Is an equivalent of Solidity’s msg.sender available when developing ESCs in Rust ?
1 Like
Hi @arookie,
What do you mean ? Using a msgSender argument in a secret contract method and calling from the frontend computeTask(fn, args, gasLimit, gasPx, sender, scAddr) where msgSender is in args ?
If so, or even if in the ESCs we would use the 5th argument sender there would be no guarantee at all that the sender is who he claims to be.
Is there an example somewhere ?
1 Like
@guix i think a user would have to sign a message using web3.eth.sign and then you would have to verify the signature in the secret contract. It looks like parity has a crate call ethkey that might be able to help with verifying a signature in rust (https://docs.rs/ethkey/0.2.5/ethkey/struct.EthAccount.html#method.verify). I haven’t tested it myself yet, so i don’t know if that’s the right library to use
2 Likes
@guix I means no Rust’s method / special vars is equivalent of msg.sender in Solidity.
You need to check it manually, sth likes the way which @pmp suggested.
Did you resolve it?
Thanks @arookie!
No, I didn’t solve it. Since we call computeTask(fn, args, gasLimit, gasPx, sender, scAddr) from the frontend (or tests), I guess there should just be a very simple way way to get sender it inside of the secret contracts.
Here is where I’m stuck: https://github.com/guix77/enigma-secret-access-control/blob/c15e9ac6a723c368e03c7dd42f738d53123836d9/secret_contracts/secret_access_control/src/lib.rs#L58
Flagging this question for @adi @victor or @fredfortier – the question is how to check within the secret contract from which Ethereum address the task is originating. I guess in our millionaire’s example we draw this information from the add_millionaire function only.
For example, in the millionaire’s problem walkthrough, for example, address is submitted via add_millionaire public-facing function in secret contract.
add_millionaire— Allows us to add/register a new millionaire with an Ethereum address (H160) and net worth (U256)
I think @guix you are asking if there is a way to reference the sender address aside from what is submitted as part of a public facing function in the secret contract?
( just for ease of reference, here are some existing demonstrative examples of rust-based secret contracts. )
Yah, at the moment, I thought that we need to pass the ETH address from the UI then in the lib.rs will use it as the same way which millionare demo did.
@ainsley we’ve have background from Solidity and in Solidity we have some special vars/methods to check. I also ask the same question before but unfortunately maybe it’s on team’s vacation. 
Just want to let everyone know we’re looking into this today. Thanks for your patience!
3 Likes
Not yet – if we don’t have a better suggestion by tomorrow, we’ll suggest going with the workaround for now (passing the address in to a specific function, as illustrated in the ERC-20 token example)
1 Like
hi @ainsley so do we have any better solution? Or temporarily we will workarount as the ERC-20 token example?
1 Like
Our guidance is to use this workaround (as in the ERC-20 example) for the time being.
A better solution to this is on our list of todo’s but we have a few other deadlines to hit first.
1 Like
Sorry, I still don’t get it, even with the ERC-20 example. I don’t really understand the verify method, an explanation line by line could be useful for me. Also, a mocha test or some UI code for this ERC-20 impl could be useful, in particular how you would build from them the last parameter sig: Vec<u8>.