Posting Authority Revoked.

in LeoFinance10 months ago

stamp-denied.jpg

So the other day I checked my voting power and it seemed a bit low...

That's weird I don't remember casting any votes today.

After checking a block explorer I noticed that my account was making several 40% votes on some kind of curation train... which is weird because I don't cast 40% votes. I don't remember signing up for that. Checked which accounts I had given posting key authority to and it came down to:

  1. Ecency
  2. Threespeak

Truth be told I thought it was more.

I forgot that a while back I did quite a purge on accounts that had my posting authority. After all, any account that has it can upvote and comment in my name (even if they pinky promise not to). It's always a good idea to check them from time to time, and granting active key authority is almost always a bad idea (unless you control both accounts or unilaterally trust the account with your money). If you haven't checked them in a while head on over to https://peakd.com/@edicted/permissions (replace @edicted with your username). Always good to clean house once and a while.

So I revoked authority from Ecency and waited to see if the auto-upvoting would end. I thought it was a bit odd that I couldn't see which account was signing my transactions. Isn't that something that should appear within the API? I guess not. I've been told the only information that remains is simply that "the signature is valid" for "optimization issues".

Which again I find pretty odd because all Hive nodes have to make sure that the signature is valid anyway. If the signature isn't valid for @edicted's public key then it just has to go down the line and check every other account that has @edicted's posting key authority. Makes me wonder if there is some kind of exploit there that would allow Hive to be bogged down.

Threat-vectors-attack.png

For example: What would happen if someone created a million Hive accounts and then added posting authority for each account to every other account? A million accounts with a million posting authorities each. Then sign a million messages with the million accounts using a random key (or maybe not random at all if nodes check in alphabetical order and you sign everything with an accounts starting in 'z').

All of a sudden every Hive node has to do a trillion account checks on operations that are essentially free (we can currently post a surprising number of custom JSONs to chain with 0 Hive powered up and 0 RC delegations). Of course this ignores the initial cost of creating a million accounts and then setting posting authority a trillion times. However, assuming such a thing is possible once an annoyance like that is up and running the attack becomes relatively free.

Of course I'm just spitballing here and really have no idea how it EXACTLY works which is very much required for attack vectors of this kind. For example if the data was in an ordered list it could be traversed using a binary sort which would reduce the million lookups to log base 2 of a million (which is 20). I don't know how it would be possible to order such a list when signatures are pretty much random and can't be linked back to the account that signed them without explicitly checking (AFAIK).

I don't know to me it just seems like a glaring oversight that messages signed by other accounts don't have to declare which account they are using to sign the message. Or maybe I'm just annoyed that I put effort into figuring out who was signing my upvotes and came up empty handed because I was too 'lazy' to write a script that would check each one on the list by brute force (in this case all two of them). Aint nobody got time for that.

This actually reminds me of the hostile takeover now that I think about it.

Because even if a threat vector like this did in fact exist the witnesses could just do what they did back then: ignore the accounts trying to post to chain and refuse to include their transactions. It's technically every witness's choice as to what they include in their block. If all the witnesses get together and decide to unilaterally exclude certain content from the chain that is totally allowed, and only requires a 'soft-fork'. However even then it's not really a fork at all just an optional filter on any given node.

Interestingly enough this is also totally allowed and part of Bitcoin core as well. Any miner/node can choose what goes into a block and what doesn't. It's just much harder to collude on bitcoin because of POW mining and the financial incentives and decentralization that comes along with it. But enough about this rando thought experiment.

Another solution to this make-believe problem would be for witnesses to require certain meta-data to be approved for posting data to chain (like your account) and then this meta-data would simply get thrown away later after confirmation. Of course anyone booting up a new node then runs into the same issue of not being able to easily verify the data because the meta-data has been discarded. So I guess what I'm trying to say here in the most roundabout way possible is that crypto is needlessly complicated.

guess-and-check.png

Didn't find the answer given the technical way.

So I just... waited.

