Shit happens and you may one day be faced with your account being compromised: your private keys have been leaked or stolen and your account and funds are at risk, if not already gone.
Fortunately, each account on the Hive blockchain is linked to a recovery account that can reset the compromised account owner key, enabling its original owner to update it with a new password and keys.
Although it sounds very simple, problems can arise throughout this process.
What is the Recovery Account?
The recovery account is another Hive account that is able to initiate the recovery of your account, in case you solicit it after your account has been compromised. For the recovery to be possible, you often need to go through a process. On Steemit, Inc. you need to send them a recent password for your account, used no longer than 30 days ago. More information will be required to determine that you are the rightful owner.
What is the role of the Recovery Account?
The duty of the owner of the recovery account is to make sure whoever is asking for the account recovery is the real owner of the account to be recovered before initiating the account recovery procedure.
What if the Recovery Account does not initiate the recovery process?
You’re fucked! This account is the only one to be able to initiate the recovery process.
As you can see, without the recovery account performing step 3 of the recovery process, it is impossible to finalize the process of resetting your owner key.
Why would the Recovery Account holder not initiate the recovery process?
There can be lots of reasons for this.
… and many other reasons.
Joking aside, I think that cases 1 and 2 are the most likely, point 2 is the one with the most risk factor.
Many of the accounts on the Hive blockchain have been created by Steemit, inc and still have @steem as their recovery account. Not sure many of us still trust them as a recovery account.
This is also an issue for accounts that are created by regular users who have claimed account tickets using their unused resource credits and are using them to create accounts for others.
When they create an account using their available tickets, they are set by default as the "recovery account". A responsibility maybe they didn't know they have, didn't ask for and don't want. Some may become inactive over time or will be unreachable when someone needs them to recover their account.
Then there's a problem.
How to mitigate these risks
The choice of your Recovery Account is therefore of paramount importance. You need a trusted but, even more, reliable person who:
Changing your recovery account from @steem to @hive.io will not solve our issue. Mainly because hive.io is not a single entity that can be fully "trusted" even if the majority of people who are involved in its development are trustworthy people. It is also not “reliable” because no structure has been put in place to ensure such service and availability 24/7.
WARNING: The
@hive account is not under control of any known trusted user.
DO NOT blindly replace the@steem recovery account with
@hive
Hive Recovery is a service that works uninterrupted and is completely autonomous. The service provided by @hive.recovery consists of two components:
The Hive Recovery web page is an HTML page that reflects the 3 steps associated with the Hive account recovery process:
The back-end is a javascript service running 24x7 on a server that, upon request will verify the identity of an account and initiate the recovery process.
Navigate to https://tools.hivechain.app/recovery
The first thing to do is to enter your username and hit enter or click on the account check button. If the account name is valid, depending on the current status of your account and which steps of the recovery process you already performed, the buttons will light up and allow you to click on them.
This step will enable you to define @hive.recovery as your recovery account and secure your (future) recovery process.
After clicking on the "Change Recovery Account" button, the following form will be displayed:
Fill the form with the following information:
Safely store your secret passphrase (separate from your account password and keys)!
You will need it later if you ever need to recover your account!
Once ready, confirm you have a copy of your passphrase and click on the Submit button
When you click the submit button, the web page will
The web page will then
Both operations (the "transfer" and the "change recovery account") are performed atomically, which means that if one of the operations fails, neither of them is recorded on the blockchain.
If all goes well, you will see a notification confirming the change of account.
Why do you need my Master Password?
You Master Password is used to retrieve
- your private owner key: this key is mandatory to issue the
change_recovery_accountoperation to the blockchain. Two birds with one stone, it will also be used to send the (micro)transfer operation.- your private memo key: this key will be used to encrypt the memo of the above-mentioned transfer.
Your Master Password or Private Keys will NOT be stored or sent over the internet by the Account Recovery Setup process!
After setting up your @hive.recovery as your recovery account, you have to wait 30 days before
@hive.recovery will become your recovery account and before you can initiate a recovery. This is to ensure that someone gaining access to your account cannot update the recovery info to their own advantage then initiate the recovery process and lock you out.
This will be indicated by the "Change Recovery Account" button which has turned yellow and indicates how many days you have left to wait.
