Wait, so this only works if you decided you shouldnt ever rotate your github ssh keys?

[jayzalowitz]

This is really bad in my opinion. You should be able to validate with your GitHub account, which still exists.

Also the instructions on how to run this clearly don't take into account anything simple, there's now yarn lock file, there's no ./bin/hs-airdrop in the instructions

I have no idea what you mean by "Handshake bech32 address"

Ideally you should be able to run a command that recursively checks everything in your ~/.ssh directory instead of trying to figure out what you want.

[pinheadmz]

This is really bad in my opinion. You should be able to validate with your GitHub account, which still exists.

This would require the protocol to verify data on GitHub, a centralized service that exists outside the blockchain. This means GitHub could sweep the entire airdrop, roughly 50% of the entire HNS coin supply. I suppose we could allow some kind of complicated https-proof from github.com and verify it on chain, but that would be very complicated (although I do concede that this is essentially the same risk we take with ICANN and the reserved name claim process -- but we have more checks in place for this like a 30-day lockout and "simple" DNSSEC chain proofs). What you're suggesting would require a hard fork, and potentially make the airdrop unlimited forever. Also - the fact that "the cat is out of the bag" means that GitHub users could easily cheat by spawning fake accounts to give themselves enough followers. Even if you rotate your keys you should still have backups of your old keys. As time goes on, I think you are right: users will lose their old keys and will not be able to claim the airdrop. That's part of the design.

Also the instructions on how to run this clearly don't take into account anything simple, there's now yarn lock file, there's no ./bin/hs-airdrop in the instructions

Handshake contributors are developing tools to make the claim process easier:

https://github.com/rithvikvibhu/hs-airdrop-gui

This will hopefully also be merged into Bob Wallet soon.

I think you're right about committing a package-lock file, it couldn't hurt. And the fact that bin... is not specified in the docs could be fixed as well. If you install the package npm install -g then npm will put the hs-airdrop script onto your $PATH. Otherwise, I am glad you were able to figure out that ./bin/ was necessary to run the program.

I have no idea what you mean by "Handshake bech32 address"

This is an example of a Handshake address: hs1qde7jaw6qgzzfu83upn3twvsyhh0zrshg76qe0x

It can be generated by your wallet, where you want the airdrop money to go.

There are more verbose instructions here: https://handshake.org/claim/

Ideally you should be able to run a command that recursively checks everything in your ~/.ssh directory instead of trying to figure out what you want.

This is not a bad idea, although each attempt may take a few minutes and we assume users know which keys they have posted on Github.

I think it would be great if you could write a pull request for the README to update the docs and make the tools more useful for the community. Perhaps the bin file could have an extra option to check for all keys in a given directory. Thank you for your interest! If you are unable to submit these updates, perhaps someone else in the community can eventually.

[jayzalowitz]

1. Also - the fact that "the cat is out of the bag" means that GitHub users could easily cheat by spawning fake accounts to give themselves enough followers. Even if you rotate your keys you should still have backups of your old keys. As time goes on, I think you are right: users will lose their old keys and will not be able to claim the airdrop. That's part of the design. So, the fact that I was unaware that i needed to back up old unused ssh keys for github means i cant participate in an airdrop where I was eligible at the time?

I mean look, its irresponsible to keep a bunch of old keys around, especially if you have them added to an extra instance.

[parkan]

The airdrop snapshot happened 10 days before my SSD failed and I had to rotate in new keys, with no realistic way to recover

I also recall a mechanism where you registered your keys with handshake (I believe it was here: https://web.archive.org/web/20181001041019/https://handshake.org/signup), which I went through and everything I saw seemed to suggest that the login information (which I still have in 1pass) would be sufficient to be locked in -- what happened to those accounts?

[pinheadmz]

@parkan If you registered on handshake.org you would have been prompted to use https://github.com/handshake-org/faucet-tool to generate a seed phrase and a receive address, then enter that address into the website. If you did that successfully, your GitHub PGP keys would have been removed form the airdrop and replaced with the "faucet" airdrop. Username/password credentials for handshake.org are useless and have been since mainnet launched. If you still have this seed phrase, you can recover your airdrop coins using hsd or Bob Wallet. If none of this applies to you, then I'm sorry your airdrop will not be recoverable at all.

[parkan]

@pinheadmz thank you, I didn't realize that's how "faucet" is used here since typically it means an open-to-all distribution mechanism for very small drops, I do have the seed phrase :+1:

EDIT: can see my tokens in Bob, cheers

[handshake-enthusiast]

@jayzalowitz I see your frustration, especially considering you posted on a day when $HNS was at it's ATH 😃 Though I don't get the downvotes – as I see none of the downvoters contributed to Handshake anyhow except leaving their reactions here. Anyway, chances are you still have your old backups somewhere on external disks and can grab your old keys from there 😉