A couple hours later another 40% upvote was cast in my name. Ah, Threespeak is voting for me for some reason or another. Rishi told me that hive.vote goes through Threespeak but I really can't be arsed at this point. I'm curious how long this has been going on but I feel like it must be pretty recent or the amount of votes getting signed increased enough for me to notice. Doesn't really matter one way or the other though. I revoked my authority and the curation train was severed.

For a second there I was actually worried that the upvoting would continue and then I'd have to make wild accusations like Hive Keychain was voting with my keys (which would be much... much worse). Always a good reminder that my posting and active key are just sitting there in a Chrome Extension on a Windows machine. lol... not the most secure implementation to be sure. Luckily we got them timelocks and owner keys to contend with. Hive security is pretty clutch when people really take the time to figure it out. Considering all the recent Ledger drama it's good to keep an eye out.

Conclusion

Any account with your posting key authority can comment and upvote in your name without any other permissions required. Always good to remind oneself how it works (even if I've NEVER seen an instance of someone abusing the comment functionality... as all the bots and curation trains are tailored to upvotes). This is why it's nice that custom JSONs come with an optional posting/active authority requirement. Imagine if all custom JSONs only had posting authority: all your HE tokens could be transferred by anyone with basic posting authority.

In any case this was one of those interesting blips on the Hive blockchain.
Never a dull moment in crypto.
Keep grinding.

Sort:  

You can't daisy chain the authorities. The authority is just like a public key attached to the account.
You can get the public key from the signature and see which public key or who signed the transaction. That's the role of signature.
If you have any example transaction I can tell which one of your auths broadcasted that transaction.

Edit: It seems authorities do daisy chain to some degree.

If you have any example transaction I can tell which one of your auths broadcasted that transaction.

Do you have any sample code for this?

See https://github.com/mahdiyari/hive-tx-js
I added an example there

Block explorers can easily display the public key used for signing the transaction. hivehub.dev might be interested in adding that feature. @asgarth

CC @edicted @brianoflondon

I thought about this a few times in the past. Thanks for sharing the code, will try to include it in an upcoming release 👍

I'd advise to implement it in such a way that sig_digest of a transaction is taken from server (since a node already has packed version of transaction - this way you don't need to deal with differences between legacy and hf26 version of binary serialization), but the extraction of public key from signature happens on client side, preferably on demand only (that part of the process carries almost all the cost, if you do it on the server you just invite DoS attack).

Loading...

You can get the public key from the signature.

Ah you see this is the unforeseen technicality that escaped me.
Thanks for playing along and setting the record straight.
I was thinking the signature was much more random than that.
Kinda how the block number is hidden in hex code on the first... eight digits of the block ID?
LoL I forget. 🤓

I thought it was a bit odd that I couldn't see which account was signing my transactions.

That is exactly why I refuse to add any posting authorities.

image.png

You don't love waking up to dozens of posts that all look like this?
Stop lying!

I recall there was a bot, Gina, I was quite a fan of for a while, that would notify you of various events on Discord, and I think it would have notified you if you had upvoted if you wanted it to. I think that was before Peakd.

Yeah I use a similar Discord bot called F.R.I.D.A.Y. by @deathwing.
Very useful stuff.
Although I like to keep the notifications down to a minimum.
Notification on upvote is a bit much imo.
But it is indeed an option.

Of course this ignores the initial cost of creating a million accounts and then setting posting authority a trillion times. However, assuming such a thing is possible once an annoyance like that is up and running the attack becomes relatively free.

I think you ignored the bit that would cost a huge fortune, take a long time and be obvious if tried.

But I do agree: I would like to know which delegated account signed something I've also got hung up on trying to figure out which automated system did something for me. I'd love a front end or a block explorer to make it easy to see this, as far as I know it isn't done by any of them?

@mahdiyari @ausbitbank

@mahdiyari commented:

You can get the public key from the signature

Which is exactly the answer I was looking for.
Although an example of this would be quite nice.
Seeing as public keys are sortable a binary search would be O(log n).

Funny how being aggressively wrong always seems to yield the quickest results.

I always find it interesting when I pose these non-existent problems.
Always something to learn.

In case you miss it there's same example code available:

https://github.com/mahdiyari/hive-tx-js

const signature = hiveTx.Signature.from(string)
signature.getPublicKey(message)

const publicKey = signature.getPublicKey(digest).toString()
// STM8WWUYHMdHLgEHidYCztswzfZCViA16EqGkAxt7RG4dWwDpFtCF
// To find which account has this public key
const account = await hiveTx.call('condenser_api.get_key_references', 
        [["STM8WWUYHMdHLgEHidYCztswzfZCViA16EqGkAxt7RG4dWwDpFtCF"]])

Of course this is very black-box and doesn't show how we can actually extract the pubkey from the signature but whatever I assume it works on a practical level.

What is ur discord? Need to put u with our dev and figure out root cause

Hey @edicted,

I decided to do some research. You said you did not make any 40% votes, so I checked those on https://peakd.com/@edicted/activities. I saw that the posts you voted at 40% had votes from @hextech but at 80%. So I checked https://peakd.com/@hextech/activities and found the same posts in the same order.

Side-by-side comparison:

You may have to zoom in.

So my best guess is that you were following the @hextech trail, or someone on that account has your posting key.

Thanks for the clarification, @eddiespino.

Yeah my @hextech partners brought this up as well but I'm fairly certain I never shared my posting key and the upvotes stopped when I revoked threespeak authority.

Is there a way for the hextech curation train to gain access to threespeak authority?
Or I guess the real question is what curation trains have access to the threespeak posting key.

Did you ever use hive.vote? There is a hextech trail over there. It shows two followers, but only one is active. Did you also had the posting authority to steemauto?

I think hextech has never used threespeak, so I don't think they ever gave the posting authority. The channel is empty https://3speak.tv/user/hextech

As far as I know, threespeak has no trails or trains. It doesn't have that feature. But talk to Matt and vaultec about this to get to the bottom of this.

Did you also had the posting authority to steemauto?

I think at one point this was probably the case but the only two accounts I revoked were Ecency.app and threespeak.
And now zero accounts have access.

A good reminder to do spot checking on your own account so you know what's going on. I didn't even know about the permissions page and I bet a lot of others don't as well. I found some serious oldies in there from steem and drugwars lol

Same lol

There is so much housekeeping to keep up with. I have a hard enough time just keeping up with the IRS, but yeah... I will check the permissions here.

We don't talk about the IRS

Yes. It's better not to mention the first acronym associated with "cleaning house".

They'll clean house for sure

Thank You for writing this post!! I had wanted to evoke some permissions but wasn't sure where to do and and when I thought about it the people I could have asked were sleeping.

Ah glad I could help you evoke a revoke.

Did I miss the why of threespeak voting for you?

It isn't. Some of the votes were identical to hextech's vote but at 50% of the power.

Check my reply:

https://peakd.com/hive-167922/@eddiespino/re-edicted-rvao4v

I never quite figured that out.

Although my memory is quite bad it is possible I at one point agreed to such things long ago.

This Shows we still need alot of improvements on development end, this should be fixed, any account which have posting Authority should be limited by number of post and comments on protocol level

I wish I understand what is going on here. Can someone please explain?

it said Errro, https://peakd.com/@edicted/permissions. A little care is needed in such things.

https://peakd.com/@edicted/permissions (replace @edicted with your username)

I was thinking the bit in parenthesis wasn't necessary.
Then I was okay this is more than enough.

Can I get a Morgan Freeman voiceover?

It was not more than enough.

INB4 Morgan Freeman voiceovers go viral on AI systems.

Maybe a Robert Stack voiceover would help shed more light on the unsolved mystery.

Thanks! Let me check now!

It works! ^_^

Yes. This might be one of those Errro sites. Just click that you are over 18 and they will let you in.

I've just tried the link and it also says error.

I've just tried the link and it also says error.