Once the cooldown period is over, the button will turn green.
This indicates that @hive.recovery is now your recovery account.
Of course, to proceed with this step, you must first have @hive.recovery be your recovery account.
Add to this that you can only initiate a request to recover your account if your owner key has been changed within the last 30 days. This will be clearly indicated on the page by a yellow "Request Recovery" button and explanatory text.
If, on the other hand, your owner's key has been changed during the last 30 days, the button will be displayed in red.
So, let's say your account has been unfortunately compromised and it’s now time to recover it. Click on the "Request Recovery" button to display the following form:
Fill out the form with:
If you do not have already generated a new password and keys set, you can do it by clicking the "Generate new Password and Keys" button. It will display a new dialog with a new randomly generated password and its related keys.
Confirm you have saved your new credentials and click on "Continue". It will automatically copy your new Owner Public Key into the appropriate input field.
Once both input fields have been filled, you will be able to click on the “Generate Email” button. This will trigger your default email client to create a new email ready to send with pre-filled “to”, “subject” and “body”.
If your email client does not open, you can send an email manually to recovery[at]hivechain.app and copy the Recovery Request Payload text in the body of your email. The subject doesn’t matter. You can put what you want there.
WARNING:If you provided an email address to your memo when setting up the recovery account, you must send the email from the same email address!
When receiving your email, @hive.recovery will parse this payload and:
If all these tests pass through, @hive.recovery will then initiate the recovery process. If all of the information you provided is correct, it should take place within a few minutes.
The last thing you will need to do is confirm the recovery request within 24 hours.
This is the very last step. You are now under control to finalize the recovery process. Now that you have requested your account recovery and that @hive.recovery has told the blockchain you want to do so, you need to confirm your request to finalize the process.
Click on the "Confirm Recovery" button to display the following form:
Fill the form with the following information:
What is a "recent Private Ower Key"?
It is NOT the one you generated in step 2!
It is a Private Owner key of your account before it was last changed and that last change must not be older than 30 days!
Important note:
When you have filled the form with a valid Private Owner Key and your new password, click on the Submit Confirmation button.
The web page will do two things:
The page will then confirm if everything has gone well.
Hooray, you are done and you have recovered your account!
Why do you need my new Master Password?
Your Master Password is used to retrieve
- your private owner key: this key is mandatory to issue the
recover_accountoperation to the blockchain.- it will also be used to compute all your public Active, Posting and Memo keys and send an
account_updateoperation to the blockchain and tell it that you have new private keys.
Your Master Password or Private Keys will NOT be stored or sent over the internet by the Account Recovery Setup process!
Considering your account is safe when doing step A, you are the only one to be able to make the micro-transfer using your active key and encrypt information using your memo key. If a hacker changes your password, your keys will change too. This way, @hive.recovery can identify you with certainty.
Also, remember that a double encryption process is used:
With this double encryption process in place, only you and @hive.recovery can access E2 and read E1, but
@hive.recovery cannot decrypt E1 because it does not know your passphrase. No one, including
@hive.recovery, can ever read the content of E1 until you provide the passphrase to decrypt it.
Even if a malicious actor finds your passphrase, they won’t be able to access E1 because they will need your private memo key to decrypt E2 first.
An attacker would need you to get your passphrase AND your memo key (AND optionally your email address and its control) to be able to lock you out of the recovery process.
On the other hand, if these are safe and if @hive.recovery can decrypt E1 and the information it contains matches your data, then it can identify you with certainty and safely initiate the recovery process for you.
The only private element that you communicate to @hive.recovery is an email address. For obvious reasons, this email address cannot be temporary. We can therefore consider that you could potentially be identified with this email address.
However, remember that this information is encrypted using your passphrase. So no one who does not have this passphrase has access to it. This is also the case for @hive.recovery and the operator of the Hive Recovery service (
@arcange), who will only be able to access it from the moment you initiate a recovery procedure
For the most paranoid of you who still would not trust the operator, which is perfectly acceptable, you can bypass this option. It is only provided to add an additional level of security.
Support for this service is provided on Hivechain.app server on Discord.
Hive Recovery is a service created and managed by @arcange