Skip to content

Tutorial

Herein the whole process cycle of creating a secret by the owner and its retrieval by a consumer is described and examples are provided.


Hints

  • Secrether Contracts' addresses for both Ropsten testnet and the Mainnet are available on the Main Page.
  • Payments to the Secrether Smart Contract are described in the Payments Page.
  • Please test your application using Ropsten Testnet Secrether Smart Contract and Ropsten REST API:

    Ropsten Testnet Smart Contract:
    0xf26d57E70F4cfF3d19a37871B19fdaa867A37e0C
    Ropsten REST API:
    https://ropsten-api.secrether.io/


Creating a secret

Send an ethereum transaction to the Secrether Contract: invoke Create Secret Method. The transaction includes a payment fee, which is described in the Payment Page.

// Solidity

// The secret is "***SECRET DATA***"
// DO NOT REVEAL IT IN BLOCKCHAIN AS IT WILL TURN PUBLIC
// keccak256("***SECRET DATA***") = 0x7b62008c866b0c258068ad9cebf59798968c95e5e1d90eebca0e6160e31180a8
// secretBytesSize = bytes('***SECRET DATA***').length = 17

// The address who will be the owner of the secret
address owner=0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;

// Fee calculation is described in the "Payment Page"
uint256 fee = secrether.calculateStorageFee(secretBytesSize);

// createSecret(bytes32 hash,uint32 size,address secretOwner)
secrether.createSecret{value:fee}(0x7b62008c866b0c258068ad9cebf59798968c95e5e1d90eebca0e6160e31180a8,secretBytesSize,owner);

or in JavaScript:

* Note: Using JavaScript to interact with Secrether Smart Contract will require a connection to an active ethereum node, or using a service such as Infura or MetaMask.

// JavaScript

const secret="***SECRET DATA***";
const hash=web3.utils.keccak256(secret);
const owner="0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE";
const fee=await secrether.calculateStorageFee(secret.length);
await secrether.createSecret(hash, secret.length, owner, { value: fee });

Send the secret to the secrether REST API:

* Note: Sending the secret data is done off-chain, because sending it to the blockchain will reveal it publicly.

// JavaScript

const axios = require('axios');

await axios
  .post('https://api.secrether.io/v1/secret/create', {
    hash,
    data: secret,
  });

Giving Permissions to a Consumer

Now, you want to let one of your customers (with i.e:0x1111111111111111111111111111111111111111 address) to be able to download the secret data.

// Solidity

// Sending this transaction from the 'secret owner' account (0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE)
address consumer=0x1111111111111111111111111111111111111111;
uint256 fee = secrether.calculateRetrievalFee(secretBytesSize);
secrether.addPermissions{value:fee}(hash, consumer);
require(secrether.isPermittedRetrieval(hash, consumer));

or in JavaScript:

// JavaScript

const consumer='0x1111111111111111111111111111111111111111';
const fee = await secrether.calculateRetrievalFee(secret.length);
await secrether.addPermissions(hash, consumer, { value:fee });
assert(await secrether.isPermittedRetrieval(hash, consumer));

Reading the Secret

Now, a consumer with an address 0x1111111111111111111111111111111111111111 can read the secret in a following way:

// JavaScript

const axios = require('axios');

const res=await axios
  .get('https://api.secrether.io/v1/secret/ota', {
    hash,
    data: secret,
  }).json();

const ota = res.body.data.ota; // OTA Code expires after 10 minutes

const consumer = 0x1111111111111111111111111111111111111111;
const sign = await web3.eth.sign(ota, consumer);

const secretData = await axios
  .get(`https://api.secrether.io/v1/secret/get?hash=${hash}&ota=${ota}&sign=${sign}`);

As a result you will get plain text secret data.

Making the Secret Public

There are use-cases where it is not necessary to handle the secret data hidden anymore and a smart contract would want retrieve it and perform some action depends on what the secret was.
In this case we can use the Make Public Method, and we will need to send it a publication fee described in the Payments Page.

// Solidity

// Sending this transaction from the 'secret owner' account (0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE)
uint256 fee = secrether.calculatePublicFee(secretBytesSize);
secrether.makePublic{value:fee}(hash);
require(secrether.isPermittedRetrieval(hash));

or in JavaScript:

// JavaScript

const fee = await secrether.calculatePublicFee(secret.length);
await secrether.makePublic(hash, { value: fee });
assert(await secrether.isPermittedRetrieval(hash));

Now the secret is publicly availble. For a smart contract to be able to retrieve the data use Provable API and point it to the REST API Get Secret Method.