Jump to content

help with sending XRP


duricko
 Share

Recommended Posts

Relating to the matter, I was always wondering, how Gatehub rekeyed my Master Key (and not only mine, all accounts i guess) after the hack, when in my transactions it never says that Master Key was disabled, so how did they rekey them then? but i do remember receiving a different private key, with the same public key as before the hack........:dthinking:

 

 

 

Link to comment
Share on other sites

44 minutes ago, joe91 said:

Relating to the matter, I was always wondering, how Gatehub rekeyed my Master Key (and not only mine, all accounts i guess) after the hack, when in my transactions it never says that Master Key was disabled, so how did they rekey them then? but i do remember receiving a different private key, with the same public key as before the hack........:dthinking:

Not all XRP accounts on Gatehub got re-keyed, although possibly all accounts had their Gatehub encryption key changed, this may be what you're remembering. You would have been given a new recovery phrase, but this only secures your Gatehub account, not the XRP accounts themselves.

If there was no AccountSet transaction, setting the asfDisableMaster flag, then the master key was not disabled.

Edited by at3n
Link to comment
Share on other sites

2 hours ago, at3n said:

Not all XRP accounts on Gatehub got re-keyed, although possibly all accounts had their Gatehub encryption key changed, this may be what you're remembering. You would have been given a new recovery phrase, but this only secures your Gatehub account, not the XRP accounts themselves.

If there was no AccountSet transaction, setting the asfDisableMaster flag, then the master key was not disabled.

Strange, if my memory not totally gone, i can swear, they re-keyed, and gave me a new private, but master was not disabled in my transactions history; but now, when you explained the topic, i start to doubt, what exactly they re-keyed?!...... (it can also help answer the question, what is exactly was hacked on their end......:JC_thinking:)

Link to comment
Share on other sites

20 hours ago, juanrpz said:

Only in paper

I'm not sure I can help much more,

Have you tried importing the 12 words into another app (for example, XUMM), just in case it's a bug with the Coinbase Wallet app?

If the master key is actually disabled, then it means that someone or some other app got access to your 12 words, and disabled it. Either someone saw the 12 words written down, or perhaps the Coinbase app did not store the account key securely and it was hacked (I have no reason to think that this is the case).

 

If you look up your XRP account address on bithomp.com , it will tell you in the "Information" panel if there is a Regular Key set. If there is, you could look at the transactions of the Regular Key account, and see if it is also the regular key for many other accounts? This may confirm that it's an account that has "stolen" many other wallets also.

If you recognise the regular key as another account that belongs to you, then you will be able to use that account to re-enable the master key. If you would like to send me a private message with your XRP address, I can help you check all this, if you'd like.

 

If Coinbase offers support for the Wallet app, you may as well contact them in case they can give you any information.

Link to comment
Share on other sites

19 hours ago, joe91 said:

(it can also help answer the question, what is exactly was hacked on their end......:JC_thinking:)

According to all of the sources that I've seen, API authentication tokens were hacked, which allowed the hackers to act as logged-in users to retrieve certain data from Gatehub, including encrypted secret keys.

Apparently the hackers were able to decrypt some of the secret keys. I never found out how.

Gatehub knew which wallets had their encrypted keys accessed, so they rekeyed those accounts.

Link to comment
Share on other sites

3 hours ago, at3n said:

According to all of the sources that I've seen, API authentication tokens were hacked, which allowed the hackers to act as logged-in users to retrieve certain data from Gatehub, including encrypted secret keys.

Apparently the hackers were able to decrypt some of the secret keys. I never found out how.

Gatehub knew which wallets had their encrypted keys accessed, so they rekeyed those accounts.

Ye, probably so, i am not too good on deep info, but from my view, they leaked password/signing to private keys, so hackers brute forced the weak passwords, and got privates, or something; to play safe, they had to 'rekey' all accounts, meaning passwords changed, recovery passwords changed, algorithm changed to how they sign transactions.... i don't know, i am just guessing! 

Your version probably makes more sense! I just hope, they do not screw up again; for the sake of all users that choose to be their customers in the future! :unsure:

Link to comment
Share on other sites

  • 2 weeks later...
On 11/24/2021 at 2:50 AM, at3n said:

I'm not sure I can help much more,

Have you tried importing the 12 words into another app (for example, XUMM), just in case it's a bug with the Coinbase Wallet app?

If the master key is actually disabled, then it means that someone or some other app got access to your 12 words, and disabled it. Either someone saw the 12 words written down, or perhaps the Coinbase app did not store the account key securely and it was hacked (I have no reason to think that this is the case).

 

If you look up your XRP account address on bithomp.com , it will tell you in the "Information" panel if there is a Regular Key set. If there is, you could look at the transactions of the Regular Key account, and see if it is also the regular key for many other accounts? This may confirm that it's an account that has "stolen" many other wallets also.

If you recognise the regular key as another account that belongs to you, then you will be able to use that account to re-enable the master key. If you would like to send me a private message with your XRP address, I can help you check all this, if you'd like.

 

If Coinbase offers support for the Wallet app, you may as well contact them in case they can give you any information.

Hi. How can I PM you? Would like to ask some questions, if possible, about my hacked account. If you don't mind. Thanks.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.