Telos Lost and Compromised Account Key-swap Process
(Update: This program is now closed.)
Many EOS token-holders listed on the EOS genesis snapshot encountered problems with their tokens that leave their accounts, as listed on the EOS genesis snapshot, outside of their immediate control due to lost or compromised account keys. Unless steps are taken by the Telos Launch Group (TLG), these owners will not be able to benefit from ownership of their Telos accounts. This is clearly not our intent as a group. Therefore, we must act to rectify this.
Acting With Caution
Any action the TLG takes to address this problem introduces a new opportunity for people to attempt to claim the accounts of others. Since we cannot assume that all EOS snapshot holders will monitor our efforts to publicize key changes, we must set a high bar of proof for any actions we take. That high bar is some form of cryptographic proof of ownership at or before the ERC-20 snapshot.
Technically, the ERC-20 genesis snapshot of EOS captured 4 fields for each entry:
- The ethereum address
- The EOS public key (derived from a private key) registered to the account
- The generated name of the EOS account
- The amount of EOS held by the account
The ability to send cryptographic messages from the accounts listed here (ethereum or EOS) or the ethereum account that purchased EOS ERC-20 tokens that went unregistered allows many forms of lost, compromised, or unregistered private keys to be cryptographically verified and therefore changed. Telos is in the fortunate position of only needing to verify a connection between the original ethereum account that registered the EOS ERC-20 tokens, without needing to be concerned with any subsequent actions on the EOS blockchain. This significantly eases the burden of validating account ownership.
Cryptographically Verified Re-keying Process
Any EOS genesis snapshot owner who wishes to replace their account keys due to loss or theft may send an encrypted message from the original ethereum account listed on the EOS genesis snapshot with the following message:
As the cryptographically verified owner of ethereum address listed below (“Ethereum Address”), I attest that I did own the EOS tokens listed on the EOS ERC-20 snapshot associated with this address and that I hereby request that the public key for my account be changed to the new EOS public key below (“New EOS Public Key”) or the Telos Network address equivalent for my corresponding account on the Telos Network. I agree to release the Telos Network and its Members as well as the members of any blockchain project that may subsequently use this same value snapshot in the future from any claim arising from this request. The cryptographic signature of this document constitutes my legal digital signature in all jurisdictions.
Ethereum Address: (e.g. 0x1234556789abcfdef0)
New EOS Public Key: (e.g. EOS5varf2421c5a58v1a6qaa49)
The process above should adequately address all forms of lost and compromised private keys. We intend to host an application interface on the Telos Foundation website to explain and guide those with lost keys through this process simply. We are already engaging ombudsmen who have experienced the lost and compromised key process to aid and assist any who require help in replacing lost or compromised keys.
This leaves two remaining classes of ERC-20 EOS purchasers who are not currently reflected on the EOS ERC-20 snapshot.
Some EOS owners did not register their purchased tokens as required. There are many possible valid reasons this registration may not have occurred and it is not the place of the Telos Launch Group to investigate or determine the reason why registration did not occur. The Telos Network will seek to provide an adequate account for any previously unregistered account that may cryptographically prove ownership of an account in question and provide TLOS tokens commensurate with the unregistered amount when possible.
The “Fallback method” allows Ethereum owners to turn their ethereum private keys into EOS keys. Telos supports this method and will provide further information on how to reclaim keys. It involves having account owners extract the private keys for their Ethereum address and entering them into an offline wallet to derive new EOSIO private keys that may be used to claim their accounts. Due to the high level of caution necessary whenever private keys are exposed, the Telos Launch Group will provide an information page on its primary website that includes links to offline tools for creating the necessary EOSIO private keys to claim a previously unregistered account.
Some registered accounts did not meet the 1.0 EOS threshold required to be included on the EOS ERC-20 snapshot. The 1.0 EOS threshold was decided by those launching the EOS network and there is some dispute over whether the 1.0 EOS amount was well publicized or if a threshold of 0.1 EOS was once published. The Telos network intends to rectify this situation by recognizing the approximately 16,000 “dust” accounts between 0.01–0.9999 EOS and increasing their values to the 1.0 TLOS value required to be credited to the network. The approximate cost of this is 8,000 TLOS which shall be borne by the Telos Foundation endowment, pending a vote by TFVT members. This vote will happen as soon as possible following the initial distribution of Telos Foundation Voting Tokens.
Telos “Genesis” Snapshot
It is the intent of the Telos Network to provide a “Telos Genesis Snapshot” for the Telos Network and any future projects that choose to use it, that includes account keys for all EOS genesis accounts who elect to replace their keys due to loss or compromise, as well as all verified “unregistered” accounts and all “dust” accounts from 0.01–0.9999 EOS caught up to 1.0 TLOS. As this prevents future projects from reproducing the effort required to validate these accounts, we expect that such future forks of EOS/Telos may adopt this snapshot. Therefore, we advise all who have changed their keys to retain these private keys into the future in order to derive additional value from future blockchain projects. There should be no expectation that such projects, having been provided by the Telos Network with an exhaustive and newly verified snapshot, will ever independently recreate this work.
More details on the Telos Foundation website at https://telosfoundation.io/recovery
Join the Telos conversation!