处理存储在智能合约中的敏感数据的加密
据说,我们有一个分散的应用程序,上面有两个角色:智能合约的部署(管理员)等人(参与者)。为了“玩游戏”(在应用程序中执行一些操作),管理员必须根据他们提供的一些数据首先验证参与者。其中有些必须是公开的,其中有些一定不能。为了更好地说明,我们有以下固体代码段。
// Solidity code
struct Participant{
address participantAddress; // visible to everyone
string name; // should be visible only by admin
string SSN; // social security number-like info, should be visible only by admin
uint team; // the "team" of the participants, visible to everyone
bool hasBeenVerifiedByAdmin; // should be visible to everyone
bool hasPlayed; //should be visible to everyone. Can play only after being verified by admin from the GUI of the app
}
mapping(address=>Participant) public participantsList; //a list of participants
我预测你们中的一些人会说,如果我不希望公开的私人数据,也许您不应该首先将其存储在智能合同中。但是,如果是这样,为了当前的设计,让我们假设这是必要的。
问题是,我应该如何处理?
我的想法是关于端到端加密的,因为坚固性本身没有加密功能。
- 首先,每个参与者都应使用Admin的公钥加密他的敏感数据,因此只有他才能解密它。但是,据我所知,以太坊/区块链中使用的密钥是ECDSA键,而ECDSA是签名算法,而不是加密算法。
- 设置服务器以进行加密目的。但是,我不知道应该如何将密钥分发给参与者和管理员(只能在其公共以太坊地址之后识别)或要使用哪种算法。
Supposedly, we have a decentralized app with two roles: the deployer of the smart contract (the admin) and others (participant). In order to "play the game" (do some actions in the app), admin has to verify participants first based on some data they provide. Some of it must be public, some of it must not. To exemplify better, we have the following Solidity code snippet.
// Solidity code
struct Participant{
address participantAddress; // visible to everyone
string name; // should be visible only by admin
string SSN; // social security number-like info, should be visible only by admin
uint team; // the "team" of the participants, visible to everyone
bool hasBeenVerifiedByAdmin; // should be visible to everyone
bool hasPlayed; //should be visible to everyone. Can play only after being verified by admin from the GUI of the app
}
mapping(address=>Participant) public participantsList; //a list of participants
I predict some of you will say that if I don't want private data out in the open, perhaps you should not store it in a smart contract in the first place. But if that's the case, for the sake of the current design, let's assume this is necessary.
The question is, then, how should I handle this?
My ideas were about end to end encryption, since Solidity has no encryption capabilities on its own.
- At first, every participant should encrypt his sensitive data with admin's public key, so only he can decrypt it. However, as far as I know, the keys used in Ethereum/Blockchain are ECDSA keys and ECDSA is a signing algorithm, not an encryption one.
- Set up a server for encryption purposes. However, I have no idea how keys should be distributed to participants and admin (who can only be identified after their public Ethereum address) or which algorithm to use.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
链上存储私人数据是不可能的。即使使用
私有修饰符仍然允许矿工查看存储在结构中的数据。这是唯一可能的方法是将所有者的以太坊帐户的公钥作为合同的公共财产。然后,可以使用该公共密钥对相关数据进行加密,并使用所有者的私钥进行解密。
无论如何,我不会使用以太坊。由于这是一个完全集中的应用程序,因此您最好自己托管。
It is impossible to store private data on-chain. Even using the
privatemodifier still allows miners to view the data stored in the struct.The only way this is possible is to provide the owner's Ethereum account's public key as a public property of the contract. Then, the relevant data can be encrypted using that public key, and be decrypted using the owner's private key.
I wouldn't use Ethereum for this anyway. Since this is a fully centralized application, you're better off hosting it yourself.