Tezos Secrets Store

Baah Kusi
Published in
3 min readMay 2, 2020
Photo by Stefan Steinbauer

In a previous post- https://medium.com/ejara/storing-retrieving-secrets-on-a-public-smart-contract-925f02178d7- we introduced our approach to storing secret information on the tezos blockchain.

In this post, we introduce a working demonstration of what was previously discussed and a code explanation.

First, we’d like to commend the excellent Conseiljs library without which most of what you see in the demo would have not been possible. Also, the same kudos goes to Crypto Mike who provided fixes to two issues in the Conseiljs library identified during development.

Here is the demo link to play with : http://tezos-secrets-store.surge.sh/.

In this demo, we have the smart contract itself as was developed with Smartpy and then the web client which was developed with Vuejs (Bootstrap-Vue) and Conseiljs.

First, we discuss the smart contract and then after that, we discuss the frontend part. If you would like to jump right into the source code you can find it here https://github.com/EjaraApp/tezos-secrets-store.

Smart Contract

A link to the smartpy contract can be found here in the online editor where you can actually play with it. The smart contract itself is very concise and brief as written in smartpy, however, it fully embodies what we described in this post, https://medium.com/ejara/storing-retrieving-secrets-on-a-public-smart-contract-925f02178d7. The main difficulty was in coming up with a working scheme, and once we got that, the code took just a few minutes to write. The requirement for smart contracts is not the volume of code but the quality of thought that goes into scheming one. Good solutions usually turn out shorter than expected. Deliberate size limitations of smart contracts on the tezos platform could encourage this kind of practice. An instance of this smart contract is deployed for every new user. For this demo, we store the KTAddress in the local storage of the browser.

In an actual implementation, we could store it in a normal database or another smart contract. The reason we deploy a new smart contract for every new user instead of using one contract for all users is to avoid having the situation where an attacker has all users and secrets in one place. Hopefully, this adds another thin layer of security since it will make life a bit difficult for the lady who would very much like to brute force secrets. She would have to scan the chain for all such contracts. Definitely, secrets stored on the smart contract are subjected to brute force attacks, but then it's just like anything else encrypted that has ever been sent on the internet, we are all depending on the strength of cryptographic schemes and algorithms.

Web Client

The web client (https://github.com/EjaraApp/tezos-secrets-store/tree/master/secrets) allows us to interact directly with the tezos blockchain for the purposes of;

  • Deploying contracts.
  • Invoking already deployed contracts.
  • Querying for data from the chain.

These three functionalities above were made possible for us by the Conseiljs library. For instance here is a snapshot of code for deployment purposes.

With this we are able to deploy a string version of the Michelson code to the blockchain, wait for a confirmation results and then return a JSON object containing the KTAddress of the smart contract.

We also have a similar looking code for invoking already deployed smart contracts.

and for querying smart contracts and getting hold of their storage.

One thing we found, however, was the lack of tools to parse the storage and return a comfortable JSON representation. You may have to parse your own storage like what we have here.

To give context here is a definition of our storage

(pair (pair (list %SecretStore string) (bytes %hashedProof)) (int %nonce));

The (list %SecretStore string) defines a list of secrets as stored on the smart contract. An example query returns the following information

You can see then that our code to parse the storage gets from this returned storage the list of secrets that happen to be within the curly brace. We have a similar code to get the nonce (int %nonce) which is much simpler.

A very desirable feature in the Conseiljs library would be to have some function that would be able to parse any smart contract storage and return a JSON with the %labels as keys and corresponding values.

Our team enjoyed designing and developing this smart contract and soon our beloved Ejara users would seamlessly benefit from this new feature.



Baah Kusi
Writer for

Blockchain Architect | Distributed Systems Engineer