Jump to content

Could this be Ripple's bug?

Recommended Posts

On 2/26/2019 at 5:07 AM, rippleJason said:

It turns out you can set regular key to be the same account as yours.

Steps to forever lockup your account

1. AddressA set AddressB as regular key

2. AddressA sets disable master

3. AddressA sets AddressA as regular key

So now AdressA's master key is disabled since step2 and its' regular key is also itself which has been disabled.

I guess during the implementation of this function, there is no mechanism to check the address's account flag should not be set in order to be valid for regular key's role.

For me, it's really difficult to understand, why would it be allowed to set the same wallet address to be your regular key? What would be the logical explanation for this?


I am going to prevent "step 3" from happening in my fork of ripple-client-desktop.


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...