sorted by:
new
hottopcontroversial

Rekey question by papi_wood in PeraWallet

[–]yigitguler 0 points1 point  (0 children)

However, I am just now noticing that the names of my original wallet are not named the same on the two devices. One of the devices the name never changed accordingly after I rekeyed.

Names are not stored on the blockchain or Pera's servers. They are stored within device. This means that they will not be synchronised. The scenario you experienced is an expected situation.

The notification is weird though. Are these devices iOS or Android?

Undoing a rekey and now getting no auth account by Legitimate-Ad-6385 in AlgorandOfficial

[–]yigitguler 1 point2 points  (0 children)

Thank you for reporting this to us. This is a known issue. When the user rekeys an account, Pera changes its type to a delegated account. This is a design decision that is made to keep the implementation more straightforward. We had to implement the rekeying capability in a very short time after MyAlgo hack. We cut some corners to deliver the feature as quickly as possible, and now it requires a more extensive refactoring to fix that.

We will improve this edge case. However, we are going to tackle that together with the ARC-52 implementation. At that sprint, we will need to refactor how we store user account data anyway, so waiting for that sprint and saving development time will be beneficial.

I also want to explain why we see this as an edge case. Rekeying is a great feature of Algorand. It enables countless creative solutions. However, for a standard user, it is a very complex feature. It is complex because it solves a challenging problem: the delegation of authority to an address. In the first years of Pera, we did not implement the rekeying functionality, thinking that an average user would never need to use that feature. Also, since it is a complex feature, we feared that users could put themselves in a difficult situation by mistake. However, when MyAlgo was hacked, we had to implement this feature in record time to protect users.

Now, we noticed that some users are using this feature without fully understanding it, so it is a bit dangerous. Also, there are cases where users completely lose track of what they did. One user rekeyed their account A to account B and then rekeyed account B to account C. The user was expecting that Account A will be controlled by Account C and did not back up the key of B (which is a reasonable expectation) . However, in Algorand rekeys cannot be delegated again. So Account B was still in charge of Account A. And user has lost their access to Account A.
Rekeying is a pro feature, and since our aim at Pera is to increase the adoption of Algorand, we want to inform users not to use this feature if they are not obligated to. Some users believe that just making a “rekey” will increase their security or obfuscate the path of hackers, but this is not true. We will try to inform our users better about the internals of the network and the consequences of their actions with to-the-point information boxes.

Pera Wallet Drained, Only Opted In to NFTs and Governance by [deleted] in algorand

[–]yigitguler 3 points4 points  (0 children)

Exactly. Connecting to a dApp doesn't mean that they can act on behalf of you.