0

I'm trying to create an encrypted storage solution that uses IPFS as storage and Ethereum smart contracts for access control. Basically, each user can upload files to IPFS and they can choose Ethereum addresses that can view that data (sharing with others).

However, I cannot find a feasible way to provide encryption / decryption of that data. The approach I thought was in the following way. When user A wants to store a file, it is encrypted with a symmetric key Ks and a smart contract is created that contains the file hash in IPFS and a mapping that represents who can view the data. In the mapping, keys should be addresses of users that are allowed to see the file and the value is Ks encrpyted with the user's public key.

The download process should look like -> B goes to smart contract and asks for the file hash and they decryption key. If the contract has B in the access mappinng, it returns the information. B downloads the file from IPFS and uses its private key to decrypt Ks and then can see the file.

I would like my application to integrate with Metamask for example and I see there is no way I could use the private key of the wallet to do my particular decryption. I couldn't find any possible solutions for this.

Can anyone suggest other workarounds that could help solve the issue?

Emrond
  • 1
  • 1

1 Answers1

0

I can suggest you, how you can create your system, using Emercon NVS, not Ethereum smart-contract:

  1. Each customer deploys into NVS his public key, for example: openPGP key, by create nvs-record:

    • name -> gpg:username
    • value -> gpg-pubkey

  2. When you encrypt your file with the session key Ks, you attach to your file list of messages, each contains session key Ks, encrypted by public key of appropriate user.

  3. Thereafter, you deploy your outfile into IPFS. Moreover, you can put into NVS redable name for your file, for mapping your file to IPFS file hash, for example:

    • ipfs:myfile ->a02..ac6

  4. When user would like read file, he must to do following:

    • Receive from you file name.
    • By NVS-request, he retrieve ipfs file hash.
    • By file hash, he download file from IPFS.
    • He search in the list [2] his record - session key, encrypted by his own pubkey.
    • He decrypt session key with this privkey.
    • With session key, he decrypts your file.

If you would like develop this system on Emercoin, I can provide you 20 testnet coins for free, just leave in the comments your tEMC addrss.

olegarch
  • 3,670
  • 1
  • 20
  • 19