A Method for Extending Cryptographic Proof of Ownership Beyond Telos Genesis Accounts

By Douglas Horn

Cryptographic Fallback Protection

EOS and Telos genesis accounts enjoy a special status when it comes to the recovery of lost and stolen keys. These accounts were recorded on the EOS genesis snapshot along with the Ethereum address where the EOS ERC-20 tokens had been stored. Because each of these accounts is tied to an Ethereum address — which is a form of public key — their owners all have a way to cryptographically prove that they were the account owners as of the EOS genesis snapshot. This is a powerful protection that will not only make the recovery of lost and stolen accounts easier through the Telos arbitration system, but most likely quite a bit cheaper as well. However, new accounts do not enjoy this protection. ProveAccount is a very easy method for extending the protection of genesis accounts to any new Telos account.

Figure 1. The EOS genesis snapshot file associates an Ethereum address with each account.

The Telos Launch Group leveraged the ability to prove account ownership using a second keypair in its Key Recovery Program that helped recover over 150 disputed accounts prior to Telos launch. After the first Telos arbitrators election ends on March 15th, the elected arbitrators will have the authority to hear cases and order actions to restore lost accounts. Arbitrators are required to have strong proof of ownership so as to prevent the arbitration process from becoming a possible vector for account theft. Cryptographic proof is preferred, but in the case of lost or stolen accounts, this could not come from the account’s keys themselves. While it is possible for previous sets of keys to be used for stolen accounts that had their keys changed, this is not an option for simple lost keys.

The ProveAccount method allows any account owner to record an association with an Ethereum address (or an address from any blockchain) from their own Telos account. If the account is ever disputed, the arbitrator can quickly check for the existence of this message and if it exists, can request the claimant send a signed cryptographic message from that account using random code words the arbitrator provides to ensure the message is not pre-generated. The arbitrator would then be able to verify that the claimant does indeed control the keys for the associated account. Barring any equally strong cryptographic proof of ownership by the respondent, the arbitrator should be able to render a decision to recover control of the account for the claimant.

There are several advantages to this method:

  • It can be used by any Telos account.
  • Telos account owners can protect their accounts immediately.
  • It requires only a widely available, free tool (Sign/Verify Message).
  • The initial action by the account owner is extremely easy to perform.
  • The verification action by the claimant is nearly as easy.
  • Strong cryptographic proof is assured.
  • A thief would have to acquire two private keys on different chains to foil this method.
  • The time required by the arbitrator to verify ownership would be quite short. Therefore, the cost of arbitration, where the ProveAccount method is used, could conceivably be very low compared to any other arbitration.

This process can be further optimized by designating a single common account to send the message to. I have created the Telos account ‘proveaccount’ for this purpose. A simple smart contract can be deployed on this account to return whatever funds are sent along with the message, making the transaction completely free. This means that users can send a slightly larger amount of TLOS in their transaction (e.g. 1 TLOS) to ensure that the message is not filtered from future history nodes that may not record very low value spam transactions.

The ProveAccount Method step-by-step

To protect a Telos account:

  1. Acquire an Ethereum address and private key using MetaMask, Scatter, or a similar wallet.
  2. Copy the ethereum address.
Figure 2. Copy your Ethereum address from your wallet. Be sure this is an account you control and that you copy the entire address. The account does not need to have any tokens or transactions.

3. In any Telos wallet, send a 1 TLOS transaction from the account to be protected to the account ‘proveaccount’ with the memo text: “This account is owned by the holder of the private key for Ethereum address: {your ethereum address}”

Figure 3. Send 1 TLOS to ‘proveaccount’ with the address in the transfer memo.

4. For maximum certainty, check the transaction on a block explorer five minutes later to ensure it is recorded irreversibly.

Figure 4. Telos transactions become irrevocable after about three minutes. Verify that the transaction is written to an irrevocable block on any block explorer.

The account is now protected.

To verify a protected account:

  1. File for arbitration for the account in question indicating that there is a ProveAccount address registered. (Details available in the Telos Users Guide)
  2. The arbitrator will provide two random words and ask you to send a signed message using those words.
  3. Go to any website that allows signing messages using an ethereum key. (e.g. mycrypto.com)
Figure 5. Use any Ethereum wallet that includes a “Sign & Verify Message” feature.

4. Log in with Scatter, MetaMask, or however your key is stored.

5. Put the arbitrator-provided words into the message box and click Sign Message.

Figure 6. The arbitrator in a case will send two random words.

6. Copy the entire signed message (including the brackets) and send it to the arbitrator.

Figure 7. The message must be copied exactly to be verifiable

7. The arbitrator will use Verify Message to verify it is valid and signed by the account’s private key.

Figure 8. This is an illustration of the Verify Message process that the arbitrator will perform. You could also verify the message prior to sending it to the arbitrator if you choose. The message can be verified any number of times.

This becomes cryptographic evidence in the arbitration case.

Cautions:

This does not remove the need for good key protection practices. Prevention of theft is far better than recovery from it.

  • Store your private keys in a secure and secret place.
  • Ideally, store the private key for the associated ethereum address separately from your Telos keys so that a thief could not physically steal both at once.
  • Have separate owner and active keys for your accounts.
  • Do not import your owner keys except to change your account’s keys and then remove the owner keys from your wallet again.

Anyone who purchases a Telos account from another user should immediately perform the ProveAccount method with their own keys to allow themselves the right to recover the account. If you lose the private key for the associated ethereum account, submit a new ProveAccount transaction to the account. Arbitrators will only consider the most recent ProveAccount message for any given account.

You Can Do This Right Now!

Every Telos user should take a few moments to associate an address with each of their accounts. There’s no reason to wait. The entire process takes only a few minutes and adds another layer of protection to your accounts. Users should also consider performing this process on their genesis accounts as it will give stronger evidence of the owner’s intent to protect their account. Preserve the private keys to the ethereum address as you would any crypto keypairs. If the day should ever arrive when you lose your account keys or your account is stolen, you will have the benefit of a separate cryptographic key associated with it just as the EOS genesis snapshot accounts have.

The Telos block producers, arbitrators, core devs and the rest of the Telos community are dedicated to fulfilling the promise of returning accounts with lost and stolen keys to their rightful owners when there is clear cryptographic proof to substantiate claims. The ProveAccount method is a remarkably simple way to provide a powerful form of cryptographic proof of your ownership claim. This proof should create faster, less expensive, and more certain decisions in account recovery arbitration cases. Of course, each arbitration case is judged on its own merits, but providing arbitrators with this tool will empower them to better work towards just outcomes. Please take a moment to add this protection to your Telos accounts today.

About the author: Douglas Horn is the Telos architect and whitepaper author, and the founder of GoodBlock, a block producer and app developer for the Telos Blockchain Network.

More about GoodBlock can be found at: www.goodblock.io

Join us on Twitter @GoodBlockio

Vote for GoodBlock on the Telos Blockchain Network @goodblocktls