swarm_act

package module

v0.0.0-...-9b494c0 Latest Latest Go to latest Published: Oct 22, 2024 License: MIT Imports: 15 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/asabya/swarm-act

Links

Open Source Insights

README ¶

Swarm ACT Integration for User-Based Access Control

Overview

This package provides an implementation to integrate Swarm's Access Control Trie (ACT) with a user-based access control mechanism. It addresses the limitation of the native Swarm ACT, which is node-based and lacks user-level granularity, by enabling access control initialized with a user's key and allowing users to be added as grantees.

Background

The Access Control Trie (ACT) in Swarm provides a way to manage access permissions for resources stored on the Swarm network. However, the native implementation of ACT is node-based, meaning access control is managed at the node level rather than the user level. This poses a challenge for user-centric and fine-grained access control.

Problem with Native Swarm ACT

Node-Based Access Control: Swarm's native ACT operates on nodes, not users, limiting the ability to control access at a user level.
Lack of User Concept: Without user keys, it's challenging to implement user-specific permissions and sharing capabilities.
Limited Collaboration: Users cannot be added as grantees directly.

Solution

This package overcomes the limitations by:

Initializing ACT with User Keys: It uses a user's private key to initialize the access control mechanism.
User-Based Grantees: Allows any user to be added as a grantee by their public key.
Mapping User Identities: Bridges the gap between node-based ACT and user-centric applications by mapping user identities to the ACT.

How It Works

User Initialization: By initializing the ACT with a user's private key, the access control is tied to the user's identity.
Grantee Management: Public keys of grantees are stored and managed, allowing specific users to be granted or revoked access.
Data Encryption: Data references are encrypted and managed through Swarm's upload and download handlers, ensuring only authorized users can access the data.

Code Structure

ACT Struct: Core struct holding the access control controller, user's public key, and the PutGetter client.
Functions:
- New: Initializes the ACT instance.
- CreateGrantee: Adds grantees to the access list.
- GetGrantees: Retrieves the list of current grantees.
- RevokeGrant: Revokes access for specific grantees.
- HandleUpload: Manages the upload process with access control.
- HandleDownload: Manages the download process, ensuring access permissions.

Installation

go get github.com/asabya/swarm_act

Ensure that you have Go installed and set up on your system.

Contributing

Contributions are welcome! Please open an issue or submit a pull request on GitHub.

License

This project is licensed under the MIT License.

Documentation ¶

Overview ¶

Package swarm_act provides an integration of Swarm's Access Control Trie (ACT) for user-based access control. It enables initializing access control with a user's key and allows adding or revoking grantees at the user level.

Index ¶

type ACT
- func New(bee blockstore.Client, key *ecdsa.PrivateKey, stamp string) *ACT

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ACT ¶

type ACT struct {
	// contains filtered or unexported fields
}

ACT represents the Access Control Trie integration for user-based access control. It encapsulates the access control controller, the user's public key, and the PutGetter client.

func New ¶

func New(bee blockstore.Client, key *ecdsa.PrivateKey, stamp string) *ACT

New initializes a new ACT instance with the given user's private key, Bee client, and postage stamp ID.

func (*ACT) CreateGrantee ¶

func (a *ACT) CreateGrantee(ctx context.Context, historyAddress swarm.Address, list []*ecdsa.PublicKey) (*api.GranteesPostResponse, error)

CreateGrantee adds new grantees to the access control list. It creates a new encrypted grantee list and updates the history reference.

func (*ACT) GetGrantees ¶

func (a *ACT) GetGrantees(ctx context.Context, granteesAddress swarm.Address) ([]*ecdsa.PublicKey, error)

GetGrantees retrieves the list of current grantees from the access control list.

func (*ACT) HandleDownload ¶

func (a *ACT) HandleDownload(ctx context.Context, reference, historyAddress swarm.Address, publisher *ecdsa.PublicKey, ts int64) (swarm.Address, error)

HandleDownload processes the download operation with access control. It checks the user's permissions and returns the address of the data if access is granted.

func (*ACT) HandleUpload ¶

func (a *ACT) HandleUpload(ctx context.Context, reference, historyAddress swarm.Address) (*api.GranteesPostResponse, error)

HandleUpload processes the upload operation with access control. It updates the references to the data and history feed.

func (*ACT) RevokeGrant ¶

func (a *ACT) RevokeGrant(ctx context.Context, granteesAddress, historyAddress swarm.Address, addList, removeList []*ecdsa.PublicKey) (*api.GranteesPostResponse, error)

RevokeGrant updates the access control list by adding new grantees and revoking specified grantees.

Source Files ¶

View all Source files

act.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL