How to review account permissions and change your recovery account

source
All accounts on the HIVE blockchain that existed also before the fork may have posting permissions granted to apps that do not exists on the HIVE blockchain. It is a good idea to remove them for now.

You can use beempy to remove posting permissions to your account. At first,
all account that have posting/active permissions should be printed with

beempy permissions holger80

+------------+-----------+-----------------------------------------------------------+
| Permission | Threshold |                                               Key/Account |
+------------+-----------+-----------------------------------------------------------+
|      owner |         1 | STM5XDYn3NeTqiMd1wczZjF9sPiJqY2uQw9HRwT6LR6rQytAxWNfz (1) |
|     active |         1 | STM7tA7Mh81wJV1J8eW8NyGLc3XCSyXNdFnhAh8F8bYYd8yAcy6Ew (1) |
|    posting |         1 |                                           actifit.app (1) |
|            |           |                                             dpoll.xyz (1) |
|            |           |                                             esteemapp (1) |
|            |           |                                             nc-client (1) |
|            |           |                                            nextcolony (1) |
|            |           |                                             peakd.app (1) |
|            |           |                                             rewarding (1) |
|            |           | STM6t5ExkHZtQL1pdkrRZjCgzbAdnB3YUYCZgrYWDXvdnU5bp57jL (1) |
+------------+-----------+-----------------------------------------------------------+

Remove posting permission

Now, not needed permissions can be removed by

beempy disallow -a holger80 busy.app

where the account name is set with -a.
This command broadcasts a account_update operation and removes the given account name from the account_auths field.

This can also be done with https://hivesigner.com/revoke/ followed by the account name, e.g. https://hivesigner.com/revoke/busy.app

Changing and reviewing permissions is also possible with peakd:
https://peakd.com/@holger80/permissions

Recovery account

Request_account_recovery operation on HIVE, I'm unable to recovery my account, when I would accidentally leak my owner key and someone would change it using my leaked owner key.The recovery account can be check with https://hiveblocks.com/@holger80 It is set to @steem for my account and as it is most unlikely that @steem will ever sign a

This is most unlikely, as I'm not using my owner key but it could happen.

How does account recovery work?

Assuming, my owner key was changed within 30 days, I have the previous owner key and the recover account is signing, I can recover my account:

I need to create a new owner key
the recover account broadcasts a Request_account_recovery operation with the new owner public key signed with its active key
I need then to broadcast a Recover_account operation with the old and the new owner public key and sign it with the old and the new owner private key.
I can change now all keys with an Account_update operation signed with the new owner key.

Request_account_recovery operation on HIVE.Currently this will not work for me, as @steem will not broadcast a

Changing the recover account

It would be possible to use hivesigner for this:

I created a new account @recovery.account on HIVE as my new recovery account. https://hivesigner.com/sign/change_recovery_account?account_to_recover=holger80&new_recovery_account=recovery.account&extensions=%5B%5D or peakd: https://peakd.com/@holger80/permissions

But I do like to use my own script:

from beem.account import Account
from beem.nodelist import NodeList
from beem import Steem
from beem.transactionbuilder import TransactionBuilder
from beemgraphenebase.account import PrivateKey
import beembase
import getpass


if __name__ == "__main__":
    nodes = NodeList()
    nodes.update_nodes()
    key = getpass.getpass(prompt='Owner key: ')
    owner_key = PrivateKey(wif=key)
    print("pub: %s" % str(owner_key.pubkey))
    account_name = input("account name: ")
    new_recovery_account = input("new recovery_account: ")
    hive = Steem(node=nodes.get_nodes(hive=True))
    assert hive.is_hive
    
    account = Account(account_name, steem_instance=hive)
    new_rec_acc = Account(new_recovery_account, steem_instance=hive)
    
    op = beembase.operations.Change_recovery_account(**{
        'account_to_recover': account['name'],
        'new_recovery_account': new_rec_acc['name'],
        'extensions': []
    })
    print(op)
    prompt = input("Broadcast the operation? [y/n]")
    if prompt[0] == "y":
        tb = TransactionBuilder(steem_instance=hive)
        tb.appendOps([op])
        tb.appendWif(str(owner_key))
        #tb.appendSigner(account['name'], 'owner')
        tb.sign()
        trx = tb.broadcast()
        print(trx)

Results in

This means that in 30 days my recovery account will be changed.

I will keep the keys of @recovery.account in a safe place and will not use them.

Is there a need for a recovery account provider?

Do you want also to change your recovery account? How could this work? Let me know.

Sort:

Trending

[-]

bobskibob (60) 5 years ago (edited)

yes there is a need for this . i also want to change my account recovery, but don't know who to change it to.

maybe a one time payment fee . or if you or someone else commits to it a dao proposal 5sbd a day

$0.00

1 vote

amico (67) 5 years ago

@tipu curate

A huge hug from @amico! 🤗

bashadow (69) 5 years ago

I think I got some of them removed, but is there an easy to view location where I can see who I have given permissions to? On Steem block Chain I used Steemd to see this info, but have not found a similar app for hive yet.

holger80 (74) 5 years ago

You can check your permissions here:
https://hiveblocks.com/@bashadow

$0.03

4 votes

Thank you, I thought I had seen it somewhere, but so many book marks I lost it. Now I have it bookmarked in peakd

holger80 (74) 5 years ago (edited)

I found out an even easier way:
https://peakd.com/@bashadow/permissions

I thought I looked all over on PeakD for it, thank you for that.

3 votes

rishi556 (70) 5 years ago

I need to change mine. Will you be helping other with @recovery.account? I changed mine the last time I took a loan from @neoxian to him and haven't changed back since.

Yes, I'm willing to help. I created a new discord channel for this:

Maybe a discord bot with HIVE transfer to register can be used? I have to think about this. https://discord.gg/Ae6mUwX

joelingo (57) 5 years ago

Thank you oh so very much! This is exactly what I was looking for today!!!

Problem solved:)

rockor (60) 5 years ago

For perfect security reason

ajks (69) 5 years ago

Changing recovery account is great and anyone can do it easily. But the problem is that whom to set account trustee, if I do so and set someone my account trustee how can I prove my ownership on stolen account. Second question - If I create an account like you they I will need a tool to do all the process because I'm not a developer.
So , do you have answers of these questions

@holger80

theskmeister (58) 5 years ago

Thank you, really useful indeed.

libert (63) 5 years ago

Something simple? Lol

detlev (79) 5 years ago

Thanks @holger80 removed a lot and will change the recovery acc.

zdigital222 (-14)(1) 4 years ago

Reveal Comment