dApp state synchronization with Enigma node


#1

Hello

I was reading https://enigma.co/protocol/SecretContracts.html#post-auction-callable-and-callback

I wanted to know how can we ensure that Enigma is running the function with the correct callable arguments?

Let says that we have 10 encrypted bids.

But when generating the task, we specify only 9 out of 10 encrypted bids as the callable args of getHighestBidder function.

How this security issue could be avoided?

Could we compute the hash of the current state of the hash of the bids ( keccak256(currentHash, newBid) ) and pass it as an argument to the computation and callback ?

( Otherwise I understood that you do the link between the outside and trusted world by computing the unique task Id by doing the hash of the params)


PS:

you should add the onlyEnigma modifier in the documentation


#2

Do you mean what if the component that creates the tasks specifies the wrong values (inadvertently or maliciously)? In this simple demo app, the task is naively created by the Dapp user. The computeTask() fn of the Enigma contract is called using web3 in the Dapp business logic. If you trust this Dapp user, it’s not an issue. If you don’t, the scenario which you are describing could occur. A trustless solution to this would be to call the computeTask() fn from the Dapp smart contract.


#3

Do you mean what if the component that creates the tasks specifies the wrong values (inadvertently or maliciously)?

Yes.
Right now I could see that anyone (a component, an attacker) could create an Enigma task with the Auction contract as a callback dappContract with any callable args in order to write “any” arbitrary value to this contract. Correct me if I am wrong.


A trustless solution to this would be to call the computeTask() fn from the Dapp smart contract.

Yes and that computeTask should store in the smart contract the taskId so it allows onlyEnigma + some shared variable ( taskId maybe ) to validate the callback.


Furthermore in my opinion the Auction contract function updateWinner should be executable only once.

A require(state != AuctionState.COMPLETED); might be interesting to add.


#4

And I would add that you should store the msg.sender in Enigma.sol

Then in the Auction contract we could check the creator of the contract being a trusted party.

require(trustedTaskCreatorsMapping[enigmaContractInstance.tasks(taskId).taskCreator])

#5

@david do you mind sharing a bit more about what you are working on?


#6

I was just evaluating different privacy solutions (for Blockchain) – when checking your tutorials I found out some potential issues around “secret” dApp tutorial.

It seems it lacks information about how to make the trusted world (Enigma core) trusts the untrusted world (and vice-versa).