13

Is the following function parameter (string name) only visible to the owner contract itself?

function myFunction(string name) private returns (bool) 
{ 
    return true;
}

So nobody can read / see the string name? This includes all blockchain viewers and miners.

Or is there no way to hide the values of variables in functions even if they are private?

I am looking for information on if it is possible to prevent people from reading the values of function parameters and local variables.

eth
  • 85,679
  • 53
  • 285
  • 406
Alex Darby
  • 921
  • 1
  • 6
  • 16

2 Answers2

10

looking for information on if it is possible to prevent people from reading the values of function parameters and local variables

There are 2 worlds:

  1. inside Solidity, contracts, and the EVM
  2. outside

Asking about people is case #2, and all data on the blockchain is currently visible to everyone. Someone can take your transaction and can analyze it to see what contracts are invoked and the function parameters and local variables. (This can involve taking the input part of a transaction, feeding it through the EVM, and examining the values as the EVM executes.) Currently, there is no way to prevent this; further integration of advanced cryptography into the Ethereum platform is how this will be solved for everyone.

For #1, other contracts cannot read the value of another contract's function parameters or local variables directly.

For specific information about the private keyword used in function myFunction(string name) private, see Visibility and Accessors:

Private functions and state variables are only visible for the contract they are defined in and not in derived contracts.

Community
  • 1
eth
  • 85,679
  • 53
  • 285
  • 406
  • I was concerned about if I declare a state variable public , does this means other contracts have full access to the variable, i.e. can other contracts access the variable and even change it's value? – Prashant Prabhakar Singh Aug 08 '16 at 08:32
  • @PrashantPrabhakarSingh Other contracts can read, but usually they cannot change the value unless you provide a function for them to do so. I answered your question with a little more details :) – eth Aug 08 '16 at 10:13
6

The question is not so much about visibility but accessibility. Contracts on the blockchain are viewable by everyone in bytecode (not in Solidity however).

In terms of accessibility- who has permission to make calls to your function, you can use modifiers. In this case you would define an onlyOwner modifier earlier in the contract like so:

modifier onlyOwner { if(msg.sender != owner) throw; _ } When creating the contract, you can define the owner as a state variable and assign it in the constructor of the contract (the function which is implemented when the contract is created).

To restrict access to myFunction you would add the onlyOwner modifier after the input parameters, so that if anyone calls the myFunction contract without calling from the address defined in owner address variable, it will fail.

function myFunction(string name) onlyOwner private returns(bool) { return true; }

You can also have modifiers to restrict access to other trusted addresses in your contract.

Physes
  • 1,308
  • 12
  • 18
  • Thanks but I already understand about accessibility in contracts. I was looking information on if it is possible to prevent people from reading the values of function parameters and local variables. – Alex Darby Jun 26 '16 at 19:27
  • It is not possible to prevent people from reading any smart contract information: "Everything you use in a smart contract is publicly visible, even local variables and state variables marked private." https://solidity.readthedocs.io/en/v0.4.24/security-considerations.html – Zac Delventhal Aug 27 '18 at 15:19