Fix recursive account permissions

[testzcrypto]

BitShares allow to change permissions of account A to account A. More info can be found here: https://steemit.com/blockchain/@hipster/sad-story-how-i-lost-bitshares-account

[abitmore]

IMHO we can arrange a hard fork to fix this account (and perhaps other similar accounts).

It's said in https://bitshares.org/technology/dynamic-account-permissions/ :

In practice client software can detect cycles and prevent them from being formed.

So it's designed that client software should take care of the permissions.

Setting the owner permission to an account itself is legit, with this approach a group with active permission can sign transactions/operations that require owner permission. And vise versa.

[dnotestein]

if we're going to do a social fix of this sort (I'm not opposed), should we consider also returning funds stuck in the poloniex phishing account to their original senders?

https://bitshares.openledger.info/account/poloniex/overview

[TheTaconator]

On fixing specific accounts, I am worried about the precedent that it would set. At a minimum, I think that any advocate should bring this up for discussion with the community.

[pmconrad]

Developers should never touch individual accounts. We are not judges and cannot decide which accounts or transactions may be legit or not. The community cannot decide that either. (They are probably even worse judges than the devs.)

[dnotestein]

@pmconrad Of course the community can decide such an issue. It's fundamental to any consensual blockchain system that the users can make such a decision by electing to run a new version of the software with new rules. There's no limitation on what those new rules are. The guys that don't grasp this have never really understood the basic nature of how users self-select to make themselves part of a blockchain community. Naturally, such changes can lead to community splits (e.g. ETH and ETC). But to say a community can't decide to do such things is just flat out wrong. And to say they are probably worse judges, well, that's just your opinion of the community.

[bycz6]

It happen with me the same! user: bycz2

[bycz6]

If I hash the brain key I get the priv key right?

[abitmore]

@bycz6 when the account is locked, brain key won't work. Save your private keys and brain key (if you have) safely, I think we will fix it some time in the future (may be long, so be patient).

[xeroc]

@bycz6 a sequence number needs to be appended to the brainkey to get to a private key. Do not mix brain key with account/password

[bycz6]

Thanks for the feedback @xeroc @abitmore

[bycz6]

https://github.com/EOSIO/eos/issues/922 This could also apply, right?

[dayman32]

Similar problem. I have keys. Changed the threshold weight to 2. And I have 1. All access denied. When will the bug be resolved? Has passed 1 year-I look no one rushing. Dozens of people with a similar problem!

[clockworkgr]

Well , it's not really a bug. As @abitmore described, there is a legit reason for allowing it as far as the chain is concerned.

As mentioned above, it's a client software issue to ensure that "incompatible" permissions are not set.

This is more like going out and leaving your house-keys inside the house. Doesn't mean your door is buggy.

[dayman32]

When should we wait for a decision or correction? A lot of investors in this situation.

[bycz6]

Any new development?

dayman32 notifications@github.com escreveu no dia sábado, 2/06/2018 à(s) 11:10:

When should we wait for a decision or correction? A lot of investors in this situation.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitshares/bitshares-core/issues/269#issuecomment-394075739, or mute the thread https://github.com/notifications/unsubscribe-auth/AWhsC8OsCItiKZD16DsPlZtNhUADJBgDks5t4mSggaJpZM4NM2Su .

[pmconrad]

As these accounts cannot be unlocked without a hardfork, and a hardfork cannot be done without a BSIP, I'd suggest to close this issue. This needs to be discussed in a different place.

[bycz6]

Where?

Cumprimentos / Best regards, Rafael Mateus

Telf. +351 967008933

A Ter, 5 de jun de 2018, 15:50, Peter Conrad notifications@github.com escreveu:

As these accounts cannot be unlocked without a hardfork, and a hardfork cannot be done without a BSIP, I'd suggest to close this issue. This needs to be discussed in a different place.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitshares/bitshares-core/issues/269#issuecomment-394739047, or mute the thread https://github.com/notifications/unsubscribe-auth/AWhsC9PKL2WK_P8YPMr3Ozxd83lyrp8kks5t5prNgaJpZM4NM2Su .

[abitmore]

@bycz6 here: https://github.com/bitshares/bsips/issues

[dayman32]

Is there news? Is there a hard fork planned or another solution to the problem? Dates, dates?!

[pmconrad]

No.

[abitmore]

New locked account: https://cryptofresh.com/u/1.2.907383

[abitmore]

Created issue in BSIP repository: https://github.com/bitshares/bsips/issues/94. Closing this one.

[dayman32]

For 4 years I have been observing how the solution of this issue is transferred from year to year. Her in general, will someone ever decide?

People just want to withdraw their money from these blocked accounts.

[dayman32]

Please put a solution to this issue for at least 2020. To put off the problem for 5 years is not very serious. Please, if you need sponsorship or help create a topic, many have lost huge amounts on this issue.

[iceworlder]

Please put a solution to this issue for at least 2020. To put off the problem for 5 years is not very serious. Please, if you need sponsorship or help create a topic, many have lost huge amounts on this issue.

now 6 years.

[bycz6]

Come on developers. This should never happen in a blockchain. People with seed key that cannot access his own wallet.

Cumprimentos / Best regards, Rafael Mateus

Telf. +351 967008933

A domingo, 10/01/2021, 02:43, iceworlder notifications@github.com escreveu:

Please put a solution to this issue for at least 2020. To put off the problem for 5 years is not very serious. Please, if you need sponsorship or help create a topic, many have lost huge amounts on this issue.

now 6 years.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitshares/bitshares-core/issues/269#issuecomment-757403216, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFUGYC24OYMKDWFHOJUAPXTSZEH6TANCNFSM4DJTMSXA .

[abitmore]

What users in this situation can do at this moment:

• Keep your old keys, backups and passwords safe, since they might be needed to recover your funds in the future. If you've lost the keys nobody can help.
• For assets which is not BTS, please ask the asset owners for potential help (E.G. transfer out funds via override_transfer_operation).
• If you are able to code a fix, or find someone to code a fix, or coordinate somehow to code a fix, please feel free to do it and create a pull request.
• Wait.