Author Topic: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)  (Read 2783 times)

0 Members and 1 Guest are viewing this topic.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12549
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #30 on: December 18, 2015, 08:32:30 pm »
is this re-enabled yet Xeroc.  I was hoping to play with it help test a little bit today.
I just noticed your first trial of this service and you ran into an edge case that I probably need to check on registration to make the users aware of it.
You probably wondered why your transaction went through though you have just made a simple transaction (no proposal) and Peermit did not need to approve it.
The edge case is a result of founder accounts having an identical OWNER and ACTIVE key.

so:
- the owner key of puppies is the owner key of puppies-secured (as it should be as per our definition)
- the active key of puppies is IDENTICAL to its owner key (that shouldn't be the case for newly created accounts)
Hence, whenever you transfer funds from puppies-secured, your wallet knows about the OWNER key and thus OVERWRITES any active authority requirements (as it should be)

If you puppies active key wasn't identical to the owner key, the transfer signature wouldn't be sufficient to transfer funds, you would get a "missing active authority" warning and would require to PROPOSE the transfer .. only then will I see a proposal an send you a mail

Makes sense to you?
Hopefully this issue can a) be address by checking the keys on registration and sending out a mail and b) by changing the active key of your original account (which will soon be available as a simple button click)
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline puppies

  • Hero Member
  • *****
  • Posts: 1660
    • View Profile
  • BitShares: puppies
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #31 on: December 18, 2015, 09:10:30 pm »
is this re-enabled yet Xeroc.  I was hoping to play with it help test a little bit today.
I just noticed your first trial of this service and you ran into an edge case that I probably need to check on registration to make the users aware of it.
You probably wondered why your transaction went through though you have just made a simple transaction (no proposal) and Peermit did not need to approve it.
The edge case is a result of founder accounts having an identical OWNER and ACTIVE key.

so:
- the owner key of puppies is the owner key of puppies-secured (as it should be as per our definition)
- the active key of puppies is IDENTICAL to its owner key (that shouldn't be the case for newly created accounts)
Hence, whenever you transfer funds from puppies-secured, your wallet knows about the OWNER key and thus OVERWRITES any active authority requirements (as it should be)

If you puppies active key wasn't identical to the owner key, the transfer signature wouldn't be sufficient to transfer funds, you would get a "missing active authority" warning and would require to PROPOSE the transfer .. only then will I see a proposal an send you a mail

Makes sense to you?
Hopefully this issue can a) be address by checking the keys on registration and sending out a mail and b) by changing the active key of your original account (which will soon be available as a simple button click)

Thats what I figured.  Thats why I did the 1k bts test back to dele-puppy. I have now adjusted the owner key of puppies-secured to a cold private key.  Now the fun testing begins.  I am not exactly sure how to use your python class, but the trial and error is about to begin.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline puppies

  • Hero Member
  • *****
  • Posts: 1660
    • View Profile
  • BitShares: puppies
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #32 on: December 18, 2015, 09:26:52 pm »
Got it.  Had to do two attempts.  I was too slow to get it done in 60s the first time.  Absolutely awesome work xeroc.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline abit

  • Committee member
  • Hero Member
  • *
  • Posts: 3137
    • View Profile
    • Steemit Blog
  • BitShares: abit
  • GitHub: abitmore
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #33 on: December 19, 2015, 12:28:17 pm »
No email still..
BTS account: abit
BTS committee member: abit
BTS witness: in.abit

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12549
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #34 on: December 20, 2015, 07:58:05 am »
No email still..
I have noticed that google didnt accept my mail for some policy reason but thought it was delivered by now. I'll take look at the logs when back.

In the meantime there should be an account created with your username+"-secured".
before using it check that the owner key is the same and that the active permissions are ok .. you can also take a loom at the history of peermit-reg to find the proper account.

Sorry for the troubles
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline abit

  • Committee member
  • Hero Member
  • *
  • Posts: 3137
    • View Profile
    • Steemit Blog
  • BitShares: abit
  • GitHub: abitmore
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #35 on: December 20, 2015, 01:17:27 pm »
No email still..
I have noticed that google didnt accept my mail for some policy reason but thought it was delivered by now. I'll take look at the logs when back.

In the meantime there should be an account created with your username+"-secured".
before using it check that the owner key is the same and that the active permissions are ok .. you can also take a loom at the history of peermit-reg to find the proper account.

