how can I inject an env variable secret inside a main net deployed canister?
And also how is my secret protected against everyone else on the chain?
Thx
Asked
Active
Viewed 58 times
1
-
Generally data on chain is "public", however you can encrypt the data so that the public cannot read it. Can you share something about your use case? Perhaps a solution will become evident. "Public" in this case means that node providers with technical chops could access the data, so the privacy is similar to that you would get if you hired a machine from a cloud provider. Node providers have a financial disincentive to be naughty but if they are prepared to take the hit they could hack into the data on their own server. – Max Murphy Jun 14 '22 at 02:52
-
I believe that new hardware is being rolled out to make it really hard for node providers to read canister data, however I don't know what the state of that work is. When that is done, I guess you could consider data to be pretty secure, although I'd still encrypt if your secret is worth a billion dollars. – Max Murphy Jun 14 '22 at 03:00