Ethereum: Can I store a secret on evm without using zkp
Ethereum: Can I store a secret in the EVM without ZKP?
As a developer, you are probably familiar with the concept of secret storage in Ethereum smart contracts. One common approach is to use ZKP (Zero-Knowledge Proofs) such as Verifier to ensure that a contract function can only be called via an API endpoint. However, in this article, we will explore alternative solutions that do not rely on ZKP.
The Problem with ZKP
Zero-Knowledge Proofs are designed to provide a secure and efficient way to verify the validity of a smart contract function without revealing any information about its inputs or outputs. Typically, ZKPs, such as Verifier, use a complex mathematical protocol to achieve this goal.
However, using ZKPs can come with significant overhead, especially when dealing with large applications. This is because ZKP requires:
- Proof-of-Work (PoW): Creating and verifying a proof.
- Verification
: The verifier must be able to verify the certificate in real time.
As you mentioned, using the Verifier library can lead to high gas prices, especially for large applications.
Alternatives: Store Secrets without ZKP
In this article, we explore alternative solutions that do not rely on ZKP:
1.
Hash Functions
One simple solution is to use a hash function to store the secret. Here is an example:
pragma strength ^0,8,0;
contract SecretStorage {
mapping(address => bytes) private secrets;
function setSecret(bytes memory secret) public {
// Use keccak-256 hash to ensure uniqueness and prevent collisions
bytes32 hash = keccak256(abi.encodePacked(secret));
secrets[msg.sender] = hash;
}
function getSecret(bytes memory secret) public view return (bytes) {
return secrets[message sender];
}
}
This solution uses the SHA-256 hash function to store and retrieve secrets.
2.
Message Authentication Codes (MACs)
Another approach is to use MACs, which are one-way hash functions that can be used for authentication purposes. Here is an example:
pragma strength ^0,8,0;
contract SecretStorage {
bytes32 public mac = 0x1234567890abcdef;
function setSecret(bytes memory secret) public {
// Compute a new MAC using SHA-256
bytes32 hash = keccak256(abi.encodePacked(secret));
mac = hash;
}
function getSecret() public view returns (bytes) {
returns bytes (mac);
}
}
This solution uses SHA-256 hash function to store and retrieve secrets, and additionally has a MAC field for authentication.
3.
Digital Signatures
If your application requires a higher level of security than hash functions or MACs provide, consider using digital signatures. Here is an example:
pragma strength ^0,8,0;
contract SecretStorage {
address public owner;
bytes public secret;
constructor() public {
owner = msg.sender;
secret = keccak256(abi.encodePacked(owner));
}
function getSecret() public view returns (bytes) {
returns secret;
}
}
This solution uses digital signatures to store and retrieve secrets, and the owner can control the signing process.
Conclusion
While ZKP can provide a secure way to verify the validity of smart contract operations without revealing any information about their inputs or outputs, they come at a significant cost. By exploring alternative solutions such as hash functions, MACs, and digital signatures, you can store secrets in your Ethereum contracts while maintaining security and efficiency.
Always remember to consider the tradeoffs between security, cost, and performance when designing your smart contract architecture.