Jump to content
Zerping

Re-keying ripple account

Recommended Posts

I've seen a post by @JoelKatz saying ripple accounts support re-keying. I assume that means keeping my public key but changing the private key. What's the simplest way to do it? Does any wallet software support this?

Share this post


Link to post
Share on other sites
8 hours ago, Zerping said:

I've seen a post by @JoelKatz saying ripple accounts support re-keying. I assume that means keeping my public key but changing the private key. What's the simplest way to do it? Does any wallet software support this?

https://ripple.com/build/transactions/#setregularkey

AFAIK there is no wallet supporting it.

Share this post


Link to post
Share on other sites
5 hours ago, ChrisW said:

This wallet supports rekeying: https://jatchili.github.io/minimalist-ripple-client/.  I’ve used it to rekey accounts.

Actually also: https://www.theworldexchange.net/ and http://ripplerm.github.io/ripple-wallet/

But be very careful! You can lose all the funds.

Edited by tulo

Share this post


Link to post
Share on other sites

This topic needs more explanation and should be pinned, warned for all new users.  The old minimalist client (which I highly discourage using as it's using old Ripple code from 2014) should never be used for re-keying.  It disables your master key and assigns the regular key to a new random Ripple address to do this, but the new secret key it gives you does not conform to the modern Ripple format (it doesn't start with "s").  I tested this with my wallet rw5pBaMLY29Vxfw9jigPAczSdt3CsLfCqD and the secret key is now 3PZNzN..., which isn't usable anywhere.  I had trouble trying to login to the account even using the minimalist client itself.

My site https://www.theworldexchange.net doesn't allow re-keying in one click (it's dangerous imo).  You have to first assign a regular key in Advanced Settings, which now gives you two secret keys that can login to your account.  Only if you then disable the Master Key (again under Advanced Settings) does this effectively equate to having changed your secret key completely, but even then you can just uncheck the disable master key to bring the account back again.

I'm not sure what other wallets do with this feature, but I highly disagree with the idea of and discourage using any one-click rekeying.  It's a multi-step process in the code itself, and if any part fails, you lose your entire wallet.

So in short, there is no "rekeying" - there is adding an extra secret key using setRegularKey and the ability to disable the original key using disableMasterKey, but these are two separate steps that you really should be walking through one at a time.

If you really wanted a new wallet w/ new secret key, it's better to just create a new wallet.

Edited by pftq

Share this post


Link to post
Share on other sites
20 minutes ago, pftq said:

If you really wanted a new wallet w/ new secret key, it's better to just create a new wallet.

I agree with your statement except for the quoted part. No, if you want to have a new secret key, you should definitely re-use wallets instead of creating a new object on the ledger. It is cheaper and just as secure.

Share this post


Link to post
Share on other sites
1 minute ago, Sukrim said:

No, if you want to have a new secret key, you should definitely re-use wallets instead of creating a new object on the ledger. It is cheaper and just as secure.

As he explained and I understood it does not work at all. So my conclusion was that you should just create a new account and be done. Interesting would be to know if you can completely delete an existing account. 

Share this post


Link to post
Share on other sites

The way wallets work, there is no such thing as deleting a wallet.  Each time you create a wallet, what's really happening is that you are assigned randomly a wallet.  In other words, all wallets that can exist already exist and you are randomly being assigned one.

If you're worried about the cost of spending 20 XRP to open a new wallet, then yes, there's not as much at risk should you accidentally lose the wallet entirely.  However, if you are holding thousands of XRP, I'd rather spend 20 XRP to just open a new wallet and not worry if I accidentally lost everything.  Of course, this is all a matter of opinion on what you see as being more risky.

Edited by pftq

Share this post


Link to post
Share on other sites
40 minutes ago, xh3b4sd said:

As he explained and I understood it does not work at all.

It works very well and is not more difficult or more risky than funding a new wallet. It is just that the jatchili wallet is doing both steps that would be required at once which has potential issues and which shouldn't be done in that way (and I agree with this).

If you register a new keypair with an existing wallet or fund it independently does not increase or decrease any risks.

Share this post


Link to post
Share on other sites

Yeah the setRegularKey and disableMasterKey functionalities on Ripple work fine on a technical level.  I think we're talking about two different things.  I wouldn't trust new or non-technical users to try and go through these steps, so the risk I'm defining is user error, not that the code on Ripple doesn't work.  The op said what is the simplest way, and unfortunately it is not a simple process (any mis-step and you literally lose all your funds, which in my opinion is not acceptable a risk).

Edited by pftq

Share this post


Link to post
Share on other sites
2 minutes ago, pftq said:

Yeah the setRegularKey and disableMasterKey functionalities on Ripple work fine on a technical level.  I think we're talking about two different things.  I wouldn't trust new or non-technical users to try and go through these steps, so the risk I'm defining is user error, not that the code on Ripple doesn't work.

Exactly.

A simple example: you send a setRegularKey and you get tesSUCCESS. You think that the transaction went through but it fails consensus. You now disable master key because you think the new key was successfully set --> you lose access to the funds. 

Edited by tulo

Share this post


Link to post
Share on other sites
5 minutes ago, tulo said:

A simple example: you send a setRegularKey and you get tesSUCCESS. You think that the transaction went through but it fails consensus. You now disable master key because you think the new key was successfully set --> you lose access to the funds. 

Impossible. It would only work if the first transaction actually made it into the ledger: https://ripple.com/build/transactions/#accountset-flags

Quote

Disallow use of the master key. Can only be enabled if the account has configured another way to sign transactions, such as a Regular Key or a Signer List.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...