EOS Guardian, an easy-to-use smart contract to protect your EOS account
Following the BankofStaked project, which brings convenience to the community, EOSLaoMao team has built another tool for the community in terms of account security — EOS Guardian. Let’s get started.
Some common user issues
We observed that among the EOS community, users have a variety of questions and appeals when transferring their token:
“How can permissions be used besides voting?”
“Can’t a token transfer have a more personalized design?”
“I want to have a 100 EOS daily cap to play gamble game!!!”
“We see too many cases of stolen active/owner keys. Is there a way to limit the amount of funds transferred out? Just in case when I got hacked, I could have some damage control!”
“Can I set daily transfer limit? Can I set different transfer limits for different accounts? for example, I only want to grant a higher limit to my mom’s account?”
“Is there any way to prevent me from transfering to suspicious accounts? I don’t want to have any transactions happening between my accounts and accounts that are labeled as hackers or accounts currently being blacklisted in ECAF orders.”
and many more.
These are the common concerns and questions that many people have when transferring token.
Design Principles of EOS Guardian
Currently, EOS users generally use their active permissions for daily transfers, which is pretty risky from a security perspective. If their active key is stolen, leaked or hacked, the asset in their account can theoretically be transferred away instantly by design. EOS Guardian can reduce the risk of assets loss under above circumstances by making use of EOS account permissions system.
After the user deployed the EOS Guardian to their accounts, they will have features below:
1.safetransfer and safedelegate can be used with safeperm instead of risky active and owner permissions to reduce the frequency of use of high permission such as active and owner permission; From a security perspective, users should use their active or owner permission as less frequent as possible.
2.safetransfer supports customizing transfer limit per transaction and a maximum transfer limit within a certain time period.
3.We encourage users who have deployed EOS Guardian to use the low-risk permission (safeperm) key for daily secure transfer operations. When safeperm key is compromised or stolen, the hacker will not be able to transfer more than the transfer limit within a certain period of time, which is set by user. By doing this, users at least have the chance to do damage control when worst thing happens to their accounts.
How EOS Guardian implement Secure Transfer and Delegation
The EOS Guardian currently consists of two main features — a safe delegate function (safedelegate) and a safe transfer function (safetransfer).
safedelegate feature could eliminate the risk of their EOS being transferred to beneficiary account during the delegation process.
The safetransfer feature allows users to customize in the following scenarios.
First, it supports customizing transfer cap. User can set the limit of every transfer (cap_tx) and the total transfer limit (cap_total) within a certain time duaration(duration).
For example, if there are 1000 EOS in my account, I want to limit the cap to be 500 EOS per week. I only need to set the EOS Guardian’s transfer limit to 7 days, and the transfer limit to 500 EOS to fulfill my need.
In addition, I can also set the limit of every transaction. For example, if I set this limit to 10 EOS/TX, then every time I use the safe transfer function, it will automatically check to make sure the amount of this transfer is no more than 10 EOS. If the check fails, the transfer will be canceled automatically.
Therefore, with these transfer limit feature, users can limit the total amount of funds transferred out given a specific period or every transaction, thus strengthening the security of their account.
The second feature is the whitelist. The setting parameters for this function are similar to the transfer limit above, the only difference is that these settings only apply to specific accounts provided by user. This feature provides the flexibility to meet the need to send large asset to a specific account. For example, in the setting of global transfer limit, I can only transfer 500 EOS in a week, but today I need to transfer 600 EOS to a long-term cooperative business partner. All I need to do it adding the partner’s account to the whitelist, and set a total limit which more than 600 EOS for this account. Then I can transfer 600 EOS to this account, and it will not affect the setting of other accounts. The transfer limit for other accounts is still 500 EOS.
The third feature is the blacklist. Some accounts are best not to have any transactions with them, such as accounts that have been added to the blacklist in ECAF orders, or other accounts that users find suspicious. To avoid making transfers to these accounts, users can add such accounts to the blacklist. If the user accidentally initiates a transfer to the blacklist account via the secure transfer function, the EOS Guardian will automatically cancel it.
The above is the main features of EOS Guardian. Users can update transfer cap, whitelist or blacklist any time they want, which requires active permission for update these settings for security reason.
Technical details of EOS Guardian
See the GitHub content for details.
Get in touch
If you have any questions, please join the EOS Guardian telegram group to communicate with us.
We sincerely hope that EOS Guardian could provide a new way to protect your EOS account.
CPU&NET Resource Leasing：BankofStaked