1

Is it correct that everyone can see my source code once smart contract code has been published to blockchain?

Is it correct that everyone can see application's businesss state and information saved in blockchain?

For example, the example below sends a request to blockchain, receives response from blockchain. In this case, can anyone see the source code and business information? The app uses Ethereum blockchain via Solidity.

https://docs.microsoft.com/en-us/azure/blockchain/service/send-transaction

Is it possible to protect source code and users can only see business states via UI? like conventional web applications.

Pingpong
  • 6,402
  • 16
  • 57
  • 152

2 Answers2

0

In any blockchain the business info/state is visible to the participants of the blockchain network or consortium. Any smart contract state changes in done via a transaction that is shared between the participants of the transaction. Hence the contents/operations exposed via that smart contract is also visible to the participants of that transaction, so that they can verify it's validity / have a consensus on whether to accept/reject it.

To answer your question "everyone" may not be able to see the contents unless it is a public smart contract / transaction you are dealing with. in case of public transaction/contracts it is visible to that public chain. If it is a private transaction, then it is only visible to the participants of the private transaction.

Reference: Q&A

AshokPeddakotla-MSFT
  • 1,699
  • 5
  • 13
0

Smart contract state and any information stored in the blockchain is visible to all observers outside of the blockchain, even local and private variables. (It is not necessarily visible to other smart contracts).

The solidity source code itself is not stored on the blockchain, only the compiled bytecode, which consist of low-level machine instructions (called opcodes) for the Ethereum Virtual Machine. Although this can't easily be converted back into your source code (i.e. all variable names will be missing), it does reveal information about what your code is doing.

Peladao
  • 3,776
  • 1
  • 20
  • 40
  • Who are observers? What measures are available to protect code (even machine code) and business information, like on servers side in client-server model? – Pingpong Oct 13 '20 at 11:38
  • For public networks (mainnet), observers can be anybody. For private/inhouse networks, observers are anybody with access to the network. So only in private networks can machine code or business information be protected from the public. – Peladao Oct 13 '20 at 13:54