Forced delayed operation
4.3 Forced delayed operation
Time is a key component of safety. In most cases, it is impossible to know whether the private key has been stolen until it is used. Time-based security mechanisms are more important when people use certain applications, because these applications need to store the keys on the Internet-connected computers they use daily. After the message is included in the block, EOS.IO software supports application developers to specify that certain messages must wait a short period of time before being applied, during which time the operation can be cancelled.
When such messages are broadcast, users can receive corresponding notifications via email or SMS. If the user is not authorized, then they can log in to the account to restore account data and withdraw the message.
The required delay depends on the sensitivity of the operation. Payment for a cup of coffee can be confirmed within a few seconds without delay and is irrevocable, while buying a house may require a 72-hour liquidation cycle. It may take 30 days to transfer the entire account to the new user. The specific delay depends on the application developer and user.
4.4 Recovery of stolen keys
EOS.IO software provides users with a way to restore control of their accounts when the keys are stolen. The account owner can use any approved account that has been active in the past 30 days to restore the partner’s key and reset the owner’s key on the account. Without the cooperation of the account owner, account recovery partners cannot reset account control.
For the hacker, because he has "control" the account, there is no gain in trying to perform the recovery process. In addition, if the hacker performs the recovery process, the recovery partner may require identity authentication and multi-factor authentication (phone and email). This may expose the identity of the hacker, or the hacker will gain nothing during the recovery process.
This process is also very different from simple multi-signature transactions. Through a multi-signature transaction, another entity becomes the party to each transaction. In contrast, through the recovery process, recovery partners only participate in the recovery process and have no right to participate in daily transactions. This greatly reduces the costs and legal liabilities of all participants.