model

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 28, 2023 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccessKeyType = "AccessKey"

	AccessKeyHeaderDate      = "X-Meta-Date"
	AccessKeyHeaderClientKey = "X-Meta-Client-Key"
	AccessKeyHeaderBodyHash  = "X-Meta-Body-Hash"
)
View Source 
const (
	NTopicNewBlock = "ledger.newBlock"

	MessageTypeNewBlockNotification = "NewBlockNotification"
)
View Source 
const (
	ProvTypeAgent       = "Agent"
	ProvTypeRole        = "Role"
	ProvTypeUsage       = "Usage"
	ProvTypeActivity    = "Activity"
	ProvTypeEntity      = "Entity"
	ProvTypeAssociation = "Association"
)
View Source 
const (
	RcTypeAlgo0 = 0
	RcTypeAlgo1 = 1

	// RecordFlagPublic bit is set to true, if the underlying operation
	// and data assets are available in a clear-text form. Use this
	// flag to publish data that needs to be accessed by third parties
	// that don't know the locker secrets.
	RecordFlagPublic uint32 = 0x00000001
)
View Source 
const (
	Ed25519VerificationKey2018Type = "Ed25519VerificationKey2018"
)
View Source 
const KeySize = 32
View Source 
const (
	// MerkleID is an ID used for signing and verification of Merkle documents.
	// We set the document ID to MerkleID before signing (because final Merkle ID of the document
	// is a hash of the document including its signature
	MerkleID = "_:merkle_root_2016"
)
View Source 
const (
	NonceLength = 32
)
View Source 
const (
	PiprateContextURL = "https://piprate.org/context/piprate.jsonld"
)
View Source 
const (
	RequestingCommitmentTag = "requesting commitment"
)
View Source 
const (
	TypeResource = "Resource"
)

Variables

View Source 
var (
	ErrMissingDateInHeader      = errors.New("missing " + AccessKeyHeaderDate + " in request header")
	ErrMissingClientKeyInHeader = errors.New("missing " + AccessKeyHeaderClientKey + " in request header")
)
View Source 
var (
	// ErrDataSetNotFound indicates the dataset was not found. It may mean the dataset is available
	// in MetaLocker, but not accessible by the given data wallet.
	ErrDataSetNotFound  = errors.New("dataset not found")
	ErrResourceNotFound = errors.New("resource not found")
)
View Source 
var (
	// ErrRecordNotFound indicates the ledger record was not found
	ErrRecordNotFound = errors.New("record not found")
	// ErrBlockNotFound indicates the ledger block was not found
	ErrBlockNotFound = errors.New("block not found")
	// ErrDataAssetNotFound indicates the data asset was not found
	ErrDataAssetNotFound = errors.New("data asset not found")
	// ErrAssetHeadNotFound indicates the record for an asset head is not found
	ErrAssetHeadNotFound = errors.New("asset head not found")
)
View Source 
var (
	ErrDataAssetAccessDenied = errors.New("access to data asset denied")
	ErrBlobNotFound          = errors.New("blob not found")
)
View Source 
var (
	// DefaultMaxDistanceSeconds is 5 minutes
	DefaultMaxDistanceSeconds int64 = 5 * 60
)
View Source 
var ErrAuthorizationNotFound = errors.New("missing or invalid Authorization in request header")
View Source 
var ErrInvalidDID = errors.New("invalid DID identifier")
View Source 
var (
	// ErrOperationNotFound indicates that operation was not found
	ErrOperationNotFound = errors.New("operation not found")
)

Functions

func AnonDecrypt 

func AnonDecrypt(cypherText, privateKey []byte) ([]byte, error)

func AnonEncrypt 

func AnonEncrypt(msg, publicKey []byte) []byte

AnonEncrypt encrypts a message by anonymous-encryption scheme. Sealed boxes are designed to anonymously send messages to a Recipient given its public key. Only the Recipient can decrypt these messages, using its private key. While the Recipient can verify the integrity of the message, it cannot verify the identity of the Sender.

func BuildAuthorisingCommitmentInput 

func BuildAuthorisingCommitmentInput(privKey *hdkeychain.ExtendedKey, opAddress string) []byte

func BuildDIDPrefix 

func BuildDIDPrefix(method string) string

func BuildDigitalAssetID 

func BuildDigitalAssetID(data []byte, fingerprintAlgorithm, didMethod string) (string, error)

BuildDigitalAssetID creates a new instance for Digital Asset from a pre-calculated fingerprint.

func BuildDigitalAssetIDFromFile 

func BuildDigitalAssetIDFromFile(filename, fingerprintAlgorithm, didMethod string) (string, string, error)

BuildDigitalAssetIDFromFile creates a new instance for Digital Asset

func BuildDigitalAssetIDFromReader 

func BuildDigitalAssetIDFromReader(r io.Reader, fingerprintAlgorithm, didMethod string) (string, error)

BuildDigitalAssetIDFromReader creates a new instance for Digital Asset from a pre-calculated fingerprint.

func BuildDigitalAssetIDWithFingerprint 

func BuildDigitalAssetIDWithFingerprint(fp []byte, didMethod string) string

BuildDigitalAssetIDWithFingerprint creates a new instance for Digital Asset from a pre-calculated fingerprint.

func BuildRequestingCommitmentInput 

func BuildRequestingCommitmentInput(leaseID string, expiresAt *time.Time) []byte

func BuildRoutingKey 

func BuildRoutingKey(key *btcec.PublicKey) (string, error)

func BuildSharedSecret 

func BuildSharedSecret(key *hdkeychain.ExtendedKey) string

func CompactDocument 

func CompactDocument(input []byte, ctxURL string) ([]byte, error)

func DecryptAESCGM 

func DecryptAESCGM(ciphertext []byte, key *AESKey) (plaintext []byte, err error)

DecryptAESCGM decrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Expects input form nonce|ciphertext|tag where '|' indicates concatenation.

func DecryptCredentials 

func DecryptCredentials(recipient *DID, credentials, subject string) (string, string, error)

func DefaultDocumentLoader 

func DefaultDocumentLoader() ld.DocumentLoader

func DeriveStorageAccessKey 

func DeriveStorageAccessKey(leaseID string) (ed25519.PublicKey, ed25519.PrivateKey)

func EncryptAESCGM 

func EncryptAESCGM(plaintext []byte, key *AESKey) (ciphertext []byte, err error)

EncryptAESCGM encrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Output takes the form nonce|ciphertext|tag where '|' indicates concatenation.

func EncryptCredentials 

func EncryptCredentials(recipient *DID, keyID, secret, subject string) string

func ExpandDocument 

func ExpandDocument(input []byte) ([]byte, error)

func ExtractDIDMethod 

func ExtractDIDMethod(didID string) (string, error)

func ExtractSignature 

func ExtractSignature(hdr http.Header) (string, string, error)

func FlattenDocument 

func FlattenDocument(input []byte, ctx any) ([]byte, error)

func GenerateAccessKeyID 

func GenerateAccessKeyID() string

func GenerateAccessToken 

func GenerateAccessToken(recordID, leaseID string, now, leaseExpiryTime int64) string

func GenerateDocumentNodeMap 

func GenerateDocumentNodeMap(input []byte) (map[string]any, error)

GenerateDocumentNodeMap exposes GenerateNodeMap method from JSON-LD API. It shouldn't be really used directly (use Flatten instead), but it's sometimes useful for debugging JSON-LD schema related issues.

func GenerateNewHDKey 

func GenerateNewHDKey(seed []byte) (*hdkeychain.ExtendedKey, *hdkeychain.ExtendedKey, error)

func Hash 

func Hash(tag string, data []byte) []byte

Hash generates a hash of data using HMAC-SHA-512/256. The tag is intended to be a natural-language string describing the purpose of the hash, such as "hash file for lookup key" or "master secret to client secret". It serves as an HMAC "key" and ensures that different purposes will have different hash output. This function is NOT suitable for hashing passwords.

func HashRequestBody 

func HashRequestBody(body []byte) []byte

func HeadID 

func HeadID(assetID string, lockerID string, sender *LockerParticipant, headName string) string

func NewAssetID 

func NewAssetID(method string) string

NewAssetID generates a new random asset ID.

func PackHeadBody 

func PackHeadBody(assetID, lockerID, participantID, name, recordID string) []byte

func Pad 

func Pad(src []byte) []byte

func PutBinaryContextIntoDefaultDocumentLoader 

func PutBinaryContextIntoDefaultDocumentLoader(url string, ctx []byte) error

func PutContextIntoDefaultDocumentLoader 

func PutContextIntoDefaultDocumentLoader(url, filePath string) error

func PutContextMapIntoDefaultDocumentLoader 

func PutContextMapIntoDefaultDocumentLoader(contextMap map[string]string) error

func RandomKeyIndex 

func RandomKeyIndex() uint32

func RecordsToCSV 

func RecordsToCSV(recs []*Record) []byte

func SetDebugMode 

func SetDebugMode(v bool)

func SetDefaultDocumentLoader 

func SetDefaultDocumentLoader(l ld.DocumentLoader)

func SignRequest 

func SignRequest(hdr http.Header, keyID string, clientSecret *AESKey, clientHMACKey []byte, now time.Time, url string, body []byte) (string, error)

func UnpackHeadBody 

func UnpackHeadBody(val []byte) (string, string, string, string, string)

func UnwrapDigitalAssetID 

func UnwrapDigitalAssetID(id string) string

UnwrapDigitalAssetID removes 'did:method:' component from the given DID

func ValidateDIDMethodPrefix 

func ValidateDIDMethodPrefix(methodPrefix string) error

func ValidateRequest 

func ValidateRequest(hdr http.Header, reqSig string, encryptedHMACKey []byte, reqTime time.Time, url string, bodyHash []byte) (bool, error)

func VerifyAccessToken 

func VerifyAccessToken(at, dataAssetID string, now, maxDistanceSeconds int64, ledger AccessVerifier) bool

func VerifyDigitalAssetID 

func VerifyDigitalAssetID(id, fingerprintAlgorithm string, data []byte) (bool, error)

func VerifySemanticDigitalAssetID 

func VerifySemanticDigitalAssetID(id, fingerprintAlgorithm string, data []byte) (bool, error)

Types

type AESKey 

type AESKey [32]byte

func DecodeAESKey 

func DecodeAESKey(val string, privKey ed25519.PrivateKey) (*AESKey, error)

func DeriveClientAESKey 

func DeriveClientAESKey(pk ed25519.PrivateKey) *AESKey

func DeriveEncryptionKey 

func DeriveEncryptionKey(secret1, secret2 []byte) *AESKey

func DeriveSymmetricalKey 

func DeriveSymmetricalKey(secret []byte, pubKey *btcec.PublicKey) *AESKey

func NewAESKey 

func NewAESKey(val []byte) *AESKey

func NewEncryptionKey 

func NewEncryptionKey() *AESKey

NewEncryptionKey generates a random 256-bit key for Encrypt() and Decrypt(). It panics if the source of randomness fails.

func SplitClientSecret 

func SplitClientSecret(secret string) (ed25519.PrivateKey, *AESKey, []byte, error)

func (*AESKey) Base64 

func (k *AESKey) Base64() string

func (AESKey) Bytes 

func (k AESKey) Bytes() []byte

func (*AESKey) Zero 

func (k *AESKey) Zero()

type AccessKey 

type AccessKey struct {
	ID          string      `json:"id"`
	AccountID   string      `json:"account"`
	AccessLevel AccessLevel `json:"level"`
	Secret      string      `json:"secret,omitempty"`
	Type        string      `json:"type"`

	ManagementKey       string `json:"mgmtKey"`
	EncryptedManagedKey string `json:"emk,omitempty"`
	EncryptedHostedKey  string `json:"ehk,omitempty"`

	ManagementKeyPub ed25519.PublicKey  `json:"-"`
	ManagementKeyPrv ed25519.PrivateKey `json:"-"`
	ClientSecret     *AESKey            `json:"-"`
	ClientHMACKey    []byte             `json:"-"`
}

AccessKey defines a key that can be used to access MetaLocker. Access keys are useful for programmatic or temporary access to MetaLocker data without revealing its main encryption keys.

func GenerateAccessKey 

func GenerateAccessKey(accountID string, accessLevel AccessLevel) (*AccessKey, error)

GenerateAccessKey creates a new access key that can be used to connect to MetaLocker.

