Suppose, I have received a 25 MB file from some one through some media. I would like to have it scanned for virus before I actually open it for use. How can I be sure that it is not infected?Traditional Solution
Perhaps there is a cloud based service provided for virus scan - Virus Scanning as a Service (VSaaS). This provider has subscription plans based on file type, volume and frequency of scans. I could approach this provider to scan my file and receive a binary response as TRUE (clean) or FALSE (infected). But, I have no choice but to trust two things of the provider:
- Did the provider scan at all? Or, more generally, was 'work' done at all? Maybe, there is a tiny script to return TRUE and FALSE with 50% probability regardless of how many and what type of files are sent.
- Was the provider's scan conclusive? Maybe, the provider does not have all of the virus signatures to scan successfully. So, the provider may respond with TRUE (clean) whereas, it is actually infected with the latest strain of a virus.
Can a distributed application (or, Smart Contract) resolve this problem? I know that the underlying blockchain provides a publicly available ledger that can verify:
- If I have sufficient coins (say, BTC) to cover the scan service request.
- If a scan request (the transaction in this case) was made, to whom, when, etc.
What I want to know is, the mechanism to confirm that a virus scan did actually happen in its entirety. If all full nodes do the virus scan, am I now not spreading my ambiguity across multiple full nodes - in effect, different cloud providers in a conventional way?
How would an Ethereum platform address this requirement?