Viewing Keys
Introduction to Secret Network viewing keys with code examples
Viewing Keys Introduction
Viewing keys are passwords meant to validate users at times when the blockchain cannot. Specifically in queries, the query sender isn't authenticated and the contract doesn't know who is the querier. Therefore viewing keys were invented to provide a way of access control for users:
Alice sends a transaction
set_viewing_key(password)
The contract stores
(alice,password)
Later on, a query is sent to the contract
query("balance",alice,password)
If
(alice,password)
matches what's in storage, the contract returns Alice's balance to the querier.
To see an implementation of viewing keys in a Secret smart contract, check out the Secret Labs Viewing Keys example repository
Importing Secret Toolkit
Secret Network developed the secret-toolkit
viewing key package for creating and managing viewing keys in Secret smart contracts. The methods provided include:
set_seed
: Sets an initial pseudorandom number generator (PRNG) seed for the store.create
: Creates a new viewing key, saves it to the storage, and returns it.set
: Sets a new viewing key based on a predetermined value.check
: Checks if a viewing key matches an account.
To make use of the secret-toolkit viewing keys package, import it into your cargo.toml
file:
Viewing Keys Implementation
If you would like to see an example implementation of Secret Network viewing keys, see the Secret Labs examples repository here.
This contract is designed to create top secret messages that can only be decrypted if the user has the correct viewing key that is associated with the secret_message
struct.
Let's review the try_create_secret_message()
function:
This function stores a secret message at a specified index in the contract's storage, which is mapped to a viewing key. This ensures that the secret message can only be accessed by the correct viewing key, and that each secret message has its own unique viewing key.
Let's go over it in more detail:
A new viewing key is created by calling
ViewingKey::create
. The parameters passed include the mutable dependencies (which includes the storage), the environmentenv
, theMessageInfo
, the sender account, and a hard-coded entropy valueb"entropy"
.The secret message is then stored in the contract's storage and is mapped to the viewing key. The
SECRET_MESSAGE.insert
line is performing this task.Next, the viewing key itself is stored in the contract's storage, but this time indexed with a user-defined
index
parameter and prefixed by the sender's account address. This is done byVIEWING_KEY.add_suffix(info.sender.as_bytes()).insert(deps.storage, &index, &viewing_key)
.Finally, the function returns a default
Response
instance indicating successful execution of the function.
Additional Viewing Keys methods
check
set
set_seed
Summary
Viewing keys provide a mechanism for access control in blockchain applications when the blockchain itself can't authenticate the query sender. Secret-toolkit
allows developers to set seeds, create and check viewing keys, and set a new viewing key based on a predetermined value π
Should you have further questions, please reach out on discord and a Secret developer will get back to you shortly π
Last updated