Dear @jacobgadikian, @megadrive, @ericet, @michelangelo3, @condeas,
now a few months have passed on BLURT, and the stake in our wallets has grown.
This makes the issue of "security" even more important.
There is also the fact that after HF3, the powerdown period will only be 4 weeks. This brings a little more insecurity.
After the fork from Steem, recovery accounts could not be automatically entered in our BLURT accounts, because most accounts would have had Steemit written there.
Thus, in our BLURT-Accounts the field "recovery account" is empty.
@ericet was so helpful and built a little tool that we can use to determine a recovery account.
But as my information stands, there is no function yet to be able to recover an attacked account as well.
Now I have a few questions. The answer to my first question is the most important to me.
Would the founders or/and developers be able to recover an attacked account in which the field "recovery account" is empty? And would they do it as a help for the owner of the account?
In the case that 1) is not possible, how should a compromised account be recovered?
Are there any plans to implement the account recovery feature with HF3?
Are there any plans to implement an additional idendification (2FA) because of the shorter power down period after HF3?
One other supplemental question:
@condeas gave me the following idea through a comment, and I would be very interested in your opinion. The question is whether I could substantially increase security through a construct of delegation.
For example:
- I create a second account.
- I power down with my main account.
- I transfer all BLURT to my second account.
- From my second account I delegate all BLURT to my main account.
Would both accounts then be much more secure against attacks because my main account has only a delegation and my second account has all BLURT assigned as delegation?
Thank you very much for your attention and I am looking forward to your answers.
Best regards, @double-u
Here is a tool that @ericet already created to change recovery accounts https://ericet.github.io/BlurtAccountRecovery/ but remember if your recovery account ever gets compromised and you land up changing the password on any other account that uses it as a recovery account, then the attacker can gain access to that account too.
Also recovery accounts lead to vulnerabilities with 3rd party apps, say for example there comes along a new app called blurtgame, this app gives away free accounts and by default makes blurtgame the recovery account, the uniforned user has no idea of this or the implications.
Then one day blurtgame sells its app to another party, who is not a good actor, now the bad actor is the recovery account for many users that created accounts via its service, each time a user changes their password for whatever reason, since it is the recovery account, blurtgame can, in the next 30 days, recover that person's account and lock them out of it and steal the funds.
As @jacobgadikian said to me earlier, account recovery is a gimmick to make users feel safe where in fact there are many pitfalls "gotchas" that can catch out the users if they are not diligent.
Bitcoin for example does not have recovery accounts, so it has less attack vectors. I like to keep my BTC split between 3 wallets, so if I lose access to one I don't lose all my funds.
While on the topic of storing BTC, I would like to plug my favorite wallet:
https://opendime.com/
Opendime makes your BTC physical. If your opendime doesn't get stolen, it's yours. Same risk profile as physical cash or gold. strongly recommend.
Hi @megadrive,
first of all thank you very much for your answers!
I'm just talking to Jacob now and may have some feedback for you later.
So, sir! Should we make another account and split our BP or liquid blurt in both accounts? In that way, our voting power will go down, hence curation reward.
Hallo Werner
Von der Logik her finde ich es gut wenn man ein neues Konto erstellt diese Keys nach dem erstellen sofort erneuert und dann an das Hauptkonto eine Delegation macht .
Das Konto mit dem man Arbeitet und den Aktiv Key oft nutzt muss nicht so dick bestückt sein mit Blurt !
VgA
Dem stimme ich zu :-)
Wenn dies der Fall ist wegen 2nd account, ist dies nur für die Großinvestoren sinnvoll, für die kleinen Fische jedoch wahrscheinlich nicht, da die Delegierung eines Teils seines BP weniger Voting Power und weniger rewards bedeuten würde.
Sicherlich nur für große Accounts ich muss mir da keine Gedanken machen
Lololol!... ich auch nicht, willkommen im Klub.
Useful question and answers (in the comment section). Worth reading.
At last got one post in my feed which actually real blurt-related post. Thank you.
I had a few of the questions in my mind. Thanks to you, got a few answers.
Wao everything that has been commented in this publication is interesting. It is good to know these things and that they are working to improve. Creating another account and delegating seems like a good idea. I definitely always learn something from your posts. :)
I'm very pleased! Thanks!
Hello @ double-u. I will not be able to be in your publication because I will be preparing everything for the end of the year dinner, however from now on I want to thank you for all the support in this year 2020 to me and wish you the best for next year, that you achieve all your goals and that May you and your family be blessed and enjoy much life and health. Receive a big hug from Venezuela from me and my family.