Client will use: keyID, management key (64-byte private Ed-25519 key), HMAC key (64 bytes) Server will use: keyID, encrypted HMAC key

func (*AccessKey) AddHostedKey 

func (ak *AccessKey) AddHostedKey(key *AESKey)

func (*AccessKey) AddManagedKey 

func (ak *AccessKey) AddManagedKey(key *AESKey)

func (*AccessKey) Bytes 

func (ak *AccessKey) Bytes() []byte

func (*AccessKey) ClientKeys 

func (ak *AccessKey) ClientKeys() (string, string)

ClientKeys returns a pair <key-id> and <secret-string> that can be used by a remote client to gain access to a specific account with specific restrictions.

func (*AccessKey) Hydrate 

func (ak *AccessKey) Hydrate(secret string) error

func (*AccessKey) Neuter 

func (ak *AccessKey) Neuter()

type AccessLevel 

type AccessLevel int32
const (
	AccessLevelNone       AccessLevel = 0
	AccessLevelRestricted AccessLevel = 1
	AccessLevelManaged    AccessLevel = 2
	AccessLevelHosted     AccessLevel = 3
	AccessLevelLocal      AccessLevel = 4
	AccessLevelCold       AccessLevel = 5
)

type AccessVerifier 

type AccessVerifier interface {
	// GetRecord returns a ledger record by its ID. Returns ErrRecordNotFound error
	// if record was not found.
	GetRecord(rid string) (*Record, error)
	// GetDataAssetState returns the state of the given data asset. Returns
	// ErrDataAssetNotFound error if data asset not found.
	GetDataAssetState(id string) (DataAssetState, error)
	// GetRecordState returns ledger record state for the given
	// record ID. It's useful to identify if the record
	// was published on the ledger (and its block ID) or if the lease
	// behind the record was revoked.
	GetRecordState(rid string) (*RecordState, error)
}

AccessVerifier is used by MetaLocker vaults to retrieve record and data asset information that is necessary to identify whether to serve the requested data asset.

type Algorithm 

type Algorithm struct {
	Context any    `json:"@context,omitempty"`
	ID      string `json:"id"`
	Type    any    `json:"type"`
}

type BlobManager 

type BlobManager interface {
	GetBlob(res *StoredResource, accessToken string) (io.ReadCloser, error)
	SendBlob(data io.Reader, cleartext bool, vaultID string) (*StoredResource, error)
	PurgeBlob(res *StoredResource) error

	GetVaultMap() (map[string]*VaultProperties, error)
}

BlobManager is a trusted component that reads and writes binary data to MetaLocker vaults. BlobManager manages client-side encryption for blobs. There is no need to encrypt of decrypt data that comes from BlobManager.

type Block 

type Block struct {
	Number     int64  `json:"number"`
	Hash       string `json:"hash"`
	ParentHash string `json:"parentHash,omitempty"`
}

Block defines a block of the MetaLocker ledger. Blocks are identified by their sequential numbers, starting with 0. Hash and ParentHash fields allow connecting a specific block with the underlying block implementation.

type Confirmation 

type Confirmation struct {
	Type       string              `json:"type"`
	Offer      *KnowledgeOffer     `json:"offer"`
	Terms      []*OfferTerms       `json:"terms,omitempty"`
	Provenance []*QuotedFromEntity `json:"provenance,omitempty"`
}

type ConsentReceipt 

type ConsentReceipt struct {
	Version          string          `json:"version,omitempty"`
	Jurisdiction     string          `json:"jurisdiction,omitempty"`
	ConsentTimestamp uint64          `json:"consentTimestamp,omitempty"`
	CollectionMethod string          `json:"collectionMethod,omitempty"`
	ConsentReceiptID string          `json:"consentReceiptID,omitempty"`
	Subject          string          `json:"subject,omitempty"`
	DataController   *DataController `json:"dataController,omitempty"`
	Services         []*Service      `json:"services,omitempty"`
	PolicyURL        string          `json:"policyUrl,omitempty"`
	Sensitive        bool            `json:"sensitive,omitempty"`
	SpiCat           []string        `json:"spiCat,omitempty"`
}

type Criteria 

type Criteria struct {
	ID      string           `json:"id"`
	Type    string           `json:"type"`
	Name    string           `json:"name,omitempty"`
	Version string           `json:"version,omitempty"`
	Params  []map[string]any `json:"parameters,omitempty"`
}

type DID 

type DID struct {
	// ID is a decentralised identifier.
	ID string `json:"id" example:"did:piprate:9JA3ukzEXQeoTLyH9N2Jdp"`
	// VerKey public Ed25519 key in base58 encoding
	VerKey string `json:"verKey" example:"<public key in base58 encoding>"`
	// SignKey (optional) private Ed25519 key in base58 encoding
	SignKey string `json:"signKey,omitempty" example:"<private key in base58 encoding>"`
	// contains filtered or unexported fields
}

DID is a Hyperledger Indy-style definition of a decentralised identifier (DID). DID is a globally unique persistent identifier that does not require a centralized registration authority because it is generated and/or registered cryptographically.

func GenerateDID 

func GenerateDID(options ...DIDOption) (*DID, error)

func NewDID 

func NewDID(did, verKey, signKey string) *DID

func (*DID) Bytes 

func (did *DID) Bytes() []byte

func (*DID) Copy 

func (did *DID) Copy() *DID

func (*DID) NeuteredCopy 

func (did *DID) NeuteredCopy() *DID

func (*DID) Sign 

func (did *DID) Sign(message []byte) []byte

func (*DID) SignKeyValue 

func (did *DID) SignKeyValue() ed25519.PrivateKey

func (*DID) VerKeyValue 

func (did *DID) VerKeyValue() ed25519.PublicKey

func (*DID) Verify 

func (did *DID) Verify(message, signature []byte) bool

func (*DID) Zero 

func (did *DID) Zero()

type DIDDocument 

type DIDDocument struct {
	Context        any        `json:"@context,omitempty"`
	ID             string     `json:"id"`
	PublicKey      []any      `json:"publicKey,omitempty"`
	Authentication []any      `json:"authentication,omitempty"`
	Service        []any      `json:"service,omitempty"`
	Created        *time.Time `json:"created,omitempty"`
	Updated        *time.Time `json:"updated,omitempty"`
	Proof          *Proof     `json:"proof,omitempty"`
}

func SimpleDIDDocument 

func SimpleDIDDocument(did *DID, created *time.Time) (*DIDDocument, error)

func (*DIDDocument) Bytes 

func (d *DIDDocument) Bytes() []byte

func (*DIDDocument) Equals 

func (d *DIDDocument) Equals(anotherD *DIDDocument) bool

func (*DIDDocument) ExtractIndyStyleDID 

func (d *DIDDocument) ExtractIndyStyleDID() (*DID, error)

func (*DIDDocument) Sign 

func (d *DIDDocument) Sign(identity string, key ed25519.PrivateKey) error

Sign signs the document and assigns Merkle ID to the root JSON-LD element

func (*DIDDocument) Verify 

func (d *DIDDocument) Verify(key ed25519.PublicKey) (bool, error)

