My first simple application on IC, and a question about better options for hashing text data meant for storing temporary passwords

Developers Motoko
1

Hi, I created my first application with backend ( Ancient Motoko Language) and frontend ( Vue.js )

(Halloween is approaching, so the name refers to that: Ghost Messages :ghost:).
It allows users to save messages with a password, which are immediately deleted after being read (by entering the ID and password for the Message)

Write a message + provide a password → An ID will be generated → Send the ID and password to a friend → Friend enters the ID and password and reads the message, which disappears after being read (the record is deleted).

Simple to operate, but the ICP blockchain seems like a good place to save something like this.

I already have it installed on the IC network. My question is, because I couldn’t find it, is there an easy way to hash the password ( my Text field ) text ? Storing it in plain text doesn’t seem very elegant to me :innocent:

https://d7szd-saaaa-aaaaj-aztva-cai.icp0.io/

2

Do you know mops? It has a package registry for Motoko. I can see a few packages that offer hash functions: Mops • Motoko Package Manager

2 Likes
3

Nice :smiley: I’ll check it out, it looks like this is what I was looking for. Thanks a lot for the tip ! :sunglasses:

4

I think what you want to do is encrypt the password, and do it on the client side. If you send it to the canister unencrypted it is sniffable by boundary nodes and will be in the canister at rest(same if you send a hash and save a salt).

You may need to look at vetkeys as a solution.

3 Likes
5

Thank you very much :slightly_smiling_face: