Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: If account names are not transferable, what happens when wallet is compromised?  (Read 610 times)

0 Members and 1 Guest are viewing this topic.

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile

What if I discover that I had a key logger on my hot wallet machine.  My wallet can no longer be trusted so I create a new one.  Is there a way to move the account names to my new wallet, or are they lost to humanity forever?

Offline emski

  • Hero Member
  • *****
  • Posts: 1283
    • View Profile
    • http://lnkd.in/nPbhxG
I don't see what you can do for the username unless functionality to create new owner keys is created.
Which will essentially enable account trading.

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile
So that means any compromise, or suspected compromise of my wallet results in loss of my account names forever?

Isn't that a problem, if people out in the world still have my account name and are sending money to it?

Should I only use account names on cold storage?

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12339
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BTS: xeroc
  • GitHub: xeroc
you can move the wallet backup JSON file and import it there ... a keylogger alone does not compromise your funds. .

an attacker needs the passphrase AND the wallet .. .. in that case you can only safe your funds .. not the names ..
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12339
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BTS: xeroc
  • GitHub: xeroc
So that means any compromise, or suspected compromise of my wallet results in loss of my account names forever?

Isn't that a problem, if people out in the world still have my account name and are sending money to it?

Should I only use account names on cold storage?
you should:

have one major account name ie "foobar" (in coldstorage !!! )

you only work with subaccounts .. ie. main.foobar .. home.foobar .. wife.foobar ..
lost keys there can be "updated" (in some sense)
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline toast

Compromised accounts should be revoked, once we build that feature

Sent from my SCH-I535 using Tapatalk

Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline fluxer555

  • Hero Member
  • *****
  • Posts: 745
    • View Profile
If BM and the dev team really don't want account transferring, perhaps they could implement an 'account burn' feature, which allows you to permanently disable an account from sending/receiving/transacting. Any person attempting to send this account funds would get their funds sent back, with the memo that the account burner used in their burn transaction.

On second thought, maybe the memo feature would be too useful to an account hacker, eg "btercom has a new address, please send funds to xxblademasterxx for all future deposits instead."

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile
you can move the wallet backup JSON file and import it there ... a keylogger alone does not compromise your funds. .

an attacker needs the passphrase AND the wallet .. .. in that case you can only safe your funds .. not the names ..

A keylogger implies access to your computer which means access to the wallet and the wallet should be assumed to be compromised.

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile
Compromised accounts should be revoked, once we build that feature

Sent from my SCH-I535 using Tapatalk

How would that work?  Would the revoked account name be lost forever?

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile
So that means any compromise, or suspected compromise of my wallet results in loss of my account names forever?

Isn't that a problem, if people out in the world still have my account name and are sending money to it?

Should I only use account names on cold storage?
you should:

have one major account name ie "foobar" (in coldstorage !!! )

you only work with subaccounts .. ie. main.foobar .. home.foobar .. wife.foobar ..
lost keys there can be "updated" (in some sense)

Sub accounts?  Where do I learn about those?  Can I create those already in the client?

That seems like perhaps the best that can be done.  Cold storage for the main account and then sub accounts which cannot be stollen without access to the main account for hot storage.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12339
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BTS: xeroc
  • GitHub: xeroc
agreed.

however there are also physical keyloggers .. that do have access to your keyboard only
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12339
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BTS: xeroc
  • GitHub: xeroc
Sub accounts?  Where do I learn about those?  Can I create those already in the client?
If you own "bar" you can create AND register ie "foo.bar"
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline fussyhands

  • Full Member
  • ***
  • Posts: 106
    • View Profile
Sub accounts?  Where do I learn about those?  Can I create those already in the client?
If you own "bar" you can create AND register ie "foo.bar"

Interesting.  And no one else can register foo.whatever?

And I can spend from foo.bar on my hot wallet, even while the keys that secure it the name are only stored on my cold wallet?

How does that work?

Offline toast

If BM and the dev team really don't want account transferring, perhaps they could implement an 'account burn' feature, which allows you to permanently disable an account from sending/receiving/transacting. Any person attempting to send this account funds would get their funds sent back, with the memo that the account burner used in their burn transaction.

On second thought, maybe the memo feature would be too useful to an account hacker, eg "btercom has a new address, please send funds to xxblademasterxx for all future deposits instead."

When you revoke an account it would make everyone else's wallet be super paranoid about that account. That is better than being able to transfer which makes compromises deadly.

In your example, the memo field could be crossed out in red with a tooltip "this account is revoked - do not trust any interactions with this account", and disable transferring at the wallet level.
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline bitcoinerS

  • Hero Member
  • *****
  • Posts: 592
    • View Profile
If BM and the dev team really don't want account transferring, perhaps they could implement an 'account burn' feature, which allows you to permanently disable an account from sending/receiving/transacting. Any person attempting to send this account funds would get their funds sent back, with the memo that the account burner used in their burn transaction.

On second thought, maybe the memo feature would be too useful to an account hacker, eg "btercom has a new address, please send funds to xxblademasterxx for all future deposits instead."

When you revoke an account it would make everyone else's wallet be super paranoid about that account. That is better than being able to transfer which makes compromises deadly.

In your example, the memo field could be crossed out in red with a tooltip "this account is revoked - do not trust any interactions with this account", and disable transferring at the wallet level.

Instead of telling all to be afraid of some account or disabling transfers to it, it would be better to indicate that an account has recently been "registered/transferred/has new owner"
If an account has registration date less than 1 (month, or year) it can be made visually stand out as new. That is enough to let people know to be careful with an account.  Account names should be cancel-able/transferable, and as I already mentioned previously, this is a serious design limitation that will have to be removed sooner or later.
>>> approve bitcoiners

 

Google+