type DIDOption 

type DIDOption func(opts *didOptions)

func WithMethod 

func WithMethod(method string) DIDOption

func WithSeed 

func WithSeed(seed string) DIDOption

type DIDProvider 

type DIDProvider interface {
	CreateDIDDocument(ddoc *DIDDocument) error
	GetDIDDocument(iid string) (*DIDDocument, error)
}

type DataAssetState 

type DataAssetState int
const (
	DataAssetStateKeep     DataAssetState = 1
	DataAssetStateRemove   DataAssetState = 2
	DataAssetStateNotFound DataAssetState = 3
)

type DataController 

type DataController struct {
	OnBehalf         bool     `json:"onBehalf,omitempty"`
	Org              string   `json:"org,omitempty"`
	Contact          string   `json:"contact,omitempty"`
	Address          any      `json:"address,omitempty"`
	Email            string   `json:"email,omitempty"`
	Phone            string   `json:"phone,omitempty"`
	PIIControllerURL *url.URL `json:"piiControllerUrl,omitempty"`
}

type DataSet 

type DataSet interface {
	// ID returns the dataset's record ID.
	ID() string
	// MetaResource returns a reader for the dataset's meta resource.
	MetaResource() (io.ReadCloser, error)
	// DecodeMetaResource is a convenience function that unmarshals the dataset's metadata into the given structure.
	DecodeMetaResource(obj any) error
	// Resources returns a list of resource IDs that belong to the dataset.
	Resources() []string
	// Resource returns a reader for the given resource within the dataset.
	Resource(id string) (io.ReadCloser, error)
	// DecodeResource is a convenience function that unmarshals the requested resource into the given structure.
	DecodeResource(id string, obj any) error
	// Lease returns the dataset's lease document
	Lease() *Lease
	// Impression returns the dataset's impression document (also available through Lease() )
	Impression() *Impression

	// Record returns the dataset's record structure
	Record() *Record
	// BlockNumber returns the number (ID) of the block where the dataset's record appeared.
	BlockNumber() int64
	// LockerID returns the ID of the locker that contains the dataset.
	LockerID() string
	// ParticipantID returns the ID (the corresponding identity's DID) of the locker participant
	// that submitted the dataset.
	ParticipantID() string
}

DataSet defines an interface to a MetaLocker dataset stored in the given record.

type Ed25519VerificationKey2018 

type Ed25519VerificationKey2018 struct {
	Context         any        `json:"@context,omitempty"`
	ID              string     `json:"id"`
	Type            string     `json:"type"`
	Controller      string     `json:"controller"`
	Expires         *time.Time `json:"expires,omitempty"`
	PublicKeyBase58 string     `json:"publicKeyBase58"`
}

Ed25519VerificationKey2018 is based on https://w3c-dvcg.github.io/lds-ed25519-2018/

type Impression 

type Impression struct {
	Context         any           `json:"@context"`
	ID              string        `json:"id"`
	Type            []string      `json:"type"`
	Asset           string        `json:"asset,omitempty"`
	ProvGraph       any           `json:"graph,omitempty"`
	WasAttributedTo string        `json:"wasAttributedTo,omitempty"`
	GeneratedAtTime *time.Time    `json:"generatedAtTime,omitempty"`
	MetaResource    *MetaResource `json:"resource,omitempty"`

	RevisionNumber   int64  `json:"revisionNumber,omitempty"`
	RevisionMessage  string `json:"revisionMessage,omitempty"`
	WasRevisionOf    string `json:"wasRevisionOf,omitempty"`
	SpecializationOf string `json:"specializationOf,omitempty"`

	Proof *Proof `json:"proof,omitempty"`
}

Impression is a semantic definition of a dataset that contains verifiable information about its provenance, authorship, relation to other datasets, including revision data. Impression is signed by its creator using JSON-LD Signature scheme.

func NewBlankImpression 

func NewBlankImpression() *Impression

func NewImpression 

func NewImpression(body []byte) (*Impression, error)

func (*Impression) Bytes 

func (ii *Impression) Bytes() []byte

func (*Impression) Compact 

func (ii *Impression) Compact() ([]byte, error)

func (*Impression) Copy 

func (ii *Impression) Copy() *Impression

func (*Impression) GetProvenance 

func (ii *Impression) GetProvenance(resourceID string) any

func (*Impression) GetVariantID 

func (ii *Impression) GetVariantID() string

func (*Impression) IsRoot 

func (ii *Impression) IsRoot() bool

func (*Impression) IsSigned 

func (ii *Impression) IsSigned() bool

func (*Impression) MerkleSign 

func (ii *Impression) MerkleSign(identity string, key ed25519.PrivateKey) error

func (*Impression) MerkleVerify 

func (ii *Impression) MerkleVerify(key ed25519.PublicKey) (bool, error)

func (*Impression) Revision 

func (ii *Impression) Revision() int64

func (*Impression) RevisionOf 

func (ii *Impression) RevisionOf() string

type KnowledgeOffer 

type KnowledgeOffer struct {
	ID               string        `json:"id"`
	Type             string        `json:"type"`
	Sender           string        `json:"sender"`
	Recipient        string        `json:"recipient"`
	Expires          *time.Time    `json:"expires,omitempty"`
	Asset            any           `json:"asset"`
	DatasetType      string        `json:"datasetType"`
	DatasetPreview   any           `json:"datasetPreview,omitempty"`
	RevisionNumber   int64         `json:"revisionNumber,omitempty"`
	WasRevisionOf    string        `json:"wasRevisionOf,omitempty"`
	SpecializationOf string        `json:"specializationOf,omitempty"`
	Terms            []*OfferTerms `json:"terms"`
	Proof            *Proof        `json:"proof,omitempty"`
}

func NewKnowledgeOffer 

func NewKnowledgeOffer(body []byte) (*KnowledgeOffer, error)

func (*KnowledgeOffer) Bytes 

func (ko *KnowledgeOffer) Bytes() []byte

func (*KnowledgeOffer) MerkleSign 

func (ko *KnowledgeOffer) MerkleSign(identity string, key ed25519.PrivateKey) error

func (*KnowledgeOffer) MerkleVerify 

func (ko *KnowledgeOffer) MerkleVerify(key ed25519.PublicKey) (bool, error)

type KnowledgeProspectus 

type KnowledgeProspectus struct {
	Context any               `json:"@context"`
	ID      string            `json:"id"`
	Type    string            `json:"type"`
	Creator string            `json:"creator,omitempty"`
	Created *time.Time        `json:"created,omitempty"`
	Query   *KnowledgeQuery   `json:"query,omitempty"`
	Offers  []*KnowledgeOffer `json:"offers,omitempty"`
	Proof   *Proof            `json:"proof,omitempty"`
}

func NewKnowledgeProspectus 

func NewKnowledgeProspectus(body []byte) (*KnowledgeProspectus, error)

func (*KnowledgeProspectus) Bytes 

func (kp *KnowledgeProspectus) Bytes() []byte

func (*KnowledgeProspectus) MerkleSign 

func (kp *KnowledgeProspectus) MerkleSign(identity string, key ed25519.PrivateKey) error

func (*KnowledgeProspectus) MerkleVerify 

func (kp *KnowledgeProspectus) MerkleVerify(key ed25519.PublicKey) (bool, error)

type KnowledgeQuery 

type KnowledgeQuery struct {
	Context  any        `json:"@context"`
	ID       string     `json:"id"`
	Type     string     `json:"type"`
	Creator  string     `json:"creator,omitempty"`
	Created  *time.Time `json:"created,omitempty"`
	Criteria *Criteria  `json:"criteria,omitempty"`
	Proof    *Proof     `json:"proof,omitempty"`
}

type KnowledgeSharingRequest 

type KnowledgeSharingRequest struct {
	Context       any                  `json:"@context"`
	ID            string               `json:"id"`
	Type          string               `json:"type"`
	Creator       string               `json:"creator,omitempty"`
	Created       *time.Time           `json:"created,omitempty"`
	Prospectus    *KnowledgeProspectus `json:"prospectus,omitempty"`
	Locker        string               `json:"locker,omitempty"`
	Vault         string               `json:"vault,omitempty"`
	Confirmations []*Confirmation      `json:"confirmations"`
	Proof         *Proof               `json:"proof,omitempty"`
}

type KnowledgeSharingResult 

type KnowledgeSharingResult struct {
	RecordID     string `json:"recordId"`
	ImpressionID string `json:"impressionId"`
	Payload      any    `json:"payload,omitempty"`
}

type Lease 

type Lease struct {
	ID          string            `json:"id"`
	Type        string            `json:"type"`
	ExpiresAt   *time.Time        `json:"expire,omitempty"`
	Resources   []*StoredResource `json:"storage"`
	DataSetType string            `json:"datasetType"`
	Impression  *Impression       `json:"impression"`
	Provenance  *ProvEntity       `json:"provenance,omitempty"`
	Proof       *Proof            `json:"proof,omitempty"`
}

Lease is a dataset lease as a MetaLocker operation. This lease is stored in OffChainStorage.

func NewLease 

func NewLease(body []byte) (*Lease, error)

func (*Lease) DataAssetList 

func (l *Lease) DataAssetList(includeMetaAsset bool) []string

func (*Lease) GenerateAccessToken 

func (l *Lease) GenerateAccessToken(rid string) string

func (*Lease) GetResourceIDs 

func (l *Lease) GetResourceIDs() []string

func (*Lease) MetaResource 

func (l *Lease) MetaResource() *StoredResource

func (*Lease) Resource 

func (l *Lease) Resource(assetID string) *StoredResource

type Ledger 

type Ledger interface {
	io.Closer

	// SubmitRecord adds a ledger records into the queue to be
	// included into the next block.
	SubmitRecord(r *Record) error
	// GetRecord returns a ledger record by its ID. Returns ErrRecordNotFound error
	// if record was not found.
	GetRecord(rid string) (*Record, error)
	// GetRecordState returns ledger record state for the given
	// record ID. It's useful to identify if the record
	// was published on the ledger (and its block ID) or if the lease
	// behind the record was revoked.
	GetRecordState(rid string) (*RecordState, error)
	// GetBlock returns a block definition for the given block number.
	GetBlock(bn int64) (*Block, error)
	// GetBlockRecords returns a list of all ledger records included
	// in the block as an array of arrays of strings:
	//     [record_id, routing_key, key_index]*
	// Returns ErrBlockNotFound error if block was not found.
	GetBlockRecords(bn int64) ([][]string, error)
	// GetGenesisBlock returns the definition of the genesis block.
	// If there is no genesis block yet, it will return nil as a block.
	GetGenesisBlock() (*Block, error)
	// GetTopBlock returns the definition of the top (latest) block.
	// If there are no blocks yet, it will return nil as a block.
	GetTopBlock() (*Block, error)
	// GetChain returns a sequence of block definitions of
	// the given length (depth), starting from the given block id
	GetChain(startNumber int64, depth int) ([]*Block, error)
	// GetDataAssetState returns the state of the given data asset. Returns
	// ErrDataAssetNotFound error if data asset not found.
	GetDataAssetState(id string) (DataAssetState, error)
	// GetAssetHead returns the record of type = head that defines the current asset head for the given ID.
	GetAssetHead(headID string) (*Record, error)
}

Ledger is an interface to a MetaLocker ledger.

type Locker 

type Locker struct {
	// ID is the unique locker ID.
	ID string `json:"id"`
	// Name is the locker's name. These names are useful for locker documentation purposes.
	// They aren't used in any data processing.
	Name string `json:"name"`
	// AccessLevel is the locker's access level. Data wallet needs to be unlocked to a specific access level
	// to gain access to lockers at this level or higher.
	AccessLevel AccessLevel `json:"level"`
	// Participants is a list of locker participants.
	Participants []*LockerParticipant `json:"participants"`
	// Created is the locker's creation time. For documentation purposes only.
	Created *time.Time `json:"created"`
	// Expires is the time when the locker will expire. NOT SUPPORTED.
	Expires *time.Time `json:"expires,omitempty"`
	// Sealed is the time when the locker was sealed (closed). NOT SUPPORTED.
	Sealed *time.Time `json:"sealed,omitempty"`
	// FirstBlock is the block number that was the height of the chain when the locker was created.
	// It is guaranteed that all records for this locker will be in blocks AFTER this block.
	FirstBlock int64 `json:"firstBlock"`
	// LastBlock is the block number that was the height of the chain when the locker was sealed.
	// It is guaranteed that all records for this locker will be in blocks BEFORE this block.
	// NOT SUPPORTED.
	LastBlock int64 `json:"lastBlock,omitempty"`
	// ThirdPartyAcceptedAtBlock is the number of the block when the locker was accepted by the owner
	// when the owner acts as a third party (is not a participant on the locker)
	ThirdPartyAcceptedAtBlock int64 `json:"acceptedAtBlock,omitempty"`
}

Locker is a secure, persistent, bidirectional communication channel between two or more participants. A special type of locker with just one participant is called a uni-locker.

func GenerateLocker 

func GenerateLocker(accessLevel AccessLevel, name string, expires *time.Time, firstBlock int64,
	parties ...PartyOption) (*Locker, error)

func (*Locker) AcceptedAtBlock 

func (l *Locker) AcceptedAtBlock() int64

func (*Locker) Bytes 

func (l *Locker) Bytes() []byte

func (*Locker) Copy 

func (l *Locker) Copy() *Locker

func (*Locker) GetParticipant 

func (l *Locker) GetParticipant(participantID string) *LockerParticipant

func (*Locker) Hydrate 

func (l *Locker) Hydrate(pk ed25519.PrivateKey) error

func (*Locker) IsHydrated 

func (l *Locker) IsHydrated() bool

func (*Locker) IsUnilocker 

func (l *Locker) IsUnilocker() bool

func (*Locker) Perspective 

func (l *Locker) Perspective(iid string) *Locker

func (*Locker) SetAcceptedAtBlock 

func (l *Locker) SetAcceptedAtBlock(block int64)

func (*Locker) Them 

func (l *Locker) Them() *LockerParticipant

func (*Locker) Us 

func (l *Locker) Us() *LockerParticipant

func (*Locker) Zero 

func (l *Locker) Zero()

type LockerParticipant 

type LockerParticipant struct {
	// ID is the participant's identity ID (DID)
	ID string `json:"id"`
	// SharedSecret is a Base64-encoded secret used to encrypt operations in the given locker (leases, etc)
	SharedSecret string `json:"sharedSecret,omitempty"`
	Self         bool   `json:"self,omitempty"`
	// RootPublicKey is a Base64-encoded root public key that can be used to identify if the specific record
	// was issued by this participant.
	RootPublicKey string `json:"rootPublicKey,omitempty"`
	// RootPrivateKeyEnc is a Base64-encoded, encrypted root HD key used to generate record's routing keys.
	RootPrivateKeyEnc string `json:"encryptedRootPrivateKey,omitempty"`
	// AcceptedAtBlock is the number of the block when the locker was accepted by the party
	// and registered in its root locker.
	AcceptedAtBlock int64 `json:"acceptedAtBlock,omitempty"`
	// contains filtered or unexported fields
}

LockerParticipant is a definition of locker participant. It contains sensitive secrets, such as SharedSecret, and should be stored securely.

func (*LockerParticipant) GetOperationSymKey 

func (lp *LockerParticipant) GetOperationSymKey(idx uint32) *AESKey

func (*LockerParticipant) GetRecordPrivateKey 

func (lp *LockerParticipant) GetRecordPrivateKey(idx uint32) (*hdkeychain.ExtendedKey, error)

func (*LockerParticipant) GetRecordPublicKey 

func (lp *LockerParticipant) GetRecordPublicKey(idx uint32) (*btcec.PublicKey, error)

func (*LockerParticipant) GetRootPrivateKey 

func (lp *LockerParticipant) GetRootPrivateKey() string

func (*LockerParticipant) Hydrate 

func (lp *LockerParticipant) Hydrate(pk ed25519.PrivateKey) error

Hydrate decrypts (if needed) and instantiates ExtendedKey fields from Base64 encoded values

func (*LockerParticipant) IsHydrated 

func (lp *LockerParticipant) IsHydrated() bool

func (*LockerParticipant) IsRecordOwner 

func (lp *LockerParticipant) IsRecordOwner(routingKey string, idx uint32) (*btcec.PublicKey, *AESKey, error)

func (*LockerParticipant) Zero 

func (lp *LockerParticipant) Zero()

type MerkleSigner 

type MerkleSigner interface {
	MerkleSign(identity string, key ed25519.PrivateKey) error
}

type MerkleVerifier 

type MerkleVerifier interface {
	GetProof() *Proof
	MerkleVerify(key ed25519.PublicKey) (bool, error)
}

type MetaResource 

type MetaResource struct {
	// Asset is the meta resource's asset ID.
	Asset string `json:"id,omitempty"`
	// ContentType is the semantic type of the meta resource (and of the dataset).
	ContentType string `json:"contentType,omitempty"`
	// Fingerprint is the digital fingerprint of the meta resource. Because MetaResource
	// is signed as a part of impression, this fingerprint can verify if the meta resource
	// has been altered in any way.
	Fingerprint string `json:"fingerprint,omitempty"`
	// FingerprintAlgorithm is the Fingerprint's algorithm.
	FingerprintAlgorithm string `json:"fingerprintAlgorithm,omitempty"`
}

MetaResource provides Impression with a link to its meta resource, the root document of the underlying dataset.

type NewBlockMessage 

type NewBlockMessage struct {
	Type   string `json:"type"`
	Number int64  `json:"number"`
}

type OffChainStorage 

type OffChainStorage interface {
	GetOperation(opAddr string) ([]byte, error)
	SendOperation(opData []byte) (string, error)
	PurgeOperation(opAddr string) error
}

OffChainStorage is an interface to a storage layer that is used to store ledger operation definitions. In contrast with ledger records which are permanent, offchain data can be deleted, if the underlying dataset lease expired, or it was revoked, or for any other reason that prohibits access to the given operation.

type OfferTerms 

type OfferTerms struct {
	Duration int64 `json:"duration,omitempty"`
}

type OpType 

type OpType uint32
var (
	OpTypeLease           OpType = 1
	OpTypeLeaseRevocation OpType = 2
	OpTypeAssetHead       OpType = 3
)

type PartyOption 

type PartyOption func() (*LockerParticipant, error)

func Them 

func Them(did *DID, seed []byte) PartyOption

func Us 

func Us(did *DID, seed []byte) PartyOption

type Proof 

type Proof struct {
	Type    string `json:"type"`
	Creator string `json:"creator"`
	Value   string `json:"proofValue"`
}

type ProvActivity 

type ProvActivity struct {
	ID                   string             `json:"id,omitempty"`
	Type                 string             `json:"type"`
	Algorithm            string             `json:"algorithm"`
	Used                 any                `json:"used,omitempty"`
	QualifiedUsage       []*ProvUsage       `json:"qualifiedUsage,omitempty"`
	WasAssociatedWith    string             `json:"wasAssociatedWith,omitempty"`
	QualifiedAssociation []*ProvAssociation `json:"qualifiedAssociation,omitempty"`
}

type ProvAgent 

type ProvAgent struct {
	ID              string `json:"id"`
	Type            string `json:"type"`
	ActedOnBehalfOf string `json:"actedOnBehalfOf,omitempty"`
}

type ProvAssociation 

type ProvAssociation struct {
	Type    string    `json:"type"`
	Agent   any       `json:"agent"`
	HadRole *ProvRole `json:"hadRole,omitempty"`
}

type ProvBundle 

type ProvBundle struct {
	Context                any                  `json:"@context,omitempty"`
	ID                     string               `json:"id,omitempty"`
	Type                   string               `json:"type"`
	GeneratedAtTime        *time.Time           `json:"generatedAtTime,omitempty"`
	WasAttributedTo        string               `json:"wasAttributedTo,omitempty"`
	HadPrimarySource       string               `json:"hadPrimarySource,omitempty"`
	QualifiedPrimarySource []*ProvPrimarySource `json:"qualifiedPrimarySource,omitempty"`
	Graph                  any                  `json:"graph,omitempty"`

