how come web3 send does not require a private key or signature
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I'm building an ERC20 smart contract
which will be accessed via node.js
with web3
library.
I see that web3.eth.Contract
has the send
function, which takes the parameter from
, which is being mapped to the msg.sender
in the smart contract.
As far as I understand (and my debugging supports that), I can change the from
field to just about any address, and by that bypass the business logic of the contract, e.g
token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );
or even set the owner:
token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );
since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.
There are other methods which do sign a transaction with the private key
, but the fact that the send
method is open for bypassing the business logic, seems like a big security concern.
As I missing something?
solidity web3js erc-20
add a comment |Â
up vote
1
down vote
favorite
I'm building an ERC20 smart contract
which will be accessed via node.js
with web3
library.
I see that web3.eth.Contract
has the send
function, which takes the parameter from
, which is being mapped to the msg.sender
in the smart contract.
As far as I understand (and my debugging supports that), I can change the from
field to just about any address, and by that bypass the business logic of the contract, e.g
token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );
or even set the owner:
token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );
since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.
There are other methods which do sign a transaction with the private key
, but the fact that the send
method is open for bypassing the business logic, seems like a big security concern.
As I missing something?
solidity web3js erc-20
1
You are missing the fact that yourcontract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
â goodvibration
Sep 2 at 17:38
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I'm building an ERC20 smart contract
which will be accessed via node.js
with web3
library.
I see that web3.eth.Contract
has the send
function, which takes the parameter from
, which is being mapped to the msg.sender
in the smart contract.
As far as I understand (and my debugging supports that), I can change the from
field to just about any address, and by that bypass the business logic of the contract, e.g
token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );
or even set the owner:
token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );
since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.
There are other methods which do sign a transaction with the private key
, but the fact that the send
method is open for bypassing the business logic, seems like a big security concern.
As I missing something?
solidity web3js erc-20
I'm building an ERC20 smart contract
which will be accessed via node.js
with web3
library.
I see that web3.eth.Contract
has the send
function, which takes the parameter from
, which is being mapped to the msg.sender
in the smart contract.
As far as I understand (and my debugging supports that), I can change the from
field to just about any address, and by that bypass the business logic of the contract, e.g
token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );
or even set the owner:
token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );
since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.
There are other methods which do sign a transaction with the private key
, but the fact that the send
method is open for bypassing the business logic, seems like a big security concern.
As I missing something?
solidity web3js erc-20
edited Sep 2 at 17:50
asked Sep 2 at 17:17
Achi Even-dar
62
62
1
You are missing the fact that yourcontract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
â goodvibration
Sep 2 at 17:38
add a comment |Â
1
You are missing the fact that yourcontract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
â goodvibration
Sep 2 at 17:38
1
1
You are missing the fact that your
contract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.â goodvibration
Sep 2 at 17:38
You are missing the fact that your
contract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.â goodvibration
Sep 2 at 17:38
add a comment |Â
3 Answers
3
active
oldest
votes
up vote
2
down vote
The web3
library creates a transaction that needs to be signed by the account specified in from
. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.
It is not possible to send a valid (signed) transaction without the private key of the account in the from
field.
add a comment |Â
up vote
1
down vote
The msg.sender
property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender
which isn't an address they own.
Whatever security measures you have in your contract, you can rely on the fact that the msg.sender
address is the person making the transaction.
add a comment |Â
up vote
1
down vote
Any transaction to an actual Ethereum blockchain needs to be signed with a private key.
For the above code to work (just supplying a from
address), the node you're connected to must be doing the signing for you. As long as the from
address is "unlocked" in that node (the default under a test network like ganache
or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.
In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
The web3
library creates a transaction that needs to be signed by the account specified in from
. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.
It is not possible to send a valid (signed) transaction without the private key of the account in the from
field.
add a comment |Â
up vote
2
down vote
The web3
library creates a transaction that needs to be signed by the account specified in from
. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.
It is not possible to send a valid (signed) transaction without the private key of the account in the from
field.
add a comment |Â
up vote
2
down vote
up vote
2
down vote
The web3
library creates a transaction that needs to be signed by the account specified in from
. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.
It is not possible to send a valid (signed) transaction without the private key of the account in the from
field.
The web3
library creates a transaction that needs to be signed by the account specified in from
. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.
It is not possible to send a valid (signed) transaction without the private key of the account in the from
field.
answered Sep 2 at 17:32
Edmund Edgar
13.2k11438
13.2k11438
add a comment |Â
add a comment |Â
up vote
1
down vote
The msg.sender
property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender
which isn't an address they own.
Whatever security measures you have in your contract, you can rely on the fact that the msg.sender
address is the person making the transaction.
add a comment |Â
up vote
1
down vote
The msg.sender
property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender
which isn't an address they own.
Whatever security measures you have in your contract, you can rely on the fact that the msg.sender
address is the person making the transaction.
add a comment |Â
up vote
1
down vote
up vote
1
down vote
The msg.sender
property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender
which isn't an address they own.
Whatever security measures you have in your contract, you can rely on the fact that the msg.sender
address is the person making the transaction.
The msg.sender
property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender
which isn't an address they own.
Whatever security measures you have in your contract, you can rely on the fact that the msg.sender
address is the person making the transaction.
answered Sep 2 at 17:24
AnAllergyToAnalogy
1,684215
1,684215
add a comment |Â
add a comment |Â
up vote
1
down vote
Any transaction to an actual Ethereum blockchain needs to be signed with a private key.
For the above code to work (just supplying a from
address), the node you're connected to must be doing the signing for you. As long as the from
address is "unlocked" in that node (the default under a test network like ganache
or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.
In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.
add a comment |Â
up vote
1
down vote
Any transaction to an actual Ethereum blockchain needs to be signed with a private key.
For the above code to work (just supplying a from
address), the node you're connected to must be doing the signing for you. As long as the from
address is "unlocked" in that node (the default under a test network like ganache
or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.
In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.
add a comment |Â
up vote
1
down vote
up vote
1
down vote
Any transaction to an actual Ethereum blockchain needs to be signed with a private key.
For the above code to work (just supplying a from
address), the node you're connected to must be doing the signing for you. As long as the from
address is "unlocked" in that node (the default under a test network like ganache
or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.
In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.
Any transaction to an actual Ethereum blockchain needs to be signed with a private key.
For the above code to work (just supplying a from
address), the node you're connected to must be doing the signing for you. As long as the from
address is "unlocked" in that node (the default under a test network like ganache
or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.
In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.
answered Sep 2 at 17:24
smarx
16.1k1515
16.1k1515
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fethereum.stackexchange.com%2fquestions%2f57934%2fhow-come-web3-send-does-not-require-a-private-key-or-signature%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
You are missing the fact that your
contract_owner_address
is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.â goodvibration
Sep 2 at 17:38