Now that the easy EOS wallets are beginning to emerge (see my previous article on EOS Lynx), I wanted to add a small tutorial how to create a second EOS key pair to your new (Lynx) account.
Although these wallets should be pretty safe to begin with, EOS is still early stage and every new wallet is bound to be under attack sooner or later and hackers may try to get hold of your precious coins. So it is important that you activate one of the peculiar but very valuable features of EOS; the option to destroy an active public key using a second OWNER key and revoke illicit transactions to recover your funds. I believe the window of opportunity to correct this is a couple of days. But before you can do this you must have that second key pair connected to your new account.
You need the following tools:
- Scatter (Chrome extension)
- a password manager that can work off-line or a text editor.
- your Lynx account name (the 12 character validated EOS account name) and public key
- disconnect your computer from the internet
- in Scatter, open KeyPairs and press the New button at the top
- enter your Lynx private key in Scatter and your new Lynx account name
- press the button Generate Key Pairs
- the public key will be generated, press Save and then the Copy button in Scatter
- both the public and private key will now be on your clipboard
- save this to your password manager or paste in a text editor
- go back to Scatter and press the New button again
- generate a NEW OWNER key pair, copy and safe that to your password manager or text editor
- print your text editor file to paper and store it, or backup your pw manager file.
- note there is no need to save this 2nd pair in Scatter.
Reconnect your computer to the internet
- now go back to the Main menu in Scatter and click on Identities
- start a NEW identity and select EOS mainnet
- enter your Lynx account name and press the IMPORT button
- in the next popup, you will get 2 options:
- select the OWNER account and press the button to Use Selected Account, no need to fill any more details now
- press the Save button. This will create a random identity (e.g. RandomRagdoll3886844)
You need to understand that at this point, both the active and the owner public keys are still the same for your Lynx account and you are going to replace the owner key with a NEW OWNER key. This is something you can verify in EOStoolkit when you select Find Account and enter your account name. It will give a summary of your token holdings for that account but there is a small link further down that says Show JSON. This will reveal a code snippet and when you scroll down a bit you will see 2 fairly long “key” strings that should still be exactly the same. We are going to change that now.
Scatter Popup when attaching an account in EOStoolkit.
- go to EOStoolkit and press the button on the left to Attach Account
- this should trigger a popup from Scatter and select the random identity that was just created
- make sure that this is indeed the [email protected]owner and press Accept
- open Manage Permissions in the Toolkit menu side bar
- copy the ACTIVE PUBLIC key and the OWNER PUBLIC key from you password manager or text file and paste them in the appropriate fields
- press UPDATE, and check carefully in the next popup if the correct Scatter account is selected
- confirm transaction (there is NO undo, so make sure all is OK or you risk losing your funds).
- You will get a network Tx confirmation that the change was processed
You can now use “Find Accounts” again and click to Show JSON. Scroll down and you should now see 2 public keys that are DIFFERENT.
Now you only need to update your Scatter Identity. The one you created above can be deleted as it will no longer be used. Add a new Identity: New button, select EOS Mainnet, enter your Lynx account name and NOW select [email protected] and press IMPORT.
Again you will get a random identity name, but this time also add a name that is more meaningful for you and any credentials you want to add. Date of Birth, email, address etc are details that may be used with autofill in the future, e.g. when you are ordering goods paid with your tokens.
You now have the option to change a public key on your account, because you have the owner public key AND your are the ONLY one that has the active and owner PRIVATE keys, you have the power to cancel your original active key. So make sure your keys are stored somewhere safe. Preferably in two different places.
You are on your own here, make sure you follow all steps but versions may change from the steps described here so always be careful. I am not responsible for any misstakes.