1

I want to implement a small guess-the-word game on Ethereum, where the user needs to guess a word from a given set of words. The procedure is following: 1. The user attempts the guess. 1.1. The user fails the guess. 1.2. The user succeeds the guess - a new word is randomly generated (by using Oraclize).

Theoretically, any hidden raw data could be querried on the blockchain if the stakes are high enough to waste the computational power. Even hashed with keccak256, given the known set of words (say, 200 words), it would have been possible to get the keccak256 values of every word and just reverse engineer the raw data.

The question is: is there a way to somehow organize such a pipeline, so that even querrying the raw data of blockchain, the attacker (even the organizer) could not be able to know the newly generated word?

Ruham
  • 963
  • 2
  • 12
  • 34

1 Answers1

2

You mentioned you are using Oraclize. They provide not only random number querying, but allows you also to perform requests to the outer network and receive parsed json. I think it is best option for your case.

Alex G.P.
  • 1,277
  • 11
  • 27
  • Thanks for the answer. So, basically, the generated word shouldn't be stored on the blockchain, but on a private server, with JSON returning, say, bool true if matched? – Ruham May 21 '18 at 02:46
  • @Ruham nope, I suggest slightly different approach. Before each round your contracrt quirying remote work providing API for the word. New game cannot be started until callback from Oraclize contract called with new word. Then received word stored inside your contract's private variable. It is inaccessible for anybody outside contract. Then new game can be started as you plan it. – Alex G.P. May 21 '18 at 04:14
  • But given enough incentive, the private stored variable could be extracted from the raw blockchain data, couldn't it? And even if its hashed via Keccak, given the limited range of words, it is possible to hash every word and then simply compare the extracted raw data to get the word. – Ruham May 21 '18 at 17:23
  • @Ruham I cannot imagine a way to get private contract data from the blockchain. – Alex G.P. May 21 '18 at 17:55
  • Blockchain data is stored on the computer, I believe it should be possible to get what is needed from that data (given enough incentive). – Ruham May 21 '18 at 20:33
  • 1
    private variables are NOT actually private in the sense you may expect. They are not encrypted, they are plaintext, but super simple for any experienced developer to fetch as needed using web3 or other mechanisms. Private variables in solidity, just means that the variable is local to the contract, and not accessible by other contracts.

    Oraclize can still provide you solution, by using the encrypt/decrypt datasource it provides, and you're technically able to encrypt a secret, and then decrypt in the reveal phase. Risk here is both you and Oraclize can decrypt the secret.

     – DenisM May 29 '18 at 22:37
  • @DenisM could you provide any proofs of your words? I mean "super simple for any experienced developer to fetch as needed using web3"? – Alex G.P. May 30 '18 at 13:37
  • 2
    @AlexG.P. https://ethereum.stackexchange.com/questions/13910/how-to-read-a-private-variable-from-a-contract/13915#13915 I've made utilities in the past using that method years ago, they are private so I can't share them. So yes, it is simple, once you understand how storage on Ethereum works. – DenisM May 30 '18 at 17:43
  • @AlexG.P. Thanks for the clarification, I suspected that earlier as well. Could you please tell a bit more on this? "Oraclize can still provide you solution, by using the encrypt/decrypt datasource it provides, and you're technically able to encrypt a secret". – Ruham Jun 14 '18 at 04:38