Sorry for the troubles
Yes, I noticed the new account created and tested with it before post above, but if I understood correctly without notification email I can't confirm my transfer (the 2nd step). Made one more test just now but haven't got any email yet as well.
Thanks.

Code: [Select]
abit-2fa-secured Created a proposal  3 minutes ago
abit-2fa-secured Created a proposal  yesterday
« Last Edit: December 20, 2015, 01:25:30 pm by abit »
BTS account: abit
BTS committee member: abit
BTS witness: in.abit

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12549
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #36 on: December 21, 2015, 07:22:10 pm »
[member=18687]abit[/member]: This is odd .. in the beginning I received a lot of these from google:

Code: [Select]
Dec 15 14:54:35 panel postfix/smtp[9737]: 116C36320FF: to=<[email protected]>, relay=alt1.gmail-smtp-in.l.google.com[74.125.130.27]:25, delay=380, delays=376/0.01/2/1.6, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[74.125.130.27] said: 421-4.7.0 [176.9.234.163      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. 66si2081703pfo.92 - gsmtp (in reply to end of DATA command))                           
Dec 15 15:04:36 panel postfix/smtp[12130]: 1C8E2632105: to=<[email protected]>, relay=alt1.gmail-smtp-in.l.google.com[74.125.130.27]:25, delay=970, delays=966/0.01/2.6/1.2, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[74.125.130.27] said: 421-4.7.0 [176.9.234.163      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. w69si905571ywd.223 - gsmtp (in reply to end of DATA command))                       
Dec 15 15:04:37 panel postfix/smtp[12129]: 116C36320FF: to=<[email protected]>, relay=alt1.gmail-smtp-in.l.google.com[74.125.130.27]:25, delay=981, delays=977/0.01/2.8/1.7, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[74.125.130.27] said: 421-4.7.0 [176.9.234.163      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. i128si902472ywf.271 - gsmtp (in reply to end of DATA command))     

but later on I get
Code: [Select]
Dec 15 15:24:33 panel postfix/smtp[14942]: 1C8E2632105: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.65.27]:25, delay=2166, delays=2166/0.01/0.13/0.78, dsn=2.0.0, status=sent (250 2.0.0 OK 1450189473 b8si2259459wjx.62 - gsmtp)                                                                                                                 
Dec 15 15:24:33 panel postfix/smtp[14941]: 116C36320FF: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.65.27]:25, delay=2177, delays=2177/0.01/0.14/0.78, dsn=2.0.0, status=sent (250 2.0.0 OK 1450189473 v9si2220041wje.152 - gsmtp)                                                                                                                 
Dec 18 20:34:08 panel postfix/smtp[16107]: 217266320E0: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.65.27]:25, delay=1.2, delays=0.04/0.05/0.18/0.96, dsn=2.0.0, status=sent (250 2.0.0 OK 1450467248 d10si27790295wje.120 - gsmtp)                                                                                                               
Dec 18 20:34:18 panel postfix/smtp[16107]: AEC596320E0: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.65.27]:25, delay=0.32, delays=0.04/0/0.1/0.17, dsn=2.0.0, status=sent (250 2.0.0 OK 1450467258 n10si27832541wja.51 - gsmtp)                                                                                                                   
Dec 19 13:09:02 panel postfix/smtp[28477]: AC5A36320E2: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[74.125.24.27]:25, delay=1.2, delays=0.19/0.04/0.24/0.76, dsn=2.0.0, status=sent (250 2.0.0 OK 1450526942 g66si20131631wmf.82 - gsmtp) 

It says that google took the mail and deliver it.
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline abit

  • Committee member
  • Hero Member
  • *
  • Posts: 3137
    • View Profile
    • Steemit Blog
  • BitShares: abit
  • GitHub: abitmore
Re: [Ann] Peermit.com - 2FA for BitShares (early beta for advanced users)
« Reply #37 on: December 21, 2015, 08:25:32 pm »
Hmm.. I checked again and found them at last.
I'm automatically forwarding all mails to that address to another mailbox, however gmail filtered the mails as spam and didn't forward them for me, so they are left in the spam folder of the original address. Annoying. I added a few new filters just now, wish it helps.

Thanks for your help  +5%
BTS account: abit
BTS committee member: abit
BTS witness: in.abit