Jump to content

Recommended Posts

I am actually surprised there's only a couple over 10K that go 2 and 4 years in the future, I was expecting to see more of these for some reason.

P.S. Outside of the Ripple-created ones of course.

Share this post


Link to post
Share on other sites
38 minutes ago, Tonnie said:

As known, not only Ripple excrowed XRP, but anyone can do it. But I am amazed by escrowed XRP for over 100 years...why??

Yeah I wonder too. Do they actually think XRP will exist after 100 years?

Share this post


Link to post
Share on other sites
5 minutes ago, Dario_o said:

Does an escrow protect you from hackers who got your wallet seed? Or you only postpone the issue?

I don't know....

Share this post


Link to post
Share on other sites
1 hour ago, Tonnie said:

Hi all,

I had al look at the escrows in place here: https://ledger.exposed/escrow-stats

As known, not only Ripple excrowed XRP, but anyone can do it. But I am amazed by escrowed XRP for over 100 years...why??

Indeed, rL4fPHi2FWGwRGRQSH7gBcxkuo2b9NTjKK is an interesting account

Share this post


Link to post
Share on other sites
1 hour ago, Dario_o said:

Does an escrow protect you from hackers who got your wallet seed? Or you only postpone the issue?

Escrow is not a security measure in that sense, it just shifts the target. You still need to protect the key of the destination account as much as any other key. As soon as an attacker finds out the key of an escrow destination, if they're smart they'll assign a new regular key and disable the master key, which removes your control over the destination wallet, no matter how long until the expiry, then they just have to wait.

If an attacker got the key to your current wallet, and you managed to escrow the funds to a different destination address, and without the ability to cancel the escrow, before the attacker got the XRP, then the funds would be protected. But the same would be accomplished by just sending the XRP directly to another wallet that was not under control of the attacker.

If anything, an escrow transaction for a large amount is like sticking a big target on your XRP, telling attackers that X amount will be sitting here for Y days/years. They know that they definitely have that much time to work out who holds the key and try to hack/phish/beat it out of them. :(

Share this post


Link to post
Share on other sites
Posted (edited)

First you are very careul when typing 5 zeros after the number of XRPs to escrow (your retirementfund all planned out). Then you fatfinger the number of years until escrow finnish making it 100 years instead of 10.

Ah well.

Edited by mandelbaum

Share this post


Link to post
Share on other sites
On 1/4/2019 at 8:08 AM, at3n said:

Escrow is not a security measure in that sense, it just shifts the target. You still need to protect the key of the destination account as much as any other key. As soon as an attacker finds out the key of an escrow destination, if they're smart they'll assign a new regular key and disable the master key, which removes your control over the destination wallet, no matter how long until the expiry, then they just have to wait.

If an attacker got the key to your current wallet, and you managed to escrow the funds to a different destination address, and without the ability to cancel the escrow, before the attacker got the XRP, then the funds would be protected. But the same would be accomplished by just sending the XRP directly to another wallet that was not under control of the attacker.

If anything, an escrow transaction for a large amount is like sticking a big target on your XRP, telling attackers that X amount will be sitting here for Y days/years. They know that they definitely have that much time to work out who holds the key and try to hack/phish/beat it out of them. :(

Counterpoint: If, during that amount of time, you realize that an attacker has gained control of your destination account and changed the key, you have that much time to take legal action to regain control of the account. Assuming the attacker doesn't blackhole the account (changing it to a key they don't know) you may have a while for the legal gears of justice to grind and return control of the account to you. B)

Share this post


Link to post
Share on other sites

×
×
  • Create New...