source
All accounts on the HIVE blockchain that existed also before the fork may have posting permissions granted to apps that do not exists on the HIVE blockchain. It is a good idea to remove them for now.
You can use beempy to remove posting permissions to your account. At first,
all account that have posting/active permissions should be printed with
beempy permissions holger80
+------------+-----------+-----------------------------------------------------------+
| Permission | Threshold | Key/Account |
+------------+-----------+-----------------------------------------------------------+
| owner | 1 | STM5XDYn3NeTqiMd1wczZjF9sPiJqY2uQw9HRwT6LR6rQytAxWNfz (1) |
| active | 1 | STM7tA7Mh81wJV1J8eW8NyGLc3XCSyXNdFnhAh8F8bYYd8yAcy6Ew (1) |
| posting | 1 | actifit.app (1) |
| | | dpoll.xyz (1) |
| | | esteemapp (1) |
| | | nc-client (1) |
| | | nextcolony (1) |
| | | peakd.app (1) |
| | | rewarding (1) |
| | | STM6t5ExkHZtQL1pdkrRZjCgzbAdnB3YUYCZgrYWDXvdnU5bp57jL (1) |
+------------+-----------+-----------------------------------------------------------+
Remove posting permission
Now, not needed permissions can be removed by
beempy disallow -a holger80 busy.app
where the account name is set with -a
.
This command broadcasts a account_update
operation and removes the given account name from the account_auths
field.
This can also be done with https://hivesigner.com/revoke/ followed by the account name, e.g. https://hivesigner.com/revoke/busy.app
Changing and reviewing permissions is also possible with peakd:
https://peakd.com/@holger80/permissions
Recovery account
The recovery account can be check with https://hiveblocks.com/@holger80
It is set to @steem for my account and as it is most unlikely that @steem will ever sign a Request_account_recovery
operation on HIVE, I'm unable to recovery my account, when I would accidentally leak my owner key and someone would change it using my leaked owner key.
This is most unlikely, as I'm not using my owner key but it could happen.
How does account recovery work?
Assuming, my owner key was changed within 30 days, I have the previous owner key and the recover account is signing, I can recover my account:
- I need to create a new owner key
- the recover account broadcasts a
Request_account_recovery
operation with the new owner public key signed with its active key - I need then to broadcast a
Recover_account
operation with the old and the new owner public key and sign it with the old and the new owner private key. - I can change now all keys with an
Account_update
operation signed with the new owner key.
Currently this will not work for me, as @steem will not broadcast a Request_account_recovery
operation on HIVE.
Changing the recover account
I created a new account @recovery.account on HIVE as my new recovery account.
It would be possible to use hivesigner for this:
https://hivesigner.com/sign/change_recovery_account?account_to_recover=holger80&new_recovery_account=recovery.account&extensions=%5B%5D
or peakd: https://peakd.com/@holger80/permissions
But I do like to use my own script:
from beem.account import Account
from beem.nodelist import NodeList
from beem import Steem
from beem.transactionbuilder import TransactionBuilder
from beemgraphenebase.account import PrivateKey
import beembase
import getpass
if __name__ == "__main__":
nodes = NodeList()
nodes.update_nodes()
key = getpass.getpass(prompt='Owner key: ')
owner_key = PrivateKey(wif=key)
print("pub: %s" % str(owner_key.pubkey))
account_name = input("account name: ")
new_recovery_account = input("new recovery_account: ")
hive = Steem(node=nodes.get_nodes(hive=True))
assert hive.is_hive
account = Account(account_name, steem_instance=hive)
new_rec_acc = Account(new_recovery_account, steem_instance=hive)
op = beembase.operations.Change_recovery_account(**{
'account_to_recover': account['name'],
'new_recovery_account': new_rec_acc['name'],
'extensions': []
})
print(op)
prompt = input("Broadcast the operation? [y/n]")
if prompt[0] == "y":
tb = TransactionBuilder(steem_instance=hive)
tb.appendOps([op])
tb.appendWif(str(owner_key))
#tb.appendSigner(account['name'], 'owner')
tb.sign()
trx = tb.broadcast()
print(trx)
Results in
This means that in 30 days my recovery account will be changed.
I will keep the keys of @recovery.account in a safe place and will not use them.
Is there a need for a recovery account provider?
Do you want also to change your recovery account? How could this work? Let me know.
yes there is a need for this . i also want to change my account recovery, but don't know who to change it to.
maybe a one time payment fee . or if you or someone else commits to it a dao proposal 5sbd a day
@tipu curate
A huge hug from @amico! 🤗
I think I got some of them removed, but is there an easy to view location where I can see who I have given permissions to? On Steem block Chain I used Steemd to see this info, but have not found a similar app for hive yet.
You can check your permissions here:
https://hiveblocks.com/@bashadow
Thank you, I thought I had seen it somewhere, but so many book marks I lost it. Now I have it bookmarked in peakd
I found out an even easier way:
https://peakd.com/@bashadow/permissions
I thought I looked all over on PeakD for it, thank you for that.
You can check your permissions here:
https://hiveblocks.com/@bashadow
I need to change mine. Will you be helping other with @recovery.account? I changed mine the last time I took a loan from @neoxian to him and haven't changed back since.
Yes, I'm willing to help. I created a new discord channel for this:
https://discord.gg/Ae6mUwX
Maybe a discord bot with HIVE transfer to register can be used? I have to think about this.
Thank you oh so very much! This is exactly what I was looking for today!!!
Problem solved:)
For perfect security reason
Changing recovery account is great and anyone can do it easily. But the problem is that whom to set account trustee, if I do so and set someone my account trustee how can I prove my ownership on stolen account. Second question - If I create an account like you they I will need a tool to do all the process because I'm not a developer.
So , do you have answers of these questions
@holger80
Thank you, really useful indeed.
Something simple? Lol
Thanks @holger80 removed a lot and will change the recovery acc.