Thanks for everything and Happy New Year.
With Recovery Accounts missing it is more important to change your keys. I have now 3 diffrent keypairs ,1 for each chain.
I dont know if Recovery Accounts are realy a Security Risk @jacobgadikian but i am not a developer.
On the one hand it feels good to know there is still someone I can turn to if I have made a really big mistake.On the other hand what do I do if that person is no longer active and I can't reach them.We all know how quickly it can happen that someone is no longer active.
Possibly it could solved better with a 2 factor authentication ,which would mean however surely a quantity expenditure.
So, this debate is in fact why I don't get into this stuff publicly much.
Math isn't up for debate my friend :pray:
Merry Christmas Sir
Interesting question and topic.
were can we see the set recovery account. I guess mine must be steem then
when we use ericet's tool to change our recovery account, we need our master password. Is it safe to use it there or should be better change the master password after using it in that 3rd-party tool?
Congratulations, your post has been curated by @r2cornell-curate.
Also, find us on Discord (https://discord.gg/BAn2amn)
https://discord.gg/BAn2amn
Thanks @double-u, here are some brief answers
A: If the recovery account is empty, I do not believe it can be recovered by anyone, the idea was that people be responsible for setting their own recovery account and no central entity being responsible for it. I do think there needs to be some training on how to set this, so maybe someone can do a post and we can feature it.
A: There is no way currently to recover if user has not set a recovery account
There is already an account recovery feature on chain, just need to create a user interface so non-devs can use it, currently if you are the recovery account owner you can recover keys for people only if their password has been changed in the last 30 days I believe. Thereafter no more recoveries possible.
A: this is not really compatible with blockchain technology as it will rely on a third party 2FA app that could go rogue, the chain needs to be self-sovereign so needs to have little interdependence with external systems.
The best advice is to split your stake into multiple accounts, set recovery account for all to another dormant account whose keys never key used on any interface, You can delegate all your stake to your main account from the separate accounts and can set a witness voting proxy to main account for each.
I will also talk to @ericet about a recovery UI tool.
Disagree on splitting stake it's not necessarily the best practice. Best practice will be determined by his unique circumstances.
It might be best.
Hi @megadrive,
first of all thank you very much for your answers!
I'm just talking to Jacob now and may have some feedback for you later.
Hi @empato365,
but, I did write that I mean we currently do not have a feature implemented that can be used from the recovery account to recover the attacked account.
I just saw that you have not entered a recovery account either.
I view recovery features as a security risk, and I want to talk to you directly about all matters discussed here.
If there is stuff on the chopping block, certainly to me, recovery is one of the things on the chopping block. But that won't happen soon.
Can we please set up a time to talk?
These are all very good points and I'd like to discuss them with you at length.
The super short version be like:
Last week I ran our key privilege stuff by a cryptographer-friend and his feeling was the same as mine.
BIP39 is better, and the privileges make no sense.
But we won't be moving to bip39 on blurt, there is no practical way to do it.
Hi Jacob,
unfortunately I do not understand this expression "chopping block".
Do you not want to discuss these issues here publicly?
EDIT:
Maybe I also misunderstood ...
I will be back here in 12 hours. Thank you!
Is that good for you?
Very important questions! I am very curious about the answers. I am surprised to hear that the POWERDOWN will be shortened to 4 weeks.
It's a matter I'm personally ambivalent on, but ultimately supported.
Now I am wondering if it can be parameterized, like our fees.
Security is so important at this point.
Since this platform was built from steemit, and we didn't steal it, but was with the support of steemit administration team, our administrative team should highlight the harms steemit fork would cause us and work out modalities on how to do it in a way to favour us as well.
Looking into the issue of recovery account, I believe @megadrive is on top of his game, he'll not let us down. We equally have people like @jacobgadikian,@ericet, at el, we're sure of the platform's safety. All we need do is to join hands to give them the necessary support to get it done.
The questions are very important and the answers can also determine the interest of new investors.
Everyone wants to invest when on a safe platform.
I am di sure the founders @jacobgadikian and @megadrive are also ck concerned about the funds of investors. So they would have been making some plans to ensure the security of an investor's fund.
All dvelopers hand are on deck, i know.
I hope @jacobgadikian or @megadrive will give you a warm answer.
@double-u sirI could not post on Blatter for a few days due to illness. I am very happy to post today and I like your post very much sir. And thanks for sharing this post with everyone, sir.