examples of key generation here:
eosauthority.com blog : How to generate EOS private and public key pairs

Validate Keys

eoskey.io provides a GUI for offline key generation on mac/windows/linux

eoskeyio has the advantage that is will validate the public private key pair. This means you can confirm the keys will work before using them.
You can also input a private key and it will generate the matching public key.
eoskeyio provides offline key validation.
eoskeyio provides offline key validation.


❄️ Cold Keys
These keys are created on an offline computer.

Weak Offline Keys

These keys are deleted from a computer before it is put online again. This provides some level of security, however if spyware is on the machine while it creates keys then it can still steal your data.
The private key could have been recorded before it was deleted and then sent to an attacker when online.

True Offline Keys

The computer is never put online again or the disk with the operating system that created the keys is removed or wiped.

You can either:
  • Use a computer you keep permanently offline.
  • Connect a drive with an OS that will never be used online after key generation.

You can use an old phone or laptop, you can use almost any computer or bootable drive.
It is preferable if the device does not have any wireless communication.
A Raspberry Pi works well with the OS on an SD card. After the key is created the SD card, USB drive or HDD can be removed or wiped.

Recommended:


Download EOS Paper Wallet and eoshandbook.com single html. These are both web pages you can download and run offline on any computer than can run a web broswer.


1. Use on offline computer to make as many key pairs as you need.
Create backups and keep the copies safe.

2. Copy only the
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
on to your online computer.

3. Set your Owner Permission to the newly created public key.
RECOMMENDED:
Create many keys at one time and keep the list of public keys on your computer.

This is so you can apply a new public key anytime without generaing more keys.


Remember to keep the PRIVATE KEYS safe.
e.g. backed up, offline and encrypted. When the
Cold Key
Cold Keys are a key pair where the private key has not been used online.
If the private key is used and the account is accessed the keys are “HOT”.
To make an account use cold keys change the keys to the newly generated offline keys using the PUBLIC key of the new key pair. This method has most of the same advantages as a cold wallet system.
s are used online they become a
Hot Keys
Keys that have ever been on any computer which is then connected to the internet.
.
A
Cold Wallet
A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
allows you to use cold keys and for them to remain cold.
Instead of a cold wallet you could assign new cold keys each time you use them.

Correct use of multi-sig may alleviate the need for a cold wallet or cold keys:
❄️ Cold Wallet
Using a Cold Wallet means An offline computer signs your transactions with an offline/cold key.

Setting up and using a cold wallet can be complicated.

One simple solution called Ducatur ColdCrypto Wallet is being developed for iOS by Ducatur
Ducatur ColdCrypto Wallet is a cold (offline) digital asset storage in the form of a simple smartphone application instead of expensive and inconvenient hardware wallets (Ledger nano, Trezor, etc) or insecure paper or online wallets.

How does a Cold Wallet work?
First an online computer creates an unsigned transaction that will expire after a period if not signed. The unsigned transaction file is passed to the offline ( or AIR GAPPED ) cold wallet computer. This wallet can sign transaction. The signed file is then passed back to the online computer, keeping the cold wallet offline.
Why bother?
Cold wallets are needed when using systems like BTC where the key can never be changed and is used as your account name.
EOS allows new cold keys to be applied at any time and has an advanced permissions system so you do not have just one unchangable key.


Example of voting with a cold wallet by eoscanada :
eoscanada : how to use eosc as a cold wallet with offline signing

Video of setting up a cold wallet with Greymass EOS Voter by eosDAC :
2019-03-15 Change your EOS account owner permission key using an offline computer
🛡 SECURITY
Love your family & cherish your health.
Be safe. Breath and relax. If this document is stressing you out, take a break or seek your answers elsewhere. We all die one day, part of your security should include having a plan for that.

Do not lose your
Keys
Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
.



If you do NOT want to know about Keys there are alternatives:

Be Bespoke

Bespoke means custom or custom-made.

Managing your own security means you are additionaly protected because no one knows how your security is managed.

For any one specific security solution a flaw could be found. If it is known that you use that solution it is easier for hackers to target you.

Therefore we do not recommend a single solution with a checklist to follow. This handbook aims to make clear the main hazards and potection solutions to choose from.

In all cases we recommend:
Do not loose your keys.
Always keep backups in multiple locations or with multiple people.


Use advanced security with
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
.

Things are advancing quickly and security solutions will rapidly get better and simpler.
We are all in this together, One Love.

"Every Man Think That His Burden is the Heaviest"
from Running Away by Bob Marley

🔮 Risks
There are 2 conflicting tensions:

LOST KEYS

Protection from yourself.
Prevent yourself form losing your
Keys
Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
.

STOLEN KEYS

Protection from others.
Stop someone else taking your
Keys
Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
.

In many cases your risk of losing your password/keys is much greater than the risk of anyone stealing them.

UNWANTED dApp ACTIONS

Authenticator
Authenticators are the programs that allow you to authenticate a transaction. For example to authorize an account to send funds you will need an authenticator with the appropriate private key for the account.
Authenticators are often provided as "wallets".
s like
Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
will ask you to confirm any actions that you perform in
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
.

Trustworthy dApps will not perform any bad actions and can be whitelisted to skip confirmations.

WARNING

Malicious dApps are safe to use ONLY if you follow this rule:

Always check every contract action before confirming it.
If the action you are attempting is to stake a token it should say stake in the confirmation screen and not anything else.


Be especially carefull of actions that say "updateauth" as this is the action can change your keys and give control of your account away

Scatter 11 has a function called a Firewall that blacklists dangerous acitons like updateauth by deault and can be customized.

You can determine the level of RISK and then decide how SAFE to be.
If you set up accounts with small balances you can take on much more risk.
The more important your tokens are to you;the higher the level of security you should use.

RISK 1 : Fire / theft / death / loss of keys.
RISK 2 : Compromised computer;local or online.
RISK 3 : Hacks (including phishing attacks)
All accounts should be SECURE using backups, encryption and offline storage.

Consider using additional levels:

COLD SECURE: Create and Set Cold Keys.

GANG SECURE
Using group permission with multi-sig;the most powerfull method for advanced security..
🛡 SECURITY GUIDE

Backup 🔑🔑🔑


To avoid loss:
Keep multiple backup copies of your keys in multiple locations in case of fire or theft or other loss.

Provide other people with a way to get access to your accounts if you cannot. This group should never all be present in one place. If all the key holders are lost then the account can still be lost forever.

Multi-Sig
Multiple-Signature Permissions: Multiple accounts must agree/sign to confirm a transaction. For example. With multi-sig we could make an account where 5 users must agree in order to make any change. Or we could have system where if 3 out of 5 agree, then they can perform a transaction. helpdesk.eostoolkit articles : Multisig-Tutorial
allows for decentralized backup security to be implemented by adding EOS account names to permissons. Eliminating the need to exchange and store many keys.

Multi-sig permissions allow for a group to be set that can authorize changes and so can recover an account if the event of lost keys.

Encrypt ⚿


To avoid theft:
Hardware Wallet
Never remember a password again... A "hardware wallet" is a "hardware authenticator". It holds your keys.
Blockchain as the Solution to the Insecurity of Passwords by block.one block.one News : Blockchain solution to the insecurity of passwords
- Tutorial on changing your EOS owner and active keys using Ledger Nano S:
s,
Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
and other
Authenticator
Authenticators are the programs that allow you to authenticate a transaction. For example to authorize an account to send funds you will need an authenticator with the appropriate private key for the account.
Authenticators are often provided as "wallets".
s will keep your private keys encrypted.

Encrypting the keys protects them from anyone who hacks your computer or gains local access to the machine.
Use a long password that you keep very safe.
Use a long
Brain Key
Another name for a password you remember and so do not need to keep written down.
and share it with someone you trust as a backup.
“Have a long pass key … “

“don’t make that shit easy like 123 ...”

Permissions, Staking and Alerts 🔐


For protection against hacked hot wallets:
EOS Authority
eosauthority.com is a wbesite that provides a wallet, block explorer and much more.
has a checklist that is can show you for your account at eosauthority.com/dashboard:
Show Security Level on an account:
Show Security Level on an account:

  • Use seperate Owner and Active keys.
  • Stake your EOS.
  • Set up an alert on your accounts using eosauthority
    eosauthority.com/alerts

Set your permissions and alerts correctly and your staked tokens will be protected if your computer is hacked and someone gains access to your account.
🗂 PERMISSIONS
Use permissions to hold an offline owner key:

So if any un-authorized activity occurs using the active permission we can use the owner permission authority to regain control before any tokens are unstaked and taken.
You can also use permissions to set a time limit for any action to be confirmed, so even wihtout staking you can still lockup tokens for whatever amount of time you like.

It is easy to make new accounts with different levels of security using permissions.



⚐ STAKE

Stake your tokens to lock them up. This gives a cooldown period allowing you to regain control of your account.

COLD SECURE

To use an account with only offline keys you would need to use a
Cold Wallet
A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
.
You can create keys offline to create Cold Keys.

