In [3]:
from stash import *
#set_stash_log_level('debug')


# Introduction
Mio is a library designed to store and share protected information. It allows information to be stored in public and cloud locations (e.g., S3) while ensuring that only intended peers have access, and not the storage service providers.

### Identity
Each peer in the information sharing is identified by a cryptographic key, which allows for identification via signature and asymmetric encryption of data. An identity also includes a nickname, a human-readable name for easier management.

An identity consists of a public ID, which is a combination of the nickname and the public part of the cryptographic key.

In [4]:
i = Identity('Admin')  # New identity with name

print('ID: ', i.id)
print('Nick: ', i.nick)
print('Private key', i.private)

ID:  Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!
Nick:  Admin
Private key JcJyc1tALqIplm+F4x5lC6P3OCyihfagbViAtmu1ZN0s4rO3bQYXzhvIbT+KeaKZ05QZWpkrVLwosRysIO3rtwu4jO2ipZmfF7B9QWt63ikEPu0XoSuSs5hHCQlt1sDx


### Local DB
The library requires a local SQLite database to manage metadata and encryption keys. By default, this database is named _stash.db_ and is created in the user's configuration folder.

In [5]:
DB.default()

/home/ea/.config/stash.db

### Safe
The information container is called a safe. The safe integrates a local database, the identity, and a storage URL to create a protected information storage system.

As of this writing, the library supports the following storage media: local filesystem, SFTP, S3, and WebDav. The table below shows the URL format for each storage type. The URL path includes the public ID of the safe's creator and a user-friendly name for the safe.

|Media|Format|Sample|
|-|-|-|
|local|file://_path_/_id_/_name_|file:///tmp/stash/Admin.A3Z1CR0wYMK_gXsRLkpowC3dVFC5rUNEeakiWPyb3D5l5VD1SXEFTxzQKEIvzNvKGEZGYp4yETo77SN+ViGP_00!/sample|
|S3|s3://_server_/_bucket_/_id_/_name_?a=_access_&s=_secret_|s3://d551285d92ed8fa4048fc09ca9113568.r2.cloudflarestorage.com/stash/Admin.A3Z1CR0wYMK_gXsRLkpowC3dVFC5rUNEeakiWPyb3D5l5VD1SXEFTxzQKEIvzNvKGEZGYp4yETo77SN+ViGP_00!/sample?a=acc5aba2f85d63536bbb45f085bb2b23&s=bcc49533aaaa46d929282b542ce598a12f7a4522dac8d5e9d403b39629484c2b&region=auto|


A new safe is created using the _create_ method.

In [6]:
url = 'file:///tmp/stash/{}/sample'.format(i)
s = Safe.create(DB.default(), i, url)
s

file:///tmp/stash/Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!/sample

At creation, only the creator belongs to the safe in both the _adm_ and _usr_ groups. Similar to Unix operating systems, a safe has multiple groups that define the permissions for different users (identities). The _get_groups_ method displays the available groups and their associated users.

In [7]:
s.get_groups()

{'adm': {'Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!': True},
 'usr': {'Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!': True}}

A user can be added to the safe using the _update_group_ method

In [8]:
alice = Identity('Alice')
s.update_group('usr', Safe.grant, [alice.id])

{'adm': {'Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!': True},
 'usr': {'Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!': True,
  'Alice.A9WJFOjv5i_vi5BjpnNTsy0ZqPBFTgkwgx5tpkklUc_Cfo1nDwBrVWp4FeTPvELhr0G+mTWOOOxzs0FTPTBdOgE!': True}}

### Filesystem
A filesystem provides a file-oriented interface on top of a safe. Use the _put_data_ method to write a new file and the _list_ method to display the updated directory contents.

In [9]:
fs = s.fs()
fs.put_data('sub/test.txt', b'test')
fs.list()

[{'ID': 0,
  'Dir': '',
  'Name': 'sub',
  'IsDir': True,
  'GroupName': '',
  'Creator': '',
  'Size': 0,
  'ModTime': '1970-01-01T01:00:00+01:00',
  'Tags': [''],
  'Attributes': None,
  'LocalCopy': '',
  'CopyTime': '1970-01-01T01:00:00+01:00',
  'EncryptionKey': ''}]

In [10]:
fs.list('sub')

[{'ID': 196161307740151808,
  'Dir': 'sub',
  'Name': 'test.txt',
  'IsDir': False,
  'GroupName': 'usr',
  'Creator': 'Admin.AzVG4JpFxUiIr1nT+nGqYHXVHkuD5nMG2KRYMWX6lC93C7iM7aKlmZ8XsH1Ba3reKQQ+7RehK5KzmEcJCW3WwPE!',
  'Size': 4,
  'ModTime': '2024-06-25T09:15:00.264287664+02:00',
  'Tags': [''],
  'Attributes': None,
  'LocalCopy': '',
  'CopyTime': '2024-06-25T09:15:00.264547305+02:00',
  'EncryptionKey': 'fe5fYoy2t0cHjRw7e8Wv426iOTCrwZluIDnMW7aJkEWYESiSW++xWGyT8XyjwRXx'}]

In [11]:
fs.get_data('sub/test.txt')

b'test'

In [12]:
fs.delete('sub/test.txt')
fs.list()

[]

### Distributed Database
A SQL sqlite API where changes are propagated to other peer through the safe.

A new instance requires a group that will be used during the transfer of data through the safe. Only users that belong to the group will receive updates. 
During the creation of the instance same initialization  _ddl_  can be provided in input; each initialization SQL mut be preceed by a comment _-- INIT_


In [13]:
ddl = """
-- INIT
CREATE TABLE IF NOT EXISTS animal (name TEXT)
"""

ddls = {1.0: ddl}
d = s.database('usr', ddls)

The below code insert a row in the table and then retrieve all the values

In [14]:
d.exec('INSERT INTO animal VALUES (:name)', name = 'cat')
rows = d.query("SELECT * FROM animal ")
for row in rows:
    print(row)

['cat']
['cat']


The methods _exec_ and _select_ operate locally. Only when the method _sync_ is called, changes propagates to other peers and at the same outgoing changes are applied.

In [15]:
d.sync()

The API includes a mechanism for defining placeholders within initialization SQL, which enhances both readability and performance. To create a placeholder, add a comment prefix (--) followed by the placeholder name, and then write the SQL query you want to assign to that placeholder. This placeholder can then be used in place of the actual query in exec and query operations. Using placeholders not only makes your SQL more readable but also allows the API to cache the statement, improving execution efficiency.

In [16]:
ddl = """
-- INIT
CREATE TABLE IF NOT EXISTS animal (name TEXT)

-- INSERT_ANIMAL
INSERT INTO animal VALUES (:name)

-- SELECT_ANIMALS
SELECT * FROM animal
"""

ddls = {1.0: ddl}
d = s.database('usr', ddls)

d.exec('INSERT_ANIMAL', name = 'cat')
rows = d.query('SELECT_ANIMALS')
for row in rows:
    print(row)


['cat']
['cat']
['cat']


In [17]:
d.exec('DELETE FROM animal')

3

In [19]:
d.sync()