Steal my EOS -- An experiment on the EOS.IO Mainnet

eosinsider (37) in eos • 6 years ago

Would you like to steal 5 EOS?

Ok.. go ahead and try! Here is the private key for yostealmyeos
5K5V1MY4iPBvT1vZ8rdX89JVDMJXosmRqKGoUxCfYaVck69qNU2

So why am I posting a private key publicly on Steemit?

This is an experiment! EOS.IO blockchain was developed with account recovery in mind.

With EOSIO blockchain, #codeisnotlaw. So if somebody gains control of your account maliciously, there are methods to protect users and recover stolen funds thru an arbitration process.

However, in the case of this experiment, I may not even need arbitration.

Accounts on the EOS.IO blockchain were designed to include both an Active Key and an Owner Key permissions. The private key posted above is for the Active Key permission of the account.

The owner key can be used to "reset" the Active Key permission.

The 5 EOS.IO in the account are all "staked." In order to transfer EOS, the tokens must be unstaked. The EOS can be unstaked with the active key, but the process takes 3 days (by design). Within this time frame, I should be able to update my active key to prevent the loss of funds.

So if you would like to participate in this experiment, go ahead and try to steal the 5 EOS.IO and we will see what happens!

Good luck! :-)

eos eosio eosmainnet eosexperiment codeisnotlaw

6 years ago by eosinsider (37)

$0.00

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

samstickkz (65) · 6 years ago

Lol this is the kind of show-off I love

$0.02

3 votes

[-]

crypto.update (9) · 6 years ago

But where is Private Key ?

$0.00

2 votes

[-]

eosinsider (37) · 6 years ago

Did steemit filter it out for some reason? 5K5V1MY4iPBvT1vZ8rdX89JVDMJXosmRqKGoUxCfYaVck69qNU2

$0.00

1 vote

[-]

crypto.update (9) · 6 years ago

That's not a Private Key

$0.00

1 vote

[-]

malonmar (64) · 6 years ago

Hahaha and what is it? Yes, it is a private key of EOS

$0.00

2 votes

[-]

simoncase (42) · 6 years ago

Youre an idiot

$0.00

[-]

erikodi (34) · 6 years ago

Good experiment... you could give me the 5 EOS and see if you can take them back lol

$0.00

1 vote

[-]

mariusfebruary (61) · 6 years ago (edited)

haha - cool idea - I just sent you another 1 EOS to make the experiment more interesting ;-) - will you stake it before anyone else takes it?

$0.00

1 vote

[-]

eosinsider (37) · 6 years ago

I just reset the active key again and your 1 EOS is unstaked so that may disappear quickly!

$0.00

[-]

eosinsider (37) · 6 years ago

Bummer!I left your EOS unstaked hoping someone else would stake it for you..! But someone got greedy! Don't worry Ill get you back at the end of this.. thanks for participating:-)

$0.00

[-]

slavix (64) · 6 years ago (edited)

Great idea and a fun little game that will teach people about account security features of EOS! :)
btw,
Active key can and should be different from owner. Initially all accounts come with same owner and active key. For better security before starting to use EOS account people should update their active accounts and use them when logging into wallets. Owner key should be left offline in storage and only be used to update active key and serve as a "recovery" key.
Generate new key with:
cleos create key

Here is a cleos command that can be used to update active key for an account

cleos -u https://eos.greymass.com:443 set account permission < accountname > active '{"threshold": 1, "keys": [{"key": "< new active public key >", "weight": 1}],"weight":1}]}' owner

$0.00

1 vote

[-]

cryptohead (50) · 6 years ago

You're so smart....

$0.00

[-]

alepacheco (27) · 6 years ago

@eosinsider Is this over? I had some ideas to try :(

$0.00

[-]

alepacheco (27) · 6 years ago (edited)

The key is now EOS6ka7tgmPJGEAPnNsxxeSNQUwqLMu44gZhnHY8RtXwPPKGFadak so i cannot try anything

$0.00

[-]

eosinsider (37) · 6 years ago

So far EOS7Yee2ZgSQLcbSc5wNjdoA9rdz1cffdwqCsLZvcV1Gys9et3X5G keeps taking control of the active key and is buying and selling RAM, the fees of which goes into the eosio.savings pool.

$0.00

[-]

bluabaleno (55) · 6 years ago

Can whoever controls the active key buy and sell ram with staked tokens? I didn't think this was the case.

$0.00

[-]

fitzgibbon (61) · 6 years ago

I really like your approach! Certainly hope you will follow up with more on this as the story develops. Keep us posted, very curious to find out to which extent, with EOS, #codeisnotlaw

$0.00

[-]

aeondrift (33) · 6 years ago

Love this demonstration of confidence! :)

$0.00

[-]

slavix (64) · 6 years ago (edited)

It looks like the private key you published belongs to this public address
EOS5ueRfpHnWxbxysRpcsUkBsma7vWvZjgQYi9jU9cY7wyiSQd9Zx
which is not on the main chain, meaning there is no account associated with it.

cleos get accounts EOS5ueRfpHnWxbxysRpcsUkBsma7vWvZjgQYi9jU9cY7wyiSQd9Zx
{
  "account_names": []
}

$0.00

[-]

eosinsider (37) · 6 years ago

It is linked to yostealmyeos. Someone changed it.. But I changed it back!

$0.00

1 vote

[-]

slavix (64) · 6 years ago

cleos get account yostealmyeos
permissions:
owner 1: 1 EOS6ka7tgmPJGEAPnNsxxeSNQUwqLMu44gZhnHY8RtXwPPKGFadak
active 1: 1 EOS6ka7tgmPJGEAPnNsxxeSNQUwqLMu44gZhnHY8RtXwPPKGFadak

Your private key is for this public key EOS5ueRfpHnWxbxysRpcsUkBsma7vWvZjgQYi9jU9cY7wyiSQd9Zx
It is not associated with any EOS account.

cleos get accounts EOS5ueRfpHnWxbxysRpcsUkBsma7vWvZjgQYi9jU9cY7wyiSQd9Zx
{
"account_names": []
}

$0.00

[-]

eosinsider (37) · 6 years ago

Again, I changed the key back to my possession to prevent any loss of funds since somebody unstaked the tokens. You can check the history in a block explorer for eos to see for yourself!

$0.00