Are Ethereum contract function securable

0 votes

I am using testrpc and web3.

I used the idiom below to ensure that only a previously defined user should be able to do something:

function doSomethingProtected() {
        if ( msg.sender != authorizedUser )
                throw;

        flagSomething = true;
   }

When calling the function on an instantiated contract with web3 as follows:

myContract.doSomethingProtected( { from: "0x..." } );

it worked. At first I was pleased but then I realized the web3 API had not required me to provide any passphrase for a private key or such like.

Can anyone with the simple knowledge of someones public key/address call this function?

The use of this idiom in the examples led me to believe a benefit of the Ethereum contracts was that it ensured msg.sender was cryptographically assured.

Oct 26, 2018 in Blockchain by Prerna
 • 1,960 points 773 views

1 answer to this question.

0 votes
The reason is that you are using testRPC, which doesn't lock it's accounts, so you don't need a password.

If you were to do this with geth, you would need to unlock the account before sending from it.

Without the private key, that function will throw an error, so you are correct in using that authorization method.
answered Oct 30, 2018 by Christine
 • 15,790 points

Related Questions In Blockchain

0 votes
1 answer

Where are the transaction details of a smart contract is written in Ethereum?

First ques:where in the blockchain is a ...READ MORE

answered Jul 11, 2018 in Blockchain by Shashank
 • 10,400 points 812 views
+1 vote
1 answer

How does the geth ethereum platform automatically connect to the nodes that are in the main network of Ethereum?

When you start with Geth you need ...READ MORE

answered Mar 28, 2018 in Blockchain by Perry
 • 17,100 points 1,338 views
0 votes
1 answer

Can a hacker change data of a smart sontract without call contract function?

A contract's content cannot be changed internally. ...READ MORE

answered Apr 8, 2018 in Blockchain by Shashank
 • 10,400 points 683 views
0 votes
1 answer

where is ethereum contract instance state stored???

Migrating the state to a new version ...READ MORE

answered Jun 2, 2018 in Blockchain by Shashank
 • 10,400 points 607 views
0 votes
1 answer

Truffle tests not running after truffle init

This was a bug. They've fixed it. ...READ MORE

answered Sep 11, 2018 in Blockchain by Christine
 • 15,790 points 1,923 views
0 votes
1 answer

Solidity geth: Error encountered during contract execution [Bad instruction]

recipes is a dynamic storage array. You need ...READ MORE

answered Oct 15, 2018 in Blockchain by Omkar
 • 69,220 points 1,464 views
0 votes
2 answers

Why is network already up to date while trying to deploy a contract on truffle?

I guess you have ganache running already ...READ MORE

answered Apr 24, 2018 in Blockchain by Shashank
 • 10,400 points 4,566 views
0 votes
1 answer

How can I deploy a HelloWorld contract on my testrpc network?

The problem lies in the command: truffle migrate Your truffle migrate command ...READ MORE

answered Apr 27, 2018 in Blockchain by Perry
 • 17,100 points
edited Aug 10, 2018 by Omkar 2,845 views
0 votes
1 answer

Smart contract limitations in Ethereum and Hyperledger Fabric

No, the contract cannot sign on behave of B. A ...READ MORE

answered Sep 11, 2018 in Blockchain by Christine
 • 15,790 points 673 views
0 votes
1 answer

How to detect if an ethereum address is an ERC20 token contract?

There are many possible ways to achieve ...READ MORE

answered Sep 25, 2018 in Blockchain by Christine
 • 15,790 points 7,411 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.