how come web3 send does not require a private key or signature

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I'm building an ERC20 smart contract which will be accessed via node.js with web3 library.
I see that web3.eth.Contract has the send function, which takes the parameter from, which is being mapped to the msg.sender in the smart contract.
As far as I understand (and my debugging supports that), I can change the from field to just about any address, and by that bypass the business logic of the contract, e.g



token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );


or even set the owner:



token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );


since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.



There are other methods which do sign a transaction with the private key, but the fact that the send method is open for bypassing the business logic, seems like a big security concern.



As I missing something?




solidity web3js erc-20




share|improve this question


















  • 1




    You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
    – goodvibration
    Sep 2 at 17:38















up vote
1
down vote

favorite












I'm building an ERC20 smart contract which will be accessed via node.js with web3 library.
I see that web3.eth.Contract has the send function, which takes the parameter from, which is being mapped to the msg.sender in the smart contract.
As far as I understand (and my debugging supports that), I can change the from field to just about any address, and by that bypass the business logic of the contract, e.g



token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );


or even set the owner:



token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );


since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.



There are other methods which do sign a transaction with the private key, but the fact that the send method is open for bypassing the business logic, seems like a big security concern.



As I missing something?




solidity web3js erc-20




share|improve this question


















  • 1




    You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
    – goodvibration
    Sep 2 at 17:38













up vote
1
down vote

favorite









up vote
1
down vote

favorite











I'm building an ERC20 smart contract which will be accessed via node.js with web3 library.
I see that web3.eth.Contract has the send function, which takes the parameter from, which is being mapped to the msg.sender in the smart contract.
As far as I understand (and my debugging supports that), I can change the from field to just about any address, and by that bypass the business logic of the contract, e.g



token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );


or even set the owner:



token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );


since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.



There are other methods which do sign a transaction with the private key, but the fact that the send method is open for bypassing the business logic, seems like a big security concern.



As I missing something?




solidity web3js erc-20




share|improve this question














I'm building an ERC20 smart contract which will be accessed via node.js with web3 library.
I see that web3.eth.Contract has the send function, which takes the parameter from, which is being mapped to the msg.sender in the smart contract.
As far as I understand (and my debugging supports that), I can change the from field to just about any address, and by that bypass the business logic of the contract, e.g



token.methods.method_only_owner_can_activate(<some_data>).send( from: <contract_owner_address>, <gas> );


or even set the owner:



token.methods.setOwner(<my_not_owner_address>).send( from: <contract_owner_address>, <gas> );


since the address should be public, any user can create a process which mimics this behaveiour and bypasses my security logic.



There are other methods which do sign a transaction with the private key, but the fact that the send method is open for bypassing the business logic, seems like a big security concern.



As I missing something?





solidity web3js erc-20





share|improve this question













share|improve this question




share|improve this question








edited Sep 2 at 17:50

























asked Sep 2 at 17:17









Achi Even-dar

62




62







  • 1




    You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
    – goodvibration
    Sep 2 at 17:38













  • 1




    You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
    – goodvibration
    Sep 2 at 17:38








1




1




You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
– goodvibration
Sep 2 at 17:38





You are missing the fact that your contract_owner_address is unlocked on the Ethereum node that you are connected to. Either you are (unknowingly) unlocking it in your code, or the node is (unknowingly) unlocking it for you.
– goodvibration
Sep 2 at 17:38











3 Answers
3






active

oldest

votes

















up vote
2
down vote













The web3 library creates a transaction that needs to be signed by the account specified in from. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.



It is not possible to send a valid (signed) transaction without the private key of the account in the from field.






share|improve this answer



























    up vote
    1
    down vote













    The msg.sender property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender which isn't an address they own.



    Whatever security measures you have in your contract, you can rely on the fact that the msg.sender address is the person making the transaction.






    share|improve this answer



























      up vote
      1
      down vote













      Any transaction to an actual Ethereum blockchain needs to be signed with a private key.



      For the above code to work (just supplying a from address), the node you're connected to must be doing the signing for you. As long as the from address is "unlocked" in that node (the default under a test network like ganache or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.



      In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.






      share|improve this answer




















        Your Answer







        StackExchange.ready(function()
        var channelOptions =
        tags: "".split(" "),
        id: "642"
        ;
        initTagRenderer("".split(" "), "".split(" "), channelOptions);

        StackExchange.using("externalEditor", function()
        // Have to fire editor after snippets, if snippets enabled
        if (StackExchange.settings.snippets.snippetsEnabled)
        StackExchange.using("snippets", function()
        createEditor();
        );

        else
        createEditor();

        );

        function createEditor()
        StackExchange.prepareEditor(
        heartbeatType: 'answer',
        convertImagesToLinks: false,
        noModals: false,
        showLowRepImageUploadWarning: true,
        reputationToPostImages: null,
        bindNavPrevention: true,
        postfix: "",
        onDemand: true,
        discardSelector: ".discard-answer"
        ,immediatelyShowMarkdownHelp:true
        );



        );













         

        draft saved


        draft discarded


















        StackExchange.ready(
        function ()
        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fethereum.stackexchange.com%2fquestions%2f57934%2fhow-come-web3-send-does-not-require-a-private-key-or-signature%23new-answer', 'question_page');

        );

        Post as a guest

















        3 Answers
        3






        active

        oldest

        votes








        3 Answers
        3






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes








        up vote
        2
        down vote













        The web3 library creates a transaction that needs to be signed by the account specified in from. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.



        It is not possible to send a valid (signed) transaction without the private key of the account in the from field.






        share|improve this answer
























          up vote
          2
          down vote













          The web3 library creates a transaction that needs to be signed by the account specified in from. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.



