Automatic Cryptolocker on Etherum? Can miners opt out?

hughht5hughht5 Member Posts: 9
Is it theoretically possible to automate the Cryptolocker virus on Ethereum as a smart contract? The private keys could be kept in the contract's storage and keys released only when ransom paid.

The incentives are huge here - Ethereum Cryptolocker provides a lot of publicity for Ethereum...

On a wider note - are miners able to opt-out if such a program was created?


  • mlacortemlacorte Los AngelesMember Posts: 27 ✭✭
    Contract storage is essentially public, so storing private keys there wouldn't be a good idea since everyone would have access to them.
  • salwilliamsalwilliam Member Posts: 27 ✭✭
    What, if any, aspects of a contract are kept secret?
  • StephanTualStephanTual London, EnglandMember, Moderator Posts: 1,282 mod
  • hughht5hughht5 Member Posts: 9
    could the storage not be encrypted using the DACs own key?
  • ddink7ddink7 Member Posts: 49
    Miacorte, what about cryptographic obfuscation, like V posted about on the blog?
  • chris613chris613 Member Posts: 93 ✭✭
    @hughh5 No, the storage cannot be encrypted with the DACs own key because they don't have keys. The address of a DAC is "the last 20 bytes of the sha3 hash of the RLP encoding of the transaction" (whitepaper). It is not a public key hash like you're used to seeing for addresses, it's just a hash of the contract itself. All storage is completely public, so you can't keep secrets in a DAC.

    Obfuscation, if it exists, would solve this problem of course. I'm not an expert in this area, but I've read a lot of the recent research, and AFAICT the recent breakthroughs in obfuscation only apply to programs with a single binary true/false output. Ethereum contracts could not benefit from this because they are primarily designed to cause side effects such as storage modification or balance adjustments, rather than simply return a true/false.
Sign In or Register to comment.