	Proof *Proof `json:"proof,omitempty"`
}

type ProvEntity 

type ProvEntity struct {
	Context         any           `json:"@context,omitempty"`
	ID              string        `json:"id,omitempty"`
	Type            string        `json:"type"`
	WasAttributedTo string        `json:"wasAttributedTo,omitempty"`
	GeneratedAtTime *time.Time    `json:"generatedAtTime,omitempty"`
	WasGeneratedBy  *ProvActivity `json:"wasGeneratedBy,omitempty"`
	WasQuotedFrom   any           `json:"wasQuotedFrom,omitempty"`
	WasAccessibleTo any           `json:"wasAccessibleTo,omitempty"`
	ContentType     string        `json:"contentType,omitempty"`
	MentionOf       string        `json:"mentionOf,omitempty"`
	AsInBundle      string        `json:"asInBundle,omitempty"`

	Proof *Proof `json:"proof,omitempty"`
}

func (*ProvEntity) Bytes 

func (pe *ProvEntity) Bytes() []byte

func (*ProvEntity) Copy 

func (pe *ProvEntity) Copy() *ProvEntity

func (*ProvEntity) MerkleSign 

func (pe *ProvEntity) MerkleSign(identity string, key ed25519.PrivateKey) error

func (*ProvEntity) MerkleVerify 

func (pe *ProvEntity) MerkleVerify(key ed25519.PublicKey) (bool, error)

type ProvPrimarySource 

type ProvPrimarySource struct {
	Type      string `json:"type"`
	Entity    any    `json:"entity"`
	Algorithm string `json:"algorithm"`
}

type ProvRole 

type ProvRole struct {
	Type  string `json:"type"`
	Label string `json:"label"`
}

type ProvUsage 

type ProvUsage struct {
	Type    string    `json:"type"`
	Entity  any       `json:"entity"`
	HadRole *ProvRole `json:"hadRole,omitempty"`
}

type QuotedFromEntity 

type QuotedFromEntity struct {
	ID            string `json:"id"`
	Type          string `json:"type"`
	WasQuotedFrom string `json:"wasQuotedFrom"`
}

type Record 

type Record struct {
	// ID of the record. Currently, it's a hash of the record generated
	// by the Seal function (see below).
	ID string `json:"id"`
	// RoutingKey is a public key from the locker HD structure. It can be
	// used to filter specific messages from the ledger.
	RoutingKey string `json:"routingKey"`
	// KeyIndex is the index of the HD key used to produce the routing key.
	KeyIndex uint32 `json:"keyIndex"`
	// Operation is the type of the operation. May be removed from
	// the record in the future.
	Operation OpType `json:"operationType"`
	// OperationAddress is the address of the Operation (can be an asset ID, IPFS address, etc.)
	OperationAddress string `json:"address,omitempty"`
	// Flags contain a set of flags that modify the record's behaviour.
	// See RecordFlagXXX constants for examples.
	Flags uint32 `json:"flags,omitempty"`
	// AuthorisingCommitment is binary data which allows the originator
	// of the transaction to prove their role, without disclosing any
	// other information about this transaction
	AuthorisingCommitment string `json:"ac,omitempty"`
	// AuthorisingCommitmentType. for future use: there may be different
	// types of commitment structures.
	AuthorisingCommitmentType byte `json:"acType,omitempty"`
	// RequestingCommitment is binary data which allows the recipient of
	// the transaction to prove their right to access data without disclosing
	// any other information about this transaction
	RequestingCommitment string `json:"rc,omitempty"`
	// RequestingCommitmentType. for future use: there may be different types
	// of commitment structures.
	RequestingCommitmentType byte `json:"rcType,omitempty"`
	// ImpressionCommitment is binary data which allows a party to prove
	// that this record contains a specific impression, by combining
	// the impression ID with another artifact, a trapdoor.
	ImpressionCommitment string `json:"ic,omitempty"`
	// ImpressionCommitmentType. for future use: there may be different
	// types of commitment structures.
	ImpressionCommitmentType byte `json:"icType,omitempty"`

	// DataAssets is a list of data assets (blobs) attached to the record
	DataAssets []string `json:"dataAssets,omitempty"`

	SubjectRecord   string   `json:"subjectRecord,omitempty"`
	RevocationProof []string `json:"revocationProof,omitempty"`

	// HeadID is unique ID of the asset head.
	HeadID string `json:"headID,omitempty"`
	// HeadBody contains base64-encoded, encrypted head body (see PackHeadBody() ).
	HeadBody string `json:"headBody,omitempty"`

	// Signature contains a digital signature of the record, signed by
	// the record's private HD key
	Signature string `json:"signature"`

	Status RecordStatus `json:"status,omitempty"`
}

Record represents one data transaction (lease, revocation, etc). It contains no details which would allow a third party observer to identify the participants or the nature of this transaction.

func (*Record) Bytes 

func (r *Record) Bytes() []byte

func (*Record) Copy 

func (r *Record) Copy() *Record

func (*Record) Seal 

func (r *Record) Seal(pk *btcec.PrivateKey) error

func (*Record) ToSlice 

func (r *Record) ToSlice() []string

func (*Record) Validate 

func (r *Record) Validate() error

func (*Record) Verify 

func (r *Record) Verify(publicKey *btcec.PublicKey) (bool, error)

type RecordState 

type RecordState struct {
	Status      RecordStatus `json:"status"`
	BlockNumber int64        `json:"number"`
}

func (*RecordState) Bytes 

func (r *RecordState) Bytes() []byte

type RecordStatus 

type RecordStatus string
const (
	StatusUnknown   RecordStatus = "unknown"
	StatusPending   RecordStatus = "pending"
	StatusPublished RecordStatus = "published"
	StatusRevoked   RecordStatus = "revoked"
	StatusFailed    RecordStatus = "failed"
)

type SemanticAsset 

type SemanticAsset struct {
	Context any    `json:"@context,omitempty"`
	ID      string `json:"id"`
	Type    any    `json:"type"`
	Nonce   string `json:"nonce,omitempty"`

