Say I want to make a smart contract that is able to save secret messages (strings). The messages should be stored only in encrypted form so no one can read them, but should be decrypt-able by a couple of users.
I can write basic Solidity, but I need some help on how to do this design wise.
I know it's possible to encrypt/decrypt strings offline and only send the encrypted data to the blockchain. But in the case there must be multiple users who need to be able to decrypting the same strings, how can this best be done?
Would this be possible with creating a multi-sig wallet contract comprised out of a few users? Will they all need to have the private key on their computers in order to use it? Isn't that dangerous?
Any advice much appreciated.
Best Answer
Sorry, it cannot be done safely on Ethereum blockchain with standard solidity, not in that mode. If you should encrypt using solidity in a smart contract, all the variables involved in the elaboration are stored on/in the blockchain. It can be formally demonstrated.
What you can do is to store any already crypt value on the blockchain, readable by any person who knows the encryption key.
This (the decryption) requires to be made off chain (i.e. on a separate server and/or in JavaScript on the web UI) if the data must be accessed by more than one user and need to remain secret, because if you decrypt it on EVM using some
a copy of the key shall be available on the blockchain forever, readable by all (you can read the transaction in clear text on etherscan, for instance)
You can have something useful by zk-SNARK algorithms, see https://link.medium.com/Gj2AvUVMeR , but it is not trivial and, until now, no suitable implementation are known in Solidity and EVM.