DEV Community

abhinav the builder
abhinav the builder

Posted on

Passwords in Solidity

Why is it needed?

Suppose you have locked liquidity on-contract which can be liquidated via withdraw() that depends on a require function and access control. If someone has access to the responsible EOA, they can withdraw funds when needed. A better way to go about this is to also have a password, so that incase of a private key leak, the hacker still has to enter a password.

How is it implemented?

  1. User enters password, gets hashed via Keccak256 and appended with "0x" before the hash string.
  2. User sets password via constructor when deploying (_setNewPassword())
  3. User then can decide to check password (_testPassword()) and enter expected password and new password (since current password will be declared by on-chain data).

Solidity Code 

contract onChainPassword
{
    bytes32 private globalPassword;

    constructor(bytes32 _hashedPassword) 
    {
        globalPassword = _hashedPassword;
    }

    function _checkPassword(string memory _password, bytes32 _newPassword)
        public returns (bool)
    {
        bool decision = keccak256(abi.encodePacked(_password))==globalPassword;
        _setNewPassword(_newPassword);
        return decision;
    }

    function _setNewPassword(bytes32 _newPassword) internal
    {
        globalPassword = _newPassword;
    }
}
Enter fullscreen mode Exit fullscreen mode

Disclaimer

Never put Friday projects on main-net without testing extensively, I'm a scatterbrain.

Top comments (0)

Read next

vishalwaje profile image

Demystifying the Spring Framework: A Beginner's Guide

Vishal -

adityabharti profile image

I got into the Android Club Tech Department at my college!

Aditya Bharti -

nadiafedev profile image

My favorite React library of the week: " Yet Another React Lightbox" 💛

Nadia -

rajdhokai profile image

Maximizing React: The Ultimate Guide to Performance Enhancement

Dhokai Raj B -