	Serial     bool `json:"isSerial,omitempty"`
	IsIdentity bool `json:"isIdentity,omitempty"`

	IsDigital            bool   `json:"isDigital,omitempty"`
	Fingerprint          string `json:"fingerprint,omitempty"`
	FingerprintAlgorithm string `json:"fingerprintAlgorithm,omitempty"`

	WasGeneratedBy map[string]any `json:"wasGeneratedBy,omitempty"`

	Proof *Proof `json:"proof,omitempty"`
}

func GenerateNewSemanticAsset 

func GenerateNewSemanticAsset(serial, isIdentity bool, didMethod, nonce string) (*SemanticAsset, error)

func GenerateNewSemanticDigitalAsset 

func GenerateNewSemanticDigitalAsset(data []byte, fingerprintAlgorithm, didMethod string) (*SemanticAsset, error)

GenerateNewSemanticDigitalAsset creates a new instance for Digital Asset

func GenerateNewSemanticDigitalAssetFromFile 

func GenerateNewSemanticDigitalAssetFromFile(filename, fingerprintAlgorithm, didMethod string) (*SemanticAsset, error)

GenerateNewSemanticDigitalAssetFromFile creates a new instance for Digital Asset

func GenerateNewSemanticDigitalAssetFromReader 

func GenerateNewSemanticDigitalAssetFromReader(r io.Reader, fingerprintAlgorithm, didMethod string) (*SemanticAsset, error)

GenerateNewSemanticDigitalAssetFromReader creates a new instance for Digital Asset from io.Reader

func GenerateNewSemanticDigitalAssetWithHash 

func GenerateNewSemanticDigitalAssetWithHash(fp []byte, fingerprintAlgorithm, didMethod string) (*SemanticAsset, error)

GenerateNewSemanticDigitalAssetWithHash creates a new instance for Digital Asset from pre-calculated hash.

func GenerateValueAsset 

func GenerateValueAsset(functionID string, entityArgs, valueArgs map[string]any, didMethod string) (*SemanticAsset, error)

func (*SemanticAsset) MerkleSetID 

func (sa *SemanticAsset) MerkleSetID(didMethod string) error

func (*SemanticAsset) MerkleVerify 

func (sa *SemanticAsset) MerkleVerify() (bool, error)

type Service 

type Service struct {
	ServiceName string `json:"serviceName,omitempty"`
}

type SignableDocument 

type SignableDocument struct {
	// contains filtered or unexported fields
}

func NewSignableDocument 

func NewSignableDocument(b []byte) (*SignableDocument, error)

func (*SignableDocument) Context 

func (dp *SignableDocument) Context() any

func (*SignableDocument) Copy 

func (dp *SignableDocument) Copy() (*SignableDocument, error)

Copy return a deep copy of the document

func (*SignableDocument) Hash 

func (dp *SignableDocument) Hash() ([]byte, error)

func (*SignableDocument) ID 

func (dp *SignableDocument) ID() string

func (*SignableDocument) MerkleSetID 

func (dp *SignableDocument) MerkleSetID(idPrefix string) (string, error)

MerkleSetID assigns Merkle ID to the root JSON-LD element

func (*SignableDocument) MerkleSign 

func (dp *SignableDocument) MerkleSign(idPrefix string, identity string, key ed25519.PrivateKey) (string, *Proof, error)

MerkleSign signs the document and assigns Merkle ID to the root JSON-LD element

func (*SignableDocument) MerkleVerify 

func (dp *SignableDocument) MerkleVerify(idPrefix string, publicKey ed25519.PublicKey) (bool, error)

MerkleVerify verifies document signature and returns false if verification fails.

func (*SignableDocument) SetContext 

func (dp *SignableDocument) SetContext(ctx any)

func (*SignableDocument) Sign 

func (dp *SignableDocument) Sign(identity string, key ed25519.PrivateKey) (*Proof, error)

Sign signs the document as per JSON-LD signatures specification.

func (*SignableDocument) Verify 

func (dp *SignableDocument) Verify(publicKey ed25519.PublicKey) (bool, error)

Verify verifies document signature as per JSON-LD signatures specification and returns false if verification fails.

type Signer 

type Signer interface {
	Sign(message []byte) []byte
}

type StoredResource 

type StoredResource struct {
	// ID is the resource ID.
	ID string `json:"id,omitempty"`
	// Type is always equal to TypeResource.
	Type string `json:"type"`
	// Asset is the data asset's content-addressable ID.
	Asset string `json:"asset,omitempty"`
	// Vault is the ID of the vault where the data asset is stored.
	Vault string `json:"vault"`
	// Method is the vault's method of storage. This field defines the meaning of Params field.
	Method string `json:"method"`
	// Params is key/value pairs that are specific to the selected Method. These parameters should be
	// sufficient to locate the resource blob in the vault.
	Params map[string]any `json:"params,omitempty"`
	// EncryptionKey is a Base64-encoded client side encryption key (if the asset was encrypted on the client side).
	EncryptionKey string `json:"encryptionKey,omitempty"`
	// MIMEType is the data asset's MIME type (if known).
	MIMEType string `json:"mimeType,omitempty"`
	// Size is the resource's size in bytes.
	Size int64 `json:"size,omitempty"`
}

StoredResource contains details about location and the way to access a specific data asset.

func (*StoredResource) GetEncryptionKey 

func (sc *StoredResource) GetEncryptionKey() *AESKey

func (*StoredResource) StorageID 

func (sc *StoredResource) StorageID() string

type VaultProperties 

type VaultProperties struct {
	// ID is the vault's ID.
	ID string
	// Name is the vault's name. Vault names should be unique within each instance of MetaLocker.
	Name string
	// Type is the vault's type. It defines the underlying technology.
	Type string
	// SSE is true if the vault provides Server Side Encryption. If it does, data sent to the vault
	// should not be encrypted on the client side.
	SSE bool
	// CAS is true if the vault generates content addressable IDs
	CAS bool
}

VaultProperties defines basic properties of a MetaLocker vault.

type Verifier 

type Verifier interface {
	Verify(message, signature []byte) bool
}

Source Files

View all Source files

Directories

Path Synopsis
raters
prv21

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.