RE: Introducing Hive Account Recovery

So many questions on this...

It was my understanding that the <30 day old owner key was actually required by base layer consensus to perform recovery.
No?

Also, if someone has stolen your account and changed your keys, doesn't that mean they already know your old memo key? Can't you generate the memo key with the owner key?

I guess I'm still not understanding how the recovery account is unable to steal the account.

the <30 day old owner key was actually required by base layer consensus to perform recovery.

Yes, you need a password or private owner key that was valid less than 30 days ago to confirm the request_account_recovery initiated bu the trustee.

Can't you generate the memo key with the owner key?

No, you need the password to regenerate keys

I'm still not understanding how the recovery account is unable to steal the account.

Because

you never provide any password or private key to the recovery account
you have to confirm the recovery request initiated by the recovery account.

But,

if the recovery account is malicious and is colluding with an attacker that has stolen your private owner key then it is possible for them to gain full control of your account, i.e. to change the account password.

One more reason to carefully choose your recovery account.