I'm looking into decentralized storage for the first time and looking to use a simple storage service which enables storage reading/writing via API key. Only merkle trees will be stored.
I would like to add an extra security layer to this that depends on the ethereum based private key of the user uploading the merkle tree.
The merkle root of the tree is stored on-chain (some EVM chain).
My question is will the following procedure work to add an extra security layer:
-
There is a dedicated leaf (signed leaf) to which the user signs a constant message, that has a corresponding ECDSA verification contract on-chain.
-
The user uploads the merkle tree to decentralized storage, then uploads the merkle root on-chain
-
Clients would then need to verify the signed leaf via ECDSA.recover method and perform its corresponding merkle proof
-
Clients would then proceed to perform a merkle proof of the leaf(s) they are interested in using on-chain
-
Business as usual...