The wallet is NOT stored on the server, you cannot be compromised when the server gets hacked. You should delete the keys in the browser local storage though, when you do not intend to use this web wallet again.
EDIT: Only when the server publishes malicious code, and you continue to use this web wallet, you're in danger.
that's my point ... if the hosted server get compromised then we are in danger... As I understand it only if we login after the compromise.... (if we don't login anymore after the compromise we are safe)
Theoretical could the owners of openledger.info collect all private keys right now and use them in future when our market cap is big enough?(assuming it is "compromise" from the beginning? ) Using openledger and their hosted wallet means we 100% trust the openledger owners? Right?
I don;t think that's how the security concern works. All keys are stored locally on your computer and never get relayed over the network connection.
When you visit the host site, it tells your computer to run this small program:
https://github.com/bitshares/bitshares-2-ui/releasesThe security concern is if the hosting site were to change the JavaScript code it feeds you when you visit the site to a different script, you would then run that program instead of the web-wallet you thought you were going to; that could then be some malicious key grabber but you could always just read the code every-time you access the site.
if you download the program (web-wallet) directly, you just just run it from your computer and there is no longer a concern as you no longer run a script of the web-server. There is little advantage to this over the standard light wallet though IMO.
The other connection involved the the web socket that supplies the blockchain state - you could store this locally as well by running a witness, although this should not have any access to any part of your accounts/keys and simply relays the blockchain from a remote witness node.
There is no way for the wallet host to be "collecting keys" unless it is currently written in the JavaScript (which I admittedly have not read).
Disclaimer: I don't necessarily know what I am talking about but this is how I understand it to work.
Edit: sorry, I missed "compromised from the beginning" so yeah you have the right idea but you dont have to trust them 100%, you can just read the code they are feeding you