You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -12,35 +12,44 @@ When you upload data to Swarm using ACT, only the original uploader and users wi
12
12
ACT is ideal for use cases such as the serialized release of content like a podcast or newsletter where the publisher wishes to limit access to subscribers only.
13
13
14
14
:::warning
15
-
Once a file is uploaded with ACT, any node that is is on the ACT grantees list referenced during the upload ***will have permanent access to that file*** as long as they have the file reference and history reference returned from the upload.
15
+
Once a file is uploaded with ACT, any node whose public key is on the ACT grantees list referenced during the upload ***will have permanent access to that file*** as long as the file reference and history reference returned from the upload has been shared with them.
16
16
17
17
Updating the grantees list to remove a public key ***will not revoke access*** to the content retroactively.
18
18
19
-
Likewise, re-uploading the content the content using the new grantees list will also ***not retroactively revoke access*** to the content.
19
+
Likewise, re-uploading the content using the new grantees list will also ***not retroactively revoke access*** to the content.
20
20
:::
21
21
22
22
## Create Grantees List
23
23
24
-
First we create a grantees list with the public keys of anyone we want to grant access to:
24
+
First we create a grantees list with the public keys of anyone we want to grant access to.
25
+
26
+
### Example Script
27
+
28
+
The example script below performs the following key operations:
29
+
30
+
1. Initializes a Bee client.
31
+
2. Defines a list of grantee public keys.
32
+
3. Specifies a valid postage batch ID.
33
+
4. Calls `bee.createGrantees()` to create a new grantee list.
History Reference: 18d6f58a1d3c8253a5fc47023d49e9011236ead43724e595e898e1b422b77b19
65
74
```
66
75
67
-
The first reference `Reference` is used on its own for reviewing the list contents and updating the list. It is encrypted so only the list creator can view the list contents.
76
+
The first 64 byte (128 hex digit) reference `Grantee List Reference`(`ref`) is used on its own for reviewing the list contents and updating the list.
68
77
69
-
The seconde reference `History Reference` is used along with the first `Reference` for creating a new grantee list based on the list referred to by the `Reference`.
78
+
The second reference 32 byte (64 hex digit) `History Reference`(`historyref`) is used for uploading with ACT and is also used along with the first `ref` for creating a new updated grantee list based on the original list referred to by the `ref`.
70
79
71
-
## Update Grantees
72
-
73
-
In order to update grantees we pass an object in this format to the `bee.patchGrantees` method containing the public keys we wish to add or remove from the list along with the `History Reference` and the grantee list `Reference` and a valid postage stamp:
80
+
## Update Grantees List
74
81
75
82
:::info
76
-
Although we refer to the process as "updating", since data on Swarm is immutable, the original grantees list is never modified. Rather, a new version of the list is created based on the original one with the specified public keys removed or added.
83
+
Although we refer to this operation as an "update", due to Swarm's immutable nature, the original list is not modified by this operation. Rather a new list is created with the specified grantee keys added or removed from the original list. This operation ***DOES NOT*** retroactively add or remove access to content uploaded with the original ACT list.
77
84
:::
78
85
86
+
To update a grantees list, call the `bee.patchGrantees()` method with the following arguments:
87
+
88
+
* A valid postage batch ID
89
+
* The original list’s `ref` and `historyref`
90
+
* An object specifying public keys to `add` or `revoke`
Calling this method will create an entirely new grantees list based on our first list and will return the `Reference` and `History Reference`for the new list.
99
+
Calling this method returns the new list’s updated `ref`and `historyref`, which you should use for future updates or access.
87
100
88
-
Full example script:
101
+
### Example Script
102
+
103
+
The example script below performs the following key steps:
104
+
105
+
1. Initializes the Bee client and defines two public keys to add as grantees.
106
+
2. Provides the existing grantee list’s `ref` and `historyref`, and a valid postage batch ID.
107
+
3. Calls `bee.patchGrantees()` to add the new keys to the list.
108
+
4. Logs the updated grantee list’s `ref` and `historyref`.
Updated History Reference: d904f0790acb7edfda6a078176d64ec026b40298bfdbceb82956533e31489fcd
140
160
```
141
161
142
162
## Get Grantees List
143
163
144
-
In order to view the members of our grantees list we need to use the `Reference` returned when we create or update a list. We will view both our original list and the updated list based on the original list using the respective `Reference` from each list:
164
+
In order to view the members of our grantees list we need to use the 64 byte `ref` returned when we create or update a list. We will view both our original list and the updated list based on the original list using the respective `ref` from each list:
145
165
146
166
:::info
147
-
The grantee list is encrypted, and only the owner can view the grantee list, make sure to use the owner node when using the `getGrantees` method.
