Privacy and Security
Privacy is very important as the blockchain can be viewed publicly. Security is important too because a contract cannot be changed once it has been deployed.
The following main points can be made about the security considerations made in the MVP:
-
A secure pastebin is used to host a demand owner's contact details and the item information. This content expires and each carries a hash along with it so that its integrity can be verified.
In short, the idea is that:
- The link and hash are stored on the blockchain
- A user can access the link and verify the content using the hash at any time before expiry
- Once the pastebin entry expires it is gone forever
-
Only non-sensitive data is "visible" on the blockchain. The geographical locations of the users are kept private. Salted "city pair" hashes are instead used to record this information, so they can be looked up but not read.
-
Data is isolated from other data as much as possible. Independent storage keys are used for demands and travels that happen between different cities, for example. This reduces the chance of data corruption or intentional manipulation occurring.
-
Length checks and validation on all data sent to the contract.
-
Witness checking and wallet script validation.
-
Node RPC communication over HTTPS protects data in transit.
The web app is capable of communicating with a Neo node directly over RPC. The same could be said about the Neon/Neoscan APIs it uses to get balance information. However, since the app is served over https, the browser blocks requests to insecure APIs that don't serve proper CORS headers. Currently, to solve this problem, these requests are proxied through the Express server hosting the app.
In the future, given the proper CORS headers are being served over https, the app would not need to proxy these requests through its own server.