"Complecated ,but Safe."
This is the fudamental thought of this sytem even though Complexity & Safety are trade-off relationship, However, security is much important portion to deal crypt-currency ,so I considered how they go together,over and over again.
In this service,the most crical point for security is when tipping nem which is key functon of nemlog. In nemlog,Special "QR-key" is contributed to enhance security ability, and user need to load this QR-key when tipping nem. so user need to create & load this file & this is little bit complecated, but it is important in order to use nemlog with safely tipping.
This QR-key includes encripted private key & detail explanation is following. Following 2 information are reuired when sending nem.
(1).Destination nem wallet address
(2).Your private key
Basically, you require just these 2 information ,so if you steal your private key ,nem sending can be allowed from your wallet by using the key. Needless to say,It is safe that only you manage your key & no one knows your key ,but the key must be required when sending... If you will face currency sending service without private key input,it means the service has your key in their database and all key information will be exposed if their system hacked.
To reduce potential of this crisis, nemlog does not have any key information in its database. so user need private key input in nemlog when tipping ,but row private key input is not so good strategy even if nemlog is using SSL communication.
Following is summary of nemlog security.