          It is not possible to send a valid (signed) transaction without the private key of the account in the from field.






          share|improve this answer






















            up vote
            2
            down vote










            up vote
            2
            down vote









            The web3 library creates a transaction that needs to be signed by the account specified in from. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.



            It is not possible to send a valid (signed) transaction without the private key of the account in the from field.






            share|improve this answer












            The web3 library creates a transaction that needs to be signed by the account specified in from. It is signed either by talking to a local node which has the private key to that account and currently has it unlocked, or by a piece of software like Metamask which controls that private key and only signs the transaction if the user confirms.



            It is not possible to send a valid (signed) transaction without the private key of the account in the from field.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Sep 2 at 17:32









            Edmund Edgar

            13.2k11438




            13.2k11438




















                up vote
                1
                down vote













                The msg.sender property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender which isn't an address they own.



                Whatever security measures you have in your contract, you can rely on the fact that the msg.sender address is the person making the transaction.






                share|improve this answer
























                  up vote
                  1
                  down vote













                  The msg.sender property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender which isn't an address they own.



                  Whatever security measures you have in your contract, you can rely on the fact that the msg.sender address is the person making the transaction.






                  share|improve this answer






















                    up vote
                    1
                    down vote










                    up vote
                    1
                    down vote









                    The msg.sender property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender which isn't an address they own.



                    Whatever security measures you have in your contract, you can rely on the fact that the msg.sender address is the person making the transaction.






                    share|improve this answer












                    The msg.sender property can't be faked - at least to the extent that someone can't create a transaction with a msg.sender which isn't an address they own.



                    Whatever security measures you have in your contract, you can rely on the fact that the msg.sender address is the person making the transaction.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Sep 2 at 17:24









                    AnAllergyToAnalogy

                    1,684215




                    1,684215




















                        up vote
                        1
                        down vote













                        Any transaction to an actual Ethereum blockchain needs to be signed with a private key.



                        For the above code to work (just supplying a from address), the node you're connected to must be doing the signing for you. As long as the from address is "unlocked" in that node (the default under a test network like ganache or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.



                        In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.






                        share|improve this answer
























                          up vote
                          1
                          down vote













                          Any transaction to an actual Ethereum blockchain needs to be signed with a private key.



                          For the above code to work (just supplying a from address), the node you're connected to must be doing the signing for you. As long as the from address is "unlocked" in that node (the default under a test network like ganache or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.



                          In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.






                          share|improve this answer






















                            up vote
                            1
                            down vote










                            up vote
                            1
                            down vote









                            Any transaction to an actual Ethereum blockchain needs to be signed with a private key.



                            For the above code to work (just supplying a from address), the node you're connected to must be doing the signing for you. As long as the from address is "unlocked" in that node (the default under a test network like ganache or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.



                            In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.






                            share|improve this answer












                            Any transaction to an actual Ethereum blockchain needs to be signed with a private key.



                            For the above code to work (just supplying a from address), the node you're connected to must be doing the signing for you. As long as the from address is "unlocked" in that node (the default under a test network like ganache or done explicitly using a normal node like geth or Parity), it's able to sign the transaction with that key and send it.



                            In a real-world situation, users of your app wouldn't be connected to a node that had your private key, so this is not a concern.







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered Sep 2 at 17:24









                            smarx

                            16.1k1515




                            16.1k1515



























                                 

                                draft saved


                                draft discarded















































                                 


                                draft saved


                                draft discarded














                                StackExchange.ready(
                                function ()
                                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fethereum.stackexchange.com%2fquestions%2f57934%2fhow-come-web3-send-does-not-require-a-private-key-or-signature%23new-answer', 'question_page');

                                );

                                Post as a guest
































































                                Comments

                                Post a Comment

                                Popular posts from this blog

                                Long meetings (6-7 hours a day): Being “babysat” by supervisor

                                Image
                                Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 31 down vote favorite 4 I hold a PhD in mechanical engineering with a 7 year background in self-guided, self-paced research including 2 years as a graduate level course instructor and a subject matter expert for various engineering projects in a university setting in the United States. For the last 10-11 months, I am working in a research industry in France where my task is to debug C++ spaghetti code written over a period of several years by my current supervisor. It is a team of 2: just I and my supervisor. Diurnally, I am posed with a "bug of the day" to get out of this C++ code. My supervisor generally gives me about 15-30 minutes to solve it and then accosts me about whether or not the task is completed and then rinses and repeats this until the end of the day. Off-late, my supervisor has been holding 6-7 hour long "meetin
                                Read more

                                Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

                                Image
                                Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. 3 Stack Exchange exist to
                                Read more

                                Confectionery

                                Image
                                Prepared foods made with a lot of sugar or other cabohydrates "Sweetmeat" redirects here. For the racehorse, see Sweetmeat (horse). Not to be confused with Sweetbread. This Kransekake is a traditional Scandinavian baker's confection. Confectionery is the art of making confections , which are food items that are rich in sugar and carbohydrates. Exact definitions are difficult. [1] In general, though, confectionery is divided into two broad and somewhat overlapping categories, bakers' confections and sugar confections. [2] Bakers' confectionery, also called flour confections , includes principally sweet pastries, cakes, and similar baked goods. Sugar confectionery includes candies ( sweets in British English), candied nuts, chocolates, chewing gum, bubble gum, pastillage, and other confections that are made primarily of sugar. In some cases, chocolate confections (confections made of chocolate) are treated as a separate category, as are sugar-free versions of
                                Read more