How secured are private data stored on blockchain?
I'm quite new in Ethereum world and I'm still little bit confused about this:
If I store any data on blockchain, is it readable from anyone? Let's say I have this is Solidity:
...
string private myVerySecretText;
function getText() external returns(string){
require(msg.sender == something);
return myVerySecretText;
}
...
If I'm the user that match the require
statement, I can access the data, but is there some possiblity to read this data from anyone else? I know that the whole blockchain is public, so is there possible to read somehow even the private
data? And can anyone read the code from my smartcontract when is deployed on a blockchain?
blockchain security private
New contributor
add a comment |
I'm quite new in Ethereum world and I'm still little bit confused about this:
If I store any data on blockchain, is it readable from anyone? Let's say I have this is Solidity:
...
string private myVerySecretText;
function getText() external returns(string){
require(msg.sender == something);
return myVerySecretText;
}
...
If I'm the user that match the require
statement, I can access the data, but is there some possiblity to read this data from anyone else? I know that the whole blockchain is public, so is there possible to read somehow even the private
data? And can anyone read the code from my smartcontract when is deployed on a blockchain?
blockchain security private
New contributor
add a comment |
I'm quite new in Ethereum world and I'm still little bit confused about this:
If I store any data on blockchain, is it readable from anyone? Let's say I have this is Solidity:
...
string private myVerySecretText;
function getText() external returns(string){
require(msg.sender == something);
return myVerySecretText;
}
...
If I'm the user that match the require
statement, I can access the data, but is there some possiblity to read this data from anyone else? I know that the whole blockchain is public, so is there possible to read somehow even the private
data? And can anyone read the code from my smartcontract when is deployed on a blockchain?
blockchain security private
New contributor
I'm quite new in Ethereum world and I'm still little bit confused about this:
If I store any data on blockchain, is it readable from anyone? Let's say I have this is Solidity:
...
string private myVerySecretText;
function getText() external returns(string){
require(msg.sender == something);
return myVerySecretText;
}
...
If I'm the user that match the require
statement, I can access the data, but is there some possiblity to read this data from anyone else? I know that the whole blockchain is public, so is there possible to read somehow even the private
data? And can anyone read the code from my smartcontract when is deployed on a blockchain?
blockchain security private
blockchain security private
New contributor
New contributor
New contributor
asked yesterday
Banana CakeBanana Cake
182
182
New contributor
New contributor
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
All the data in the Blockchain is public. The "public" keyword creates a getter for the variable, (a function that return the value). When you make it private the getter is not created but you can access the storage of the contract. web3 allows you to read the storage using:
web3.getStorageAt(address, position)
see this for more info
Hope this helps
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
|
show 1 more comment
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "642"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Banana Cake is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fethereum.stackexchange.com%2fquestions%2f65096%2fhow-secured-are-private-data-stored-on-blockchain%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
All the data in the Blockchain is public. The "public" keyword creates a getter for the variable, (a function that return the value). When you make it private the getter is not created but you can access the storage of the contract. web3 allows you to read the storage using:
web3.getStorageAt(address, position)
see this for more info
Hope this helps
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
|
show 1 more comment
All the data in the Blockchain is public. The "public" keyword creates a getter for the variable, (a function that return the value). When you make it private the getter is not created but you can access the storage of the contract. web3 allows you to read the storage using:
web3.getStorageAt(address, position)
see this for more info
Hope this helps
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
|
show 1 more comment
All the data in the Blockchain is public. The "public" keyword creates a getter for the variable, (a function that return the value). When you make it private the getter is not created but you can access the storage of the contract. web3 allows you to read the storage using:
web3.getStorageAt(address, position)
see this for more info
Hope this helps
All the data in the Blockchain is public. The "public" keyword creates a getter for the variable, (a function that return the value). When you make it private the getter is not created but you can access the storage of the contract. web3 allows you to read the storage using:
web3.getStorageAt(address, position)
see this for more info
Hope this helps
answered yesterday
JaimeJaime
5,0171217
5,0171217
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
|
show 1 more comment
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
Thank you. And are the data readable after the getStorageAt function or is it in some format/ data type that is not readable and can't be transferred to a readable form? I'm asking because I want to store there some private data and I'm not sure if is necessary to use some encryption or I can just let it be only as it is..
– Banana Cake
yesterday
1
1
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
web3 will return a number in hexadecimal. If the information is private you should encrypt it. If this answered your question please accept the answer.
– Jaime
yesterday
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
Thank you. One more question - are the data passed into a smart contract function in transaction visable? Let's say I want to call function SetSecretText(string newText) external ... (inside the function is some encryption). Is the value of newText parameter in a transaction visable also publicly?
– Banana Cake
11 hours ago
1
1
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
yes, it is visible so the encryption should be done offline such that the data that you send is already encrypted.
– Jaime
9 hours ago
1
1
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
yes, every transaction that has happened in the network is visible.
– Jaime
9 hours ago
|
show 1 more comment
Banana Cake is a new contributor. Be nice, and check out our Code of Conduct.
Banana Cake is a new contributor. Be nice, and check out our Code of Conduct.
Banana Cake is a new contributor. Be nice, and check out our Code of Conduct.
Banana Cake is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Ethereum Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fethereum.stackexchange.com%2fquestions%2f65096%2fhow-secured-are-private-data-stored-on-blockchain%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown