Proof of ownership of a contract

by Eth Dev   Last Updated January 14, 2018 06:28 AM

How would someone be able to prove they own an ethereum contract to another user in a simple way?

If we save a public key in the contract as belonging to the owner of the contract, and then outside the blockchain the user encrypts a specific message with that private key associated to it, and sends it to another person, they can verify the message was encrypted with that token. Is this a secure way to verify the ownership of a contract?

Tags : solidity


Answers 1


It sounds to me like there are two, separable, steps here:

  1. Store in a contract something that indicates its owner.
  2. Prove that you (a person) are the indicated owner.

For (1), I would recommend just storing an address in a public state variable in the contract.

If I understand correctly what you're doing, (2) is a bit subtle. It's easy to just sign a message with your private key and have someone else recover the corresponding address. But all that does is prove that the message was signed by the contract's owner. It doesn't prove that the person who handed you that message is the contract's owner. (Perhaps the owner signed the message and sent it to A, who then presented it to B. This would be a MITM attack.)

Perhaps the message can indicate the owner in another way. For example, the owner could sign a message with an email address, and now we know for sure that this is the email address of the owner.

There are also MITM-resistant protocols, like Diffie-Hellman key exchange.

Without knowing exactly what's happening in the step where someone proves they're the owner, it's hard to give a really concrete answer.

EDIT

Another thought: generate a 256-bit secret (random number) and store the hash of it in the contract. Then show someone the preimage of the hash (the secret) to prove that you're the one who put that hash in there.

This is, again, subject to MITM attacks and only proves that someone is in possession of the secret (not necessarily that they're the originator).

smarx
smarx
January 14, 2018 05:56 AM

Related Questions


How to map an address with a string array in solidity?

Updated October 09, 2018 12:28 PM

How to transfer Ether to ERC20 token contract?

Updated July 23, 2018 00:28 AM

Help me code callback external

Updated October 16, 2018 09:28 AM

Solidity Token Sale?

Updated October 06, 2018 14:28 PM

I have a problem.. Please helpme

Updated October 17, 2018 13:28 PM