Hmmm, but it must decide when, based on there being enough participants, and then it must also select a winner.
secret contract is deciding this, not the
The problem with your suggestion above
With you now, you can initially save the sender/lottery address in the contract when you start the lottery and whitelist the accounts, mind you shouldn’t send the addresses to the smart contract but you can call some function there and save your address as lotteryOwner or something.
Later use this to verify it’s the same sender choosing a winner.
is that once the
secret contract picks a winner, the
lotteryOwner is the one initiating the transfer of the token to the winner, which he could decide not to send the token at all, or send it to a different person other than the winner, thats what I mean with
lotteryOwner holds some power on when / where the token is send
I apologise for making this difficult for you, I don’t believe I am doing a good job making my point.
Ultimately we need to let the
smart contract (deposit) know who won the lottery safely and trust-less.
We can work around it by making the
lotteryOwner the only one eligible making the call, or we need to implement a RSA solution within the
secret contract (lottery) so every call made by the
secret contract (lottery) can be checked by the
smart contract (deposit).