Hi guys, I have a question about on how calculations of a plutus script are performed. In the plutus pioneer program there was an example of a script that posted a datum onchain with a password locking ada. This UTXO could be redeemed if the correct password was guessed. Now my question is, what do the pool owners and everyone else that has access tot the MEM pool see of this transaction? A stakepool needs to validate the calculation, does it compare hashed passwords vs a guess that the redeemer provides? And if so, could a pool operator grab/steal such a UTXO by performing a quick scan of the MEM pool and adding a similar guess to the MEM pool but with higher fee’s? When sending the redemeer to the chain the password is not hashed… Is there another implementation to bypass this?
The validator script contains the details here of exactly what the stakepool needs to do. Maybe post the specific example so we can see the code?
As for grabbing/stealing, I’d say there is definitely some potential depending on how the validator script was created. The usefulness of a hashed check like this to me wouldn’t really be for guessing though. It would just be used for normal locking out of something reserved on chain.
Any construct like this is really the equivalent of posting the hash on social media and saying comment your answers below. So grabbing / stealing and modifying based on other responses probably should be assumed.