167
+
The grantee list is encrypted, and only the owner can view the grantee list, make sure to use the owner node when using the `bee.getGrantees()` method.
148
168
:::
149
169
170
+
### Example Script
171
+
172
+
The example script below performs the following operations:
173
+
174
+
1. Initializes a Bee client.
175
+
2. Defines two existing grantee list 64 byte `ref` copied from the results of our previous example scripts.
176
+
3. Calls `bee.getGrantees()` for each `ref` to retrieve the corresponding grantee list.
177
+
4. Logs the status, status text, and list of grantee public keys in compressed hex format.
@@ -207,23 +236,33 @@ The first list of grantees contains the first public key we gave access to when
207
236
208
237
We can upload our content with either of the two lists we created depending on which set of users we wish to give access too. In the example below, we use both lists.
209
238
239
+
### Example Script
240
+
241
+
The example script below performs the following operations:
242
+
243
+
1. Initializes a Bee client.
244
+
2. Defines a postage batch ID and two ACT grantee list 32 byte `historyref` hashes returned from the operations in the previous examples.
245
+
3. Defines a string to upload as a sample file.
246
+
4. Calls `bee.uploadFile()` twice with ACT enabled, specifying a `historyRef` each time to enforce access control.
247
+
5. Logs the resulting Swarm reference and history reference after each upload.
The reference hash is the same for each upload since the content is the same. The reference hash along with a `History Reference` and the uploader's public key are required in order to access the content uploaded with ACT.
302
+
The reference hash is the same for each upload since the content is the same. The reference hash along with a `historyref` and the uploader's public key are required in order to access the content uploaded with ACT.
264
303
265
-
You can choose which `History Reference` to share depending on which set of public keys you wish to authorize to download the content.
304
+
You can choose which `historyref` to share depending on which set of public keys you wish to authorize to download the content.
266
305
267
306
## Download With ACT
268
307
269
-
270
308
In order to download using ACT, we must pass in the public key from the grantee list creator along with the file reference and history reference returned from the file upload operation:
271
309
310
+
### Example Script
311
+
312
+
The example script below performs the following operations:
313
+
314
+
1. Initializes a Bee client.
315
+
2. Defines a publisher public key and associated file reference + history references for ACT-protected content using the references returned from the upload operation.
316
+
3. Calls `bee.downloadFile()` with ACT options (`actPublisher` and `actHistoryAddress`) to access protected data.
@@ -299,7 +346,6 @@ async function downloadWithACT(fileRef, historyRef, publisherPubKey) {
299
346
}
300
347
}
301
348
302
-
// Download using two sets of file + history references
303
349
downloadWithACT(
304
350
fileRef_01,
305
351
historyRef_01,
@@ -310,7 +356,9 @@ downloadWithACT(
310
356
Example terminal output:
311
357
312
358
```bash
313
-
Content: This is a sample string that will be uploaded securely using ACT. 01.
359
+
Content: This is a sample string that will be uploaded securely using ACT.
314
360
```
315
361
316
-
In the example above, we used the history reference from the file uploaded using the grantees list with only one public key included (`027d0c4759f689ea3dd3eb79222870671c492cb99f3fade275bcbf0ea39cd0ef6e`), and so it will only be able to be retrieved and decrypted by the node with that public key.
362
+
In the example above, we used the history reference from the file uploaded using the grantees list with only one public key included (`027d0c4759f689ea3dd3eb79222870671c492cb99f3fade275bcbf0ea39cd0ef6e`), and so it will only be able to be retrieved and decrypted by the node with that public key.
363
+
364
+
If any other node attempts to download this content then a 404 error will be returned.
0 commit comments