- CLI | Command Line Interface - Try out the functions of the Storage Kit locally.
- REST Api - Use the functions of the Storage Kit via an REST api.
- Maven/Gradle Dependency - Use the functions of the Storage Kit directly in a Kotlin/Java project.
Checkout the Official Documentation, to dive deeper into the architecture and configuration options available.
Written in Kotlin and based on the DIF specification the Storage Kit is a secure data confidential storage solution, allowing you to interface with Encrypted Data Vaults easily.
The system is