COLD KEYS or COLD WALLET are recommended for large value accounts.
Cold keys are by their nature are safe from online attacks.
Owner keys (keys used for owner permission on an account) do not need to be in a wallet and should always be kept cold (offline).




🗂 What are Permissions?

Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
can be set to a
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
s or
EOS Usernames
Anyone on the EOS network can make a new 12 letter EOS Usernames made up of letter a-z and numbers 1-5.
Use eosnameservice.io to create a short accont name.
EOS runs a Name Bids auction for short account names.


OWNER PERMISSION – allows anything INCLUDING changing owner permissions.

ACTIVE PERMISSION – allows anything EXCEPT change the owner permissions.


The permissions on an EOS account are shown in any block explorer like bloks.io:
bloks.io showing owner and active permissions
bloks.io showing owner and active permissions

Genesis Account
An EOS account that was created on the EOS Mainnet at launch in June 2018.
s start with only ONE key for both OWNER and ACTIVE permissions.

BTC, ETH & LTC use
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
s as the account name.

With BTC, ETH & LTC you only have one permanent
Private Key
The private key is a type of “password” that matches the public key.
The only part of the PUBLIC / PRIVATE key pair you need to keep safe is the PRIVATE key.
that can never be changed.
This unfortunate situation forces a user to chose either:
  • Run the high risk of using
    Hot Keys
    Keys that have ever been on any computer which is then connected to the internet.
    in a
    Hot Wallet
    A crypto-currency wallet that is connected to the internet.
    .
  • Buy a popular
    Hardware Wallet
    Never remember a password again... A "hardware wallet" is a "hardware authenticator". It holds your keys.
    Blockchain as the Solution to the Insecurity of Passwords by block.one block.one News : Blockchain solution to the insecurity of passwords
    - Tutorial on changing your EOS owner and active keys using Ledger Nano S:
    Solution and run the risk of exploits being discovered in that specific security solution.
  • Use a complicated, expensive and cumbersome
    Cold Wallet
    A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
    solution.
EOS Usernames
Anyone on the EOS network can make a new 12 letter EOS Usernames made up of letter a-z and numbers 1-5.
Use eosnameservice.io to create a short accont name.
EOS runs a Name Bids auction for short account names.
allow for a permanent address to exist irrespective of the associated public key.

Having
Cold Owner Keys
Cold Keys that are set to a users owner permission.
in combination with
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
d tokens is a free solution which gives the advantages of a
Cold Wallet
A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
.

If the
Active Key
A key that is set as the active permission on an EOS account.
is compromised we can use the secure owner key to change the keys and take back control over an account.



Other levels of permissions can be added in addition to active and owner seen above.

Adding a safemode key can allow you to lock up staked EOS so it cannot be unstaked and taken if the active key is compromised.

🔏 Set Permissions

Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
can be set to
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
s or
EOS Usernames
Anyone on the EOS network can make a new 12 letter EOS Usernames made up of letter a-z and numbers 1-5.
Use eosnameservice.io to create a short accont name.
EOS runs a Name Bids auction for short account names.


Cold Key
Cold Keys are a key pair where the private key has not been used online.
If the private key is used and the account is accessed the keys are “HOT”.
To make an account use cold keys change the keys to the newly generated offline keys using the PUBLIC key of the new key pair. This method has most of the same advantages as a cold wallet system.
s must be generated using an offline computer and kept offline.
HOT keys can be generated on any machine.



Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
or
bloks.io
bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.
can set the permissions to an existing eos username or a
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
.
Change permissions using Scatter
Change permissions using Scatter
Scatter has documentaiton online on how to set a new key here:
https://support.get-scatter.com/article/80-updating-keys-for-permissions-using-scatter.

If using bloks.io or
eostoolkit.io
eostoolkit.io is a wbesite that provid es many tools to administer accounts including dApp staking and airgrabs.
make sure you have the correct permission selected for your account when you log in with scatter.
When changing the owner permission you must select the @owner account:
After changing the
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
in permissions, the matching
Private Key
The private key is a type of “password” that matches the public key.
The only part of the PUBLIC / PRIVATE key pair you need to keep safe is the PRIVATE key.
can be used to access the account.



🔐 OWNER and ACTIVE Keys
Owner and Active
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
can be set to a
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
or EOS username.
Owner and Active Keys are keys set to Owner and Active
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
.

