Hash / one-way function

jwgcarlylejwgcarlyle Member Posts: 29
Hi

I'd like to know if Solidity has an exposed one-way function within the language. Alternatively, if not, has anyone written a one-way / hash function in Solidity that is fairly /very expensive to reverse?

(use-case: I want to create a function within the contract (which is obviously publicly distributed on the blockchain) that only an actor with a secret can call - so if the function checked the received secret against a previously-stored hash, then even if the hash is public, the secret that matches cannot be guessed. )

James

Comments

  • SmithgiftSmithgift Member Posts: 64
    You can just use sha3(), which directly translates to a single opcode in the EVM.
  • chrisethchriseth Member Posts: 170 ✭✭✭
    edited May 2015
    Be careful here, as the hash function approach only works once, or even not at all:
    Once you call the function with the correct preimage of the hash function, that preimage is known publicly and anyone can call the function (unless the contract guards itself against further calls).
    Even worse: As soon as you publish the transaction, anyone can see the preimage, simulate the contract to check whether it actually is the correct preimage, publish another transaction with a call to the same function but perhaps different effects and try to get this transaction into the next block first.

    The safer way to do these things is using public-key cryptography: Let your contract use the ecrecover function or, even simpler, just check that the sender address (msg.sender) is in a certain set of addresses.
  • jwgcarlylejwgcarlyle Member Posts: 29
    Chriseth, thanks for your observations, good points

    James
Sign In or Register to comment.