Answer the question
In order to leave comments, you need to log in
How to transfer a password through the Ethereum blockchain?
Hello.
Initial data:
0. there are several encrypted files that are in the public domain (anyone can download);
1. The user has downloaded the file and now the user has an encrypted file with data PRODUCT_ID.gpg;
2. the password from PRODUCT_ID.gpg is stored on the remote server;
3. no one, except the administrator, should know the server that sent the password from the file;
4. There is no possibility to encrypt the same file two or more times. The file is encrypted once and sent to the public.
There is an idea to use the Ethereum blockchain.
I did not fully master the mechanics of transferring the password, but a preliminary scheme was born.
A hole that is on the surface: you can track events from two contracts. From the first get PRODUCT_ID from the second PASSWORD and make a list for all files PRODUCT_ID:PASSWORD
Terms:
WALLET - user's wallet;
PRODUCT_ID - a unique file identifier (using it the server will understand from which file the password should be returned);
PASSWORD - plain text (I'm not talking about encryption yet, because not everything is clear).
USER is a desktop program on the user's PC for interacting with the blockchain.
SERVER - a regular dedicated server with a password database and its own wallet for transactions.
The user makes a transaction in smart contract #1.
The PRODUCT_ID is passed in the transaction.
An event is generated that a transaction has passed.
The server reads this event and receives: the product number and wallet of the person who requested the password.
The server finds the password from the file for the given PRODUCT_ID in the local database and makes a transaction (0 ETH, data: password, wallet) into contract #2.
The PRODUCT_ID is not passed in the transaction, because the user is already expecting a password from a specific PRODUCT_ID.
The user obtains the password by monitoring an event in contract 2 and decrypts the file.
Or, alternatively, the server can make a transaction with a password (0 ETH, data: password, wallet) directly to the user's wallet. Then the program simply counts the transaction from the user's wallet.
Colleagues, I will be glad to criticism, ideas, advice.
Answer the question
In order to leave comments, you need to log in
Look in the direction of enigma this is a sidechain for the ether, maybe it will do. And on the air there is whisper - private messaging.
Everything contracts work with is public, you can't hide anything on the blockchain.
It is possible to somehow use homomorphic encryption, I don’t know, this area is still poorly used in cryptoeconomics (zcash).
I don’t understand why you need to store passwords publicly (even if encrypted) if you have a server (in the terminology of contracts, this is an oracle) that sends these passwords somewhere. Is it possible to store it secretly on the server?
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question