What is Iran hiding in Ethereum?
Over the years, more and more entities are taking advantage of the funcionality offered by blockchain technology. If we using deliberately and carefully, blockchain technology gives us many opportunities. But, you have to be careful what you throw into the public ledgers. Saving data / information in the public ledger may turn out to be a very beneficial solution for the company (e.g. transparency/security) or a mistake for which they can pay (literally — GDPR) for many years.
In public blockchains we can find really interesting information like — when born Satoshi Nakamoto (maybe it’s fake information), phone number for ex-girlfriend (NO, I DIDN’T CALL), Iranian blockchain/cryptocurrency course or Alior Bank SA interest rate table for individual customers. That kind of information will stay with us forever, please be careful what you share in public blockchain.
I would like to present two examples (good and bad) of using simple smart contracts on the Ethereum blockchain (as a public ledger).
The bad one — cryptocurrency/blockchain Iranian course.
Not a good example of using smart contracts in public ledger contains data of the Iranian course of cryptocurrency/blockchain knowledge — don’t worry, I will hide the names, surnames and universities.
Among the orbit of this smart contract, there are 6 other smart contracts with similar data — but I decided not to show this smart contract due to the sensitive data contained in it.
Smart contract have 189 interactions, 7 of which were reverted, so we got 182 well-executed calls — data of 48 persons were made available.
Details related to this smart contract:
Everything would be fine if the data was more encrypted or showed general information like date (persian year 1397 = gregorian year 2018), course name and maybe some ID, like there:
But we also have a very bad use of smart contact that makes sensitive data available.
From this smart contract, we can find out 8 names of class instructors and 40 names of students. In this case, they all passed the classes, but what if someone failed — do you think that person would like to share that kind of information to the whole world?
The good one — Alior Bank.
Alior Bank uses smart contracts for a good purpose. The documents that appear are to some extent encrypted — without any sensitive data. This type of implementation of a smart contract is transparent and Alior Bank is fully aware of the data inserted herein.
In “Input Data” we can find information that is “hidden” for most people. After decoding the data, we can refer to them on the main Alior Bank website.
The given documents can be easily found on the Alior Bank website by typing “_fileName” or “_contentHash”. The shared data is safe, transparent and no one suffers from it. Files “uploaded” to Ethereum are mainly bank regulations and tables with interest rates.
Blockchain technology is designed to ensure the security of distributed and data encryption. Let us use it careful, because once the data is left in it, it stays there forever.
