-
Notifications
You must be signed in to change notification settings - Fork 216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhancing Permission Security in Tron #676
Comments
Very valuable point, but I have some different views on the scope of private key permissions: Problem 1: From the perspective of general multi-signature usage scenarios, if an address is a multi-signature account, it will not be allowed for an administrator address to skip multi-signatures and directly manipulate the address. I personally think that the first problem is not in line with the spirit of decentralization and blockchain. Considering that users may indeed lose their permissions without knowing it, an optimization solution that can be considered is to emphasize transactions involving permission changes through the wallet UI so that users understand the risks of each operation. Problem 2: I understand that it is also a general multi-signature usage scenario, and even multi-signature addresses on other chains will also face the problem of permission delegation. The workflow of TRON's multi-signature can be simply understood as TRON abstracting a |
@zonanaza There are pros and cons. If the private key holder has the final power to revoke any permissions, if the private key is stolen, the assets will be lost. |
@zonanaza I completely agree with your point about the problems caused by losing permissions, and I am also thinking about it. Strengthening the private key holder was once an idea that I thought of, but I quickly rejected it. It just involves more problems and none of block chain multi-signature method allow this. |
Add permission for a limited period, e.g. 1 year by default? |
Context: The increasing number of phishing attacks through cloned websites offering fake airdrops or rewards is compromising the security of Tron accounts. Users unknowingly delegate full control of their accounts to malicious actors by signing transactions, losing control despite still holding the private keys.
Problem: Currently, when the Owner permission is delegated to another account, the original private key holder cannot recover control. This issue not only impacts individual users targeted by scams but also affects businesses using multisignature systems. If an employee with critical permissions leaves the company, the original account owner cannot revoke those permissions, leaving the account vulnerable.
Practical Examples:
Phishing Attacks: A user signs a transaction to claim an airdrop but unknowingly delegates the Owner permission to a fraudulent account, losing access to their account.
Business Management: In a multisignature setup, if an employee leaves and has delegated permissions, the account remains exposed if those permissions cannot be revoked.
Proposed Improvement: Introduce a feature allowing the private key holder to reverse any permission updates, including the Owner permission. This would ensure that the legitimate account owner retains ultimate control over the account.
Justification:
User Security: Protect users from phishing scams and frauds that could result in the loss of control over their accounts.
Business Flexibility: Enable businesses to manage multisignature systems more efficiently, maintaining control over permissions even in case of personnel changes.
Increased Trust in Tron: Strengthening control over permissions will enhance the platform’s security and boost user confidence, making Tron more resilient against attacks.
Conclusion: The private key holder must have the ultimate authority to revoke any permission, ensuring they always retain full control of the account. This improvement would protect users from phishing attacks and enhance overall security for assets managed in Tron, offering more effective and secure account management.
The text was updated successfully, but these errors were encountered: