Well! That didn't take long!
Reset accounts are disabled.
I say we test and enable them.
This is now a witness issue.
Conclusion
We should obviously enable this feature.
It allows accounts to be recovered even when the keys are lost.
It also adds a new attack vector to steal accounts that haven't transacted in 60 days.
We should tread carefully.
https://peakd.com/@edicted/reset-accounts
No one who has autovotes going can use that feature unless they can also convince the maintainers of the autovote services that they are the person who has lost their keys and the autovotes need to stop for the account to not transact for 60 days.
Well, with this enabled, Sun could just take the money instead of freezing accounts.
Since Hive and Steem are identical, that would allow a cabal of those folks governing Hive to do so here.
Not sure I'm in favor of that, TBQH. Pros and cons. Like most jungle creatures, I have to pay attention to cons, while pros are merely optional.
Sun can literally do anything he wants.
Steem is a centralized database just like Reddit, Twitter, or Facebook.
Hive is not identical because no one on Hive has access to the @steem account's private keys.
This is an optional feature that can only bring value to the network.
Insofar as code is concerned, there is no effective difference between Hive and Steem. Yuchen just bought @ned's stake for lunch money (considering what he spent for lunch with Warren Buffet), while the stakehodlers @ned allowed to rule Steem during his possession of the founder's stake stuffed that stake into the HPS on Hive.
That, and the logo is different.
and?
there is no reason to not enable an optional feature that increases account security.
the only accounts that get stolen will be ones that went inactive for 60 days and set the reset account to a bad actor. steemit can steal no accounts. the witnesses can steal no accounts. everyone has a reset account of @null by default, making this feature 100% opt in.
the best way to use it would be to set the reset account to an alt account and put the alt account's keys on the cloud. this way it would be much harder to lose your account by losing the keys, as the alt account's keys are more exposed but also much more accessible and harder to destroy and have no risk of funds being lost.
Upon rereading this and the prior post, I conclude you are correct. My assumption was that new folks would be using the dapp providing their account as their recovery account, which could then reset their account should they be inactive for 60 days.
However, if the reset account feature is opt in, newbs wouldn't set it. Only after they have climbed the learning curve high enough would they gain the necessary understanding, and by then they should have a good idea of who they can trust as their recovery account.
Generally right? Or am I still a n00b?
That is exactly correct.
Honestly, we are all noobs.
There are less than a dozen people in the entire world that know this platform in and out.
It seems you have a magical touch.
You are one to get things done. Now I know who the go-to person is on Hive.
Posted Using LeoFinance
Ha! I wish!
I'm not even running a node :(
I really need to prove myself and start a bid to 'witnesses' these here blocks.
The length of time could always be changed to say 365 days or something much longer than 60 days. 365 days would suck but it is better than losing everything if you lose your keys and is less risky than 60 days.
With all due respect, the number of days should clearly not be a static number.
There's no reason to not allow the account in question to choose the number of days themselves.
Also this function is disabled :(
Oh, if it can be coded as a dynamic number that would be the best of all. I was going under the assumption that would involve a decent amount of work and testing.
nah you could just add a variable to the operation:
days_to_resetsomething like that.
would be really really easy imo.
Why is it disabled?
Guess we gotta ask the witnesses.
But they are going to tell us the obvious:
Steemit Inc did 99% of development.