Info

Source on GitHub

https://github.com/AlexGor-dev/contract_manager.git

Smart Contract Address

0QAA8aYTV7vF7CPNzK7nZOGiKebX69NpcMgMGceoYqKwUhU1

Source on GitHub

https://github.com/AlexGor-dev/messenger.git

Smart Contract Address

0QDsj2uAXnI9IOLqptUulnuYfEuX07DP3XhKUCGIxfdEN7ZT

Testing and Issues

You can test this entry and submit issues during the testing period of the Blockchain Contest, Stage 2 contest.

Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.

Voting

2

Comments

Messenger.
Designed for exchanging encrypted messages between users. Uses Asymmetric Encryption. The sender encrypts his message with the public key of the recipient. The recipient decrypts the message with his private key. The keys are used the same as for signing and verifying the signature of messages in the contract code generated when creating the contract (Ed25519).
Contract manager.

Only information about the smart contract manager is stored on the PC. Information about the contracts created in it is stored in the smart contract (Manager) in the ton blockchain. The private key and address of the contract are stored. The private key is encrypted and decrypted by the manager’s private key.
You have not added any comments yet...
by rating

Issues

I personally do not think the idea of messenger over blockchain is a good option. I also mentioned in chat that this is not really good idea using asymmetric cryptography for encrypting the traffic between parties, so much better to replace it with Diffie-Hellfman
However the quality and volume of job done for those weeks job is remarkable!
Desert Falcon Jan 22, 2020 at 10:21
Сделал мессенджер для андроид, на Ton Blockchain.
Made a messenger for android on Ton Blockchain.
http://complex-soft.com/apk/tonmess.zip
Clever Turkey Feb 10, 2020 at 23:35
This would be a Messenger for very rich people.

We found the following issue in the Messenger contract:
- Public contract keeps contact list in a dictionary indexed by public keys. It is possible to identify an internal message sent to the contract with a new public key (often it is possible to do even before it is sent) and advancingly send a message which will register the non-owned public key with a controlled address. The replies then will be sent to the controlled address and can't be read, but they can be relayed to the real address with some funds stolen in the process. The message will arrive successfully and noone will notice the "man in the middle" taking a commision for every relayed message.
Desert Falcon Feb 11, 2020 at 01:58
Да, эту ошибку я обнаружил, почти сразу после окончания конкурса.
Нужно, чтобы отправитель подписывал сообщение приватным ключом,
и в интернал сообщениях проверялась подпись. В мессенджере для андроид - это
уже исправлено.

Yes, I found this error, almost immediately after the end of the competition.
It is necessary that the sender signs the message with a private key, and the signature is verified in the message internals. In the messenger for android - this has already been fixed.
Nobody added any issues yet...