2 years ago
Hello everyone, I urgently require your assistance. We've been developing a web3 application and have been utilizing a Railway server to store our private keys within the environment variables. We now need to investigate if our server has been compromised, as it's the sole location where we've stored our private key.
12 Replies
2 years ago
If you've just used your private keys in environment variables through Railway's UI, they cannot have been leaked
2 years ago
You should have two factor authentication on your Railway account
2 years ago
Railway cannot provide logs for account logins
2 years ago
the only information about logins would be here
is there any way I can check is there any other account that has the access?
2 years ago
the page shows you every device that's logged into your account
2 years ago
I will say, the likeihood that someone got into your Railway account is incredibly low. It is much more likely that you leaked the creds some other way
2 years ago
Public Github repo is the most common mistake