There are many reasons why it can be usefull to have 2 key pairs.
An effective use of seperate OWNER and ACTIVE
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
is to use
Cold Owner Keys
Cold Keys that are set to a users owner permission.
:


COLD OWNER KEY

A
Cold Key
Cold Keys are a key pair where the private key has not been used online.
If the private key is used and the account is accessed the keys are “HOT”.
To make an account use cold keys change the keys to the newly generated offline keys using the PUBLIC key of the new key pair. This method has most of the same advantages as a cold wallet system.
used as
Owner Permission
The Owner Permission declares who has permission to change the owner permissions on an account.
.
A backup key created offline that should not be used.

HOT ACTIVE KEY

The key you use in your wallet.


Genesis Account
An EOS account that was created on the EOS Mainnet at launch in June 2018.
s and most newly created accounts use only one key for both owner and active permissions.

We can keep this existing key as the active key and create one new key pair to use as the new owner permission.

To benefit from a seperate cold owner key:
  1. Generate a new cold
    Key Pair
    Crypto accounts require a "cryptographic public/private key pair".
    Together the public and private key form the "Key Pair".

    The private key is the only critical part and can be used to generate the public key.
    .
  2. Change the
    Owner Permission
    The Owner Permission declares who has permission to change the owner permissions on an account.
    on your account to the newly generated
    Public Key
    The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
    It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
    The PUBLIC KEY validates the PRIVATE KEY.
    The PUBLIC key is used to set a new key as a permission on an EOS account.
    .
  3. Stake all or most of your tokens. Only the liquid (un-staked) balance can be taken if the account is hacked.
  4. Set up an alert on your accounts using eosauthority:
    eosauthority.com/alerts
If any un-authorized activity occurs we will be notified by the alerts. We can use the owner key to take back control over the account.

A system like
MFA / 2FA
Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two (2FA = 2 Factor Authentication) or more pieces of evidence. wikipedia : Multi-factor_authentication
, where you get sent a confirmation to another device before it is allowed to proceed, is possible with multi-signature permissons.
There is awesome power in EOS multi-sig permissions. It allows you to still be protected in the event of lost or stolen keys.


🍐 The Pairs of Pairs Name Problem
"Seperate owner and active keys" is not a good description.
Simply telling users to make 2 key pairs in not useful if they do not know what to do with them.
It must be explained that the second key is a backup key that should not be used.

Users have been confused by 2 key pairs :
  • Describing and understand having a pair of pairs.
  • The difference between owner and active keys
  • The difference between keys and permissions.
Easier language may emerge to describe this in the future.

I call a these "PAIR of PAIRS of Seperate owner and active key with a cold owner key" a pawapaw.
Short for:
" a PAir active keys With a seperate PAir of oWner keys"
which is itself short for:
" a PAir of a pair of active public and private keys With a seperate PAir of oWner public and private keys"


if "prickly pear" = a risky single key pair and
big "pawpaw" = a safe advanced permission solution with owner/active keys (pawapw). and
"claw" = hardware wallet
then this classic song makes perfect sense to explain things:
lyrics from "The Bare Necessities" song from "The Jungle Book"
🔐 safemode
safemode is the name of a custom sibling to Active Permission.

Using safemode will make it impossible for your someone with your Active key to unstake your EOS.
You can also add blacklist actions to this safemode permission to prevent other actions being performed using your Active key.

When correctly configured: Even if you were to give away your Active key to an attacker they will not be able to unstake your EOS tokens and liquidate them.

Your new safemode key should be kept offline and secure the same as your Owner key.

Follow the guide from EOS New York:

Steps can be found at https://medium.com/eos-new-york/your-eos-account-in-safe-mode-86ad99fd8c40
🧩 SECURITY using multi-sig.
MULTI-SIGNATURE group permissions are the most powerful solution to security.

Using multi-sig permissions allows you to apply several accounts or keys and apply a weighting. When implemented it can provide:
  • A complete solution to protect against lost or stolen keys.
  • MFA / 2FA
    Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two (2FA = 2 Factor Authentication) or more pieces of evidence. wikipedia : Multi-factor_authentication
    functionality.
  • much much more...
The permissions system that allows for multi-sig is integral to the way EOS works.



Please first see how permissions work and the main eos.io contract before you continue.

BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
s that run the network are assigned using this multi-signature permissions system.
The votes of staked EOS decides the top 21 BPs which you can see on the eosio contract permissions.
multi-sig allows 15 of 21 to approve changes to the network.



"Can I have my cake? yeah I'm gonna eat it too, me and the ... crew" crypto feez - crypto demons- feat eos san diego
Here is an example of a very basic group security solution we use in our DAG (DECENTRALIZED AUTONOMOUS GANG).

An Example of multi-sig with ggvoterproxy:
ggvoterproxy EOS account permissions:
ggvoterproxy EOS account permissions:

  • A cold owner key with a weight of 2 out of 2 required.
  • 3 users with a weight of 1 so any 2 can make a change if they agree.
We are protected from :
  • Loss of the owner key OR Loss of access to all 3 user accounts.
  • Theft of 1 user account.
With this setup we can handle loss of a key or theft of one user account.
The active permissions are set to allow any admin memebrs to make changes on their own.
We will not be storing EOS in this account and if a change is made we will be alerted by eosauthority and can fix it Our main goal is to protect keep ownership of the account. To increase security we can add more users or improve the security of each of the user accounts used (gainang.e, cryptofeezgg, communitydev) can each have advanced multi-sig security solutions.

The current permissions do not protect us against theft of the owner key. Or theft of two EOS accounts.
An alternative beta setup could be :
  • A cold key with a weight of 2 out of 3 required.
  • 3 users with a weight of 1 so they can make changes even if the key is lost.
We would be protected from :
  • Theft or loss of the owner key.
  • Theft of 2 accounts as 3 are now required to make a change.
This setup has same protection against a lost keys or 2 lost user accounts as the setup above. The advantage of the beta is it protects against changes from anyone gaining access to the owner key or two accounts. The minor advantage of the alpha method is that we can still change permissions even if we lose access to all 3 user accounts listed.


The power of @eosio.code: contracts allow even more to be done.
Contracts will allow for extra authentication to take place on transactions of specific types.
For example you could link an account to a contract that checks the amount of a transaction and insists on a 2FA check before allowing the transaction.

These functions are essential for many people to effectively use a crypto account.
Most people want to be able to lose keys, endure thefts and still have a good level of protection.
Correct use of permission, multi-signatures and contracts on EOS can acheive this.

These systems require a number of people ( over 50% ? ) to be vigilant and protect there keys and passwords well.
The previous systems have required either 100% ( in the case of crypto or holding cash or holding gold ) or 0.01% ( in the case of banking ). Please do your part :)
Get on telegram to ask us your quesitons and we will update this section.
As autonomous individuals we can form Groups that allow us to provide solutions.

MORE COMING SOON....

The benefits of this system will be passed on to the users of EOS as time goes on.

Currently multi-signature permissions are not well supported. You can use them now with:
📔 About This Handbook

Formats

eoshandbook.com is an offline .html file which works with and without javascript.
It provides the same information as a document and dynamically with questions and as an FAQ.

Video guides for each topic will be added as they emerge.

Audience

This critical information is for everyone. We aim to present it in a simple, accessible and non-boring way. Please help us improve this content if you can.

Purpose

To be a constantly updated resource to provide needed basic information on EOS accounts and security.

I saw questions being answered with partial explanations given with a declaration that there is much more to understand that cannot be explained quickly.
This resource was created to help explain basic aspects of EOS to new users. Thanks to the many who have given me positive feedback and support.

There are lots of static articles describing how to manage your EOS.
Things change quickly and the information in static documents can become outdated fast.

A common example is EOS articles telling people to use Scatter Chrome Extension even though it should never be used because it is not supported and has been replaced by Scatter Desktop.

Inspiration

Crypto Feez on youtube
"Cherish your health, love your family and protect that crypto!”

Blue Rock Talk with Connie Willis on youtube
20190206-🖖 CRYPTO CONNIE discusses the recent PASSWORD TRAGEDY!. [56:52]
Crypto Connie: “I would love a little handbook. A little rule book of all this stuff, you know;do this do that, if you have this many, this much crypto if you go over this get a
Cold Wallet
A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
if you’re here this is kind of safe to do this That would be a great thing for someone to write up.”

EOS Telegram Channel:
Ralph Lett, [26.02.19 05:24]
“Explain to me then how someone can steal your account if they get your
Owner Key
A key that is set as the owner permission for an EOS account.
?? Why the hell do we even have an
Owner Key
A key that is set as the owner permission for an EOS account.


Experiences

Trybe TV 2019-01-28
Trybe TV - Scam Alert. How my EOS account got hacked and how yours could too...
Matt from trybe shares why we should avoid:
storing private keys on our computer and having our owner key in a hot wallet.

Author

Written by Ham: EOS user communitydev


Donate to my account : communitydev
Use the MEMO field to say why you are donating or put requests for content or questions.

I am completely independent and so is eoshandbook.com. Donations will allow me to work on projects that benefit the EOS community and can be seen on the EOS blockchain here: communitydev.

Contact

To get support and ask questions about this resource:

email: [email protected]

Telegram:
Join the eoshandbook.com Telegram channel .

