Is it a good idea to keep user's principals in a dapp in secret?

Normally, should user’s principals in a dapp be held in secret? Is it a good idea to advise users to keep in secret principals in my app? (Should I remove then their displaying in UI not to accidentally make a screenshot?)

(I want to use users’ principals as keys in a hashmap, and disclosing them would be a security vulnerability.)

Is it a good idea?

Also a malicious replica can disclose them, can’t it?

What is the concern with logging user principals? Or users exposing their principals?

I assume that you want to ensure anonymity but trying to understand any other use case.

1 Like

I want to store the principal of a created by my software canister into a database, where they are associated with a user. I want only the user himself to be able to store his principals, not somebody other to do this, for consistency of the DB: The consistency rule says: principals corresponding to a user as stored in the DB must really correspond to this user.

What database are you using?

stable TrieMap.

Why did you ask?

I wanted to understand if it was an external or in-canister “database”.

So is the idea that you want to store a list of principals but you want only the user to only add and view their own principals?

Yes.

I want the user to store bookmarks.

I’ll do a bit more research tomorrow.

In theory, yes, nodes can read canister state. This is a good post if you are looking to understand more about nodes and canister state: Guarding against malicious node providers - #2 by diegop

In the future, you could secure the data using VetKeys.

You could still try to enforce adding and viewing to a Hashmap at the user level.

I would try creating a private hashmap and then only allow principals to view the rows that include their principal.