I noticed that the near top level account on NEAR MainNet has got this access key associated with it:
{
"public_key": "ed25519:5zset1JX4qp4PcR3N9KDSY6ATdgkrbBW5wFBGWC4ZjnU",
"access_key": {
"nonce": 1568,
"permission": "FullAccess"
}
}
This key is hard-coded in the genesis.
From what I understand, this effectively means that an entity in possession of the corresponding private key may at any time delete any account that has its ID ending with .near, transferring all funds from that account wherever they choose. This includes all accounts created via the official NEAR web wallet or by otherwise calling near.create_account().
I'd like to know if my understanding is correct, whether this is absolutely required for the network to function or not, and what security implications this might have for a typical user.
I'm pretty sure you cannot affect a subaccount from the parent like this. If someone deletes the near account, your account would not be affected. and unless the near account itself is holding a FullAccess key to subaccounts, it doesn't control them
This would also be easy to test. On TestNet try creating a subaccount and deleting it from the parent. If you don't have a FullAccess key to an account then your DeleteAccount action will be rejected by the network.