⛹What can be done with an EOS account?
EOS is a utility token. It is not something which is just meant to be owned.
Unlike other
Crypto
Usually refers to crypto-currency as a topic or your holdings of crypto-currency.
The root word means "hidden".
Crypto can be short for Cryptography, Cryptographic, a Crypto-Currency or Crypto-Asset.
EOS has several uses.

WARNING

EOS is NOT a useless virtual asset.

Holding EOS on an exchange to buy or sell it means you likely cannot use it at all!
If you need to use an exchange then use a
DEX
Decentralized EXchanges like BitShares are much more secure than regular exchanges. BitShares, for example, has never been hacked.
that will allow you to keep control of the EOS you own.

Air-Drop
An Air-Drop is a distribution of new tokens to existing EOS token holders. For example some tokens like BEAN were distributed 1:1 for EOS tokens held in genesis accounts.
and
Air-Grab
An Air-Grab is a token distribution model where account holders must initiate a "claim" contract action in order to receive a share of the token distribution.

Holding EOS in an account means you will get airdrops.
You will also get airgrabs if you claim them.

DEX
Decentralized EXchanges like BitShares are much more secure than regular exchanges. BitShares, for example, has never been hacked.
.

Decentralized exchanges allow you to hold your assets and also trade them.

dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
.

You can use EOS for dApps. dApps are run using Contracts on the network.
These are some sites that list dApps:
dappradar.com
dapp.com/
dapp.review

Account Management

EOS has 3 basic utility functions:
      Stake for CPU of NET.
      Purchase RAM.
      Purchase new accounts.
🚪How to get an EOS account.

To access your account you will need a
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
:


+How to Create another EOS account.
Default EOS name creation is currently limited to 12 characters long.

eos-account-creator.com

has a very easy to use interface to create a new account.

eosnameservice.io can create accounts with a short name.

eosnameservice.io will create a new account with the same permissions as the account that created it.
After creation you can change the
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
.
There are instrucitons here if you would like to generate your own keys:

If you already have an EOS account you can create more accounts and transfer ownership easily to anyone.
You can use use many
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.
s such as
Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
to generate keys and create a new account.

Scatter can make the account and give permissions to an existing account or create new keys:
Making a new account with Scatter
Making a new account with Scatter

Scatter has documentaiton online on how to make a new account here:
scatter support article : 33-creating-an-eos-account.
⚿ Transferring ownership of an EOS account:
To transfer ownership of an account you need to change the permissions.

The new owner needs an EOS account or provide PUBLIC KEYS to set as the OWNER/ACTIVE permission.

If you do not have an EOS account you can create a new PUBLIC KEY to easily gain ownership of an account.

Use the PUBLIC keys to set the permission.
OR you can
Use an EOS account name if the new owner already has an account.

Example - Getting a friend an EOS account:
Bob has an EOS account and Sue does not.
Sue has no EOS and wants to purchase EOS or is being gifted some EOS from Bob.
Sue creates an owner and active key pair.
She gives Bob the two PUBLIC KEYS. The ACTIVE and OWNER public keys are safe to transmit anywhere.
Bob makes a new account or changes an existing account to have the new ACTIVE and OWNER public keys Sue has provided.


Example – Getting EOS off an exchange with the help of an existing EOS user:
Bob has an EOS account. Sue has some EOS on an exchange but no account.
Bob agrees to make Sue an account.
Sue makes a public/private key pair with https://eospaperwallet.org/ .
Sue sends Bob a telegram message with the PUBLIC KEY.
Then in either order:

Sue: transfers some EOS to Bob’s EOS account from an exchange to pay for the account creation.
Bob: sets the OWNER key for the account to the new key.
If both parties trust then either way is fine.
If Sue trusts Bob: she acts first, if Bob trusts Sue he can act first,
If there is no trust between Bob and Sue a third trusted party (Dave) can be used.

Dave can confirm he is holding the EOS before the account is created by Bob and then confirm Bob has transferred ownership to Sue before handing over the EOS cost for account creation.
📖 Glossary

5G
5G is the 5th Generation of mobile phone telecommunications using frequencies above 24 GHz. It is weaponized technology. It is not safe to use. Bee-aware of 5G. So you don't know about 5G
Active Key
A key that is set as the active permission on an EOS account.
Active Permission
Declares who has permission to use the account. Restricted to performing actions and changing active permissions.
Only users with OWNER PERMISSION can change the owner permissions.
Air-Grab
An Air-Grab is a token distribution model where account holders must initiate a "claim" contract action in order to receive a share of the token distribution.
Air-Drop
An Air-Drop is a distribution of new tokens to existing EOS token holders. For example some tokens like BEAN were distributed 1:1 for EOS tokens held in genesis accounts.
Allegedly
Allegedly means none of this is true, it has only been alleged. It has all been alleged by some unknonw person. Everything here is allegedly.
Asymmetric Cryptography
Asymmetric Cryptography is another name for Public-key cryptography. more info and descriptive images @ wikipedia : Public-key_cryptography
Authenticator
Authenticators are the programs that allow you to authenticate a transaction. For example to authorize an account to send funds you will need an authenticator with the appropriate private key for the account.
Authenticators are often provided as "wallets".
bloks.io
bloks.io is a web site that provides a Block Explorer for the EOS Mainnet , "Wallet" account functions and more.
Block Explorer
A Block Explorer is a viewer information on a blockchain. There are many EOS block explorers:
bloks.io is a block explorer that features wallet and DEX functionality.
eosauthority.com is a website that provides a wallet, block explorer and much more.
eosflare.io is just a block explorer.
BP
A Block Producer. One of the producers of blocks that make up the blockchain of the EOS network.
Brain Key
Another name for a password you remember and so do not need to keep written down.
Chestahedron
The Chestahedron is the symbol for EOS:
It is the first heptahedron of this configuration in the history of geometry.
Created by Frank Chester
Claim
A Claim is a contract actions. It is used to get dividends or new tokens being dropped.
CLEOS
CLEOS stands for Command Line EOS. It is a command line wallet for use with EOS. It allows for the most advanced functionality or creating precise transaction commands. Also because it is a command line interface it can be used for running scheduled events , e.g. voting every 7 days to avoide vote decay.
eos.io cleos docs
Cold Key
Cold Keys are a key pair where the private key has not been used online.
If the private key is used and the account is accessed the keys are “HOT”.
To make an account use cold keys change the keys to the newly generated offline keys using the PUBLIC key of the new key pair. This method has most of the same advantages as a cold wallet system.
Cold Owner Keys
Cold Keys that are set to a users owner permission.
Cold Wallet
A Cold Wallet allows you to keep your keys cold by signing transactions offline. See more on the sections on Cold Wallets.
Crypto
Usually refers to crypto-currency as a topic or your holdings of crypto-currency.
The root word means "hidden".
Crypto can be short for Cryptography, Cryptographic, a Crypto-Currency or Crypto-Asset.
Cryptography
There are many kinds of cryptography.
wikipedia : Cryptography: "the practice and study of techniques for secure communication in the presence of third parties"
The Cryptography we are concerned with here is one that uses PUBLIC/PRIVATE KEY PAIRS.
Cryptographic Algorithms
The one way cryptographic algorithms are mathematical functions that gives us different types of PRIVATE/PUBLIC key pairs. They are based on complex mathematics few understand.
crypto-currency
Short for Cryptographic Currency.
The kind of Cryptography we are concerned with is one that uses PRIVATE KEYS.
The one way cryptographic algorithms that gives us PRIVATE/PUBLIC key pairs are based on complex mathematics few understand.
DAC
Decentralized Autonomous Collective or Decentralized Autonomous Community or Decentralized Autonomous Corporation
DAG
Decentralized Autonomous Governments or Decentralized Autonomous Gangs like the GainGang.
dApps
dApps are Decentralized Applications.
EOS dApps are the Applications that run on the EOS network.
You can see a lists of active dApps at:
dappradar.com
dapp.review
Decentralized
One central point of authority in a system makes it 100% centralized. Two centers of authorities in a system makes it twice as decentralized.
DEX
Decentralized EXchanges like BitShares are much more secure than regular exchanges. BitShares, for example, has never been hacked.
eos.io
github.com/EOSIO is the open source software that runs the eos blockchain.
EOS Authority
eosauthority.com is a wbesite that provides a wallet, block explorer and much more.
EOS Usernames
Anyone on the EOS network can make a new 12 letter EOS Usernames made up of letter a-z and numbers 1-5.
Use eosnameservice.io to create a short accont name.
EOS runs a Name Bids auction for short account names.
eostoolkit.io
eostoolkit.io is a wbesite that provid es many tools to administer accounts including dApp staking and airgrabs.
Gang
A gang is a group of people, the same as a community. Corporations, countries and companies are all gangs.
Genesis Account
An EOS account that was created on the EOS Mainnet at launch in June 2018.
Google Play credit
A lucrative scam where google makes 30% of all transactions. Google play is one of the worst ways to pay for anything and the most popular service in the world for money laundering. Allegedly.
Hardware Wallet
Never remember a password again... A "hardware wallet" is a "hardware authenticator". It holds your keys.
Blockchain as the Solution to the Insecurity of Passwords by block.one block.one News : Blockchain solution to the insecurity of passwords
- Tutorial on changing your EOS owner and active keys using Ledger Nano S:
Hot Keys
Keys that have ever been on any computer which is then connected to the internet.
Hot Wallet
A crypto-currency wallet that is connected to the internet.
Key Pair
Crypto accounts require a "cryptographic public/private key pair".
Together the public and private key form the "Key Pair".

The private key is the only critical part and can be used to generate the public key.
Keys
Your private keys you hold for your crypto accounts are commonly refered to as your " keys".
The only part of key pairs you NEED is your PRIVATE key because a public key can be regenerated from a private key if lost.
KYC
KYC = Know Your Customer
It means having confirmation of the identity of an account holder. Accounts on networks that require KYC are not anonymous.
MFA / 2FA
Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two (2FA = 2 Factor Authentication) or more pieces of evidence. wikipedia : Multi-factor_authentication
Multi-Sig
Multiple-Signature Permissions: Multiple accounts must agree/sign to confirm a transaction. For example. With multi-sig we could make an account where 5 users must agree in order to make any change. Or we could have system where if 3 out of 5 agree, then they can perform a transaction. helpdesk.eostoolkit articles : Multisig-Tutorial
myeoswallet.one
myeoswallet.one is made by AtticLab.
MY EOS WALLET offers a free, open-source, client-oriented interface for transferring EOS & Tokens.
Owner Key
A key that is set as the owner permission for an EOS account.
Owner Permission
The Owner Permission declares who has permission to change the owner permissions on an account.
Permissions
Declare who has access to an account. Permissions can be set to public keys or to EOS usernames.
POS
POS stands for Proof of Stake, the next generation of crypto-currencies like EOS and the new POS style Ethereum. Consensus is acheived through voting with staked tokens on the network.
POW
POW stands for Proof of Work, the first generation of crypto-currencies like Bitcoin and old Ethereum used this method. Consensus on the network was acheived through hashing work done by nodes on the network.
Public Key
The PUBLIC KEY is visible to everyone on the blockchain. It is not secret.
It does not matter if you lose the PUBLIC KEY. It can be generated again from the PRIVATE key if you lose it.
The PUBLIC KEY validates the PRIVATE KEY.
The PUBLIC key is used to set a new key as a permission on an EOS account.
Private Key
The private key is a type of “password” that matches the public key.
The only part of the PUBLIC / PRIVATE key pair you need to keep safe is the PRIVATE key.
Resources
In EOS Resources refer to RAM, CPU or NET. RAM is bought and sold. CPU and NET are gained by staking EOS.
Some actions like claiming airdrops use RAM. Transferring tokens use CPU. The amount of CPU taken for a transaction is fixed but the CPU you get for your staked EOS depends on how busy the network is.
REX
REX allows you to lend EOS tokens and maintain ownership and voting rights.
Scatter
Scatter is a multi-chain wallet. get-scatter.com.
It works on EOS and other chains.
Scatter wallet is the EOS authenticator we recommend.
Side Chain
Side Chains are blockchains that run modiied version of the eos.io software
Sister Chain
Sister Chains are chains other than the EOS MAINNET that run the eos.io software.
Stake
Stake tokens to lock them up. When staked they cannot be moved. To move the tokens Unstake them.
Often staked tokens receive dividends, aka passive income.
There may be wait time to unstake tokens.
Symmetric-Key Cryptography
Symmetric-Key Cryptography uses the same password to encrypt and decrypt data.
TELOS
TELOS is an EOS sister chain that uses the TLOS token.
This handbook supports EOS sister-chains because they works pretty much the same EOS.
If there are any differences emerge this guide will try to inform you in the appropriate sections.
Unstake
Unstake to unlock staked tokens.
There are often wait periods like 24 hours or 3 days to unstake tokens this can help protect tokens from being stolen if an account is compromised.
Wallet
Crypto Wallets are not like physical wallets.
The term "Wallet" is ambiguous. Wallet can have several different meanings. Things will be less confusing if we have different names for them.

1. Wallets that store your keys are called AUTHENTICATORS instead of wallets. e.g. hardware wallets.
2. Wallet that provide EOS account management in the form of apps and web sites.

For now EOS account managers appear to be called "wallets".
These account managers are not like the authenticator kind of wallet. For example a Hardware Wallet that acts as an "authenticator" and does not provide account management functions.