From 88533d8466df1e612988992c81bdd4a014761611 Mon Sep 17 00:00:00 2001 From: Tudor Malene Date: Fri, 22 Sep 2023 12:53:26 +0100 Subject: [PATCH 1/2] small doc changes --- docs/_data/navigation.yml | 4 ++++ docs/_docs/testnet/security.md | 10 ++++++++ docs/_docs/what-is-obscuro/quick-start.md | 29 +++++++++++++++++++++++ docs/index.md | 18 ++++++++++++-- 4 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 docs/_docs/testnet/security.md create mode 100644 docs/_docs/what-is-obscuro/quick-start.md diff --git a/docs/_data/navigation.yml b/docs/_data/navigation.yml index 46fb912d5a..1c7f50e2a6 100644 --- a/docs/_data/navigation.yml +++ b/docs/_data/navigation.yml @@ -14,6 +14,8 @@ sidebar-list: children: - title: Encrypted Ethereum url: what-is-obscuro/encrypted-ethereum + - title: Developer quick start + url: what-is-obscuro/quick-start - title: Technology url: what-is-obscuro/technology - title: User Experience @@ -39,6 +41,8 @@ sidebar-list: url: testnet/deploying-a-smart-contract-programmatically - title: Change Log url: testnet/changelog + - title: Security + url: testnet/security - title: On Chain Capabilities children: diff --git a/docs/_docs/testnet/security.md b/docs/_docs/testnet/security.md new file mode 100644 index 0000000000..530b22b6a6 --- /dev/null +++ b/docs/_docs/testnet/security.md @@ -0,0 +1,10 @@ +--- +--- +# Testnet Security + +The first Obscuro Testnet is focused on functionality and the User and Developer experience. + +Privacy features require special attention from the core and security audit team and will be finalised in a +future version of Testnet. + +As a user of the "Obscuro Testnet", do not expect the data you are loading to be 100% private. diff --git a/docs/_docs/what-is-obscuro/quick-start.md b/docs/_docs/what-is-obscuro/quick-start.md new file mode 100644 index 0000000000..ea420665d8 --- /dev/null +++ b/docs/_docs/what-is-obscuro/quick-start.md @@ -0,0 +1,29 @@ +--- +--- +# Developer quick start + +The only difference between an Obscuro and an Ethereum (or Arbitrum) dApp is that on Obscuro you can hide the internal +state of the contract. + +The most obvious example is that an ERC20 token deployed on Obscuro will not respond to balance requests unless you are +the account owner. + +In Obscuro, the internal node database is encrypted, and the contract execution is also encrypted inside the TEE. +The calls to [getStorageAt](https://docs.alchemy.com/reference/eth-getstorageat) are disabled, so all data access +requests will be performed through view functions which are under the control of the smart contract developer. + +Nobody (which includes node operators and the sequencer) can access the internal state of a contract. + +**The only thing you have to do when porting a dApp to Obscuro is to add a check in your view functions comparing +the `tx.origing` and `msg.sender` against the accounts allowed to access that data.** + +The snippet below illustrates this for an [ERC20 token](https://github.com/obscuronet/sample-applications/blob/main/number-guessing-game/contracts/ERC20.sol#L25). + +```solidity +function balanceOf(address tokenOwner) public view override returns (uint256) { + require(tx.origin == tokenOwner || msg.sender == tokenOwner, "Only the token owner can see the balance."); + return balances[tokenOwner]; +} +``` + +_Note that this works because in Obscuro all calls to view functions are authenticated._ \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index 5374841c2d..04d235d9c9 100644 --- a/docs/index.md +++ b/docs/index.md @@ -2,6 +2,20 @@

-Welcome to Obscuro. Obscuro hyper-scales and encrypts Ethereum. No SDKs, 100% EVM. +Welcome to Obscuro - the first Ethereum L2 with private smart contract state. -On this docsite you will find useful guidance on Obscuro, how to participate in the Testnet and, if you want to go deeper, read the whitepaper using the menu above. A PDF version of the whitepaper is [available](https://whitepaper.obscu.ro/assets/images/obscuro-whitepaper-0-10-0.pdf). +Obscuro hyper-scales and encrypts Ethereum. No SDKs, 100% EVM. + +On this docsite you will find useful guidance on Obscuro, how to participate in the Testnet and, if you want to go deeper, read the whitepaper using the menu above. + +The Litepaper is available to view [here](https://obscu.ro/litepaper). + +A PDF version of the whitepaper is available [here](https://whitepaper.obscu.ro/assets/images/obscuro-whitepaper-0-10-0.pdf). + + +## Useful Resources + +1. [Github](https://github.com/obscuronet/go-obscuro) +2. [Twitter](https://twitter.com/obscuronet/) +3. [Discord](https://discord.gg/7pkKv2Tyfn) +4. [Blog](https://medium.com/obscuro-labs) From 8a4a3e05f047af0d0c1d4a38420cd2042a3412a4 Mon Sep 17 00:00:00 2001 From: Tudor Malene Date: Mon, 25 Sep 2023 09:24:55 +0100 Subject: [PATCH 2/2] address pr comments --- docs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/index.md b/docs/index.md index 04d235d9c9..f78efcb44a 100644 --- a/docs/index.md +++ b/docs/index.md @@ -4,7 +4,7 @@ Welcome to Obscuro - the first Ethereum L2 with private smart contract state. -Obscuro hyper-scales and encrypts Ethereum. No SDKs, 100% EVM. +Obscuro hyper-scales and encrypts Ethereum. 100% EVM, 100% Solidity. On this docsite you will find useful guidance on Obscuro, how to participate in the Testnet and, if you want to go deeper, read the whitepaper using the menu above.