Multi-signing and disable masterKey

[jetbrzzz]

I was going through the ledger looking at how Ripple.com sets up their accounts.  Many of their accounts have 4 of 8 signatures required and master key disabled.   Hypothetically, if the first four signers were all compromised, the original owners could still use the last four signers (5-8) to change signers 1-4.  In this rare event, what's to stop thieves with signers 1-4 from removing/altering signers 5-8, essentially locking out the original owners completely?

I speculate that they have signers 5-8 locked up in safes somewhere as a backup last resort and a 50% quorum so that they could 'save' the account in the event of 1-3 of the 'active' signers being compromised.

As I understand it, once the master key is disabled and multi-sign is the only way to transact, there is no way to re-instate the master key ever. I've been looking through xrpl.org but there's zero mention of recovering a master key once it's disabled. Is this accurate?

[jn_r]

4 hours ago, jetbrzzz said:

As I understand it, once the master key is disabled and multi-sign is the only way to transact, there is no way to re-instate the master key ever. I've been looking through xrpl.org but there's zero mention of recovering a master key once it's disabled. Is this accurate?

That's not correct. You can re-enable the master key, as is mentioned here. In case your account requires multiple signers (4 out of 8 in this case) then it requires at least 4 signers to authorize the 're-enabling' transaction.

A nice way to play around with it is via https://ripplerm.github.io/ripple-wallet/, choose test-net and get funded accounts via the faucet

Edited August 23, 2020 by jn_r

[jetbrzzz]

7 hours ago, jn_r said:

That's not correct. You can re-enable the master key, as is mentioned here. In case your account requires multiple signers (4 out of 8 in this case) then it requires at least 4 signers to authorize the 're-enabling' transaction.

A nice way to play around with it is via https://ripplerm.github.io/ripple-wallet/, choose test-net and get funded accounts via the faucet

That's a cool GUI, beats messing around in the commandline.  Bookmarked.

I'd rather brick an account now on testnet and learn why rather than down the road by accident.

I found the answer in another post after a couple hops, signed transaction with ' "ClearFlag":4, ' re-enables the master key.  Thanks for the lead. 

 

[Reemy]

hey guys, I've imported my paper xrp wallet to GateHub. Then I have purchased the wallet protection which automatically disables the master key and apply multi signing instead.  During this process there was a glitch and apparently it disabled all three option for signing a transaction. Multi signing, Master key and Regular key were all disabled. Any ideas what to do? I cannot use the funds. Below is a picture taken from Gatehub to demonstrate it. 

Thanks

[brianwalden]

I think you need to go through Gatehub's customer service if it happened while you were activating one of their services. If they really made the wallet impossible to use, I would think they would owe you the funds it contained.

[Reemy]

Yes I agree 

it is kinda outrageous I  was trying to sell my XRP three days ago at 1.78$ And was planning on repurchasing it at around $1.30. My speculation worked perfectly since today it is down 50 cents however my account is still locked since Thursday and customer service didn’t respond to my emails.

in an ideal world they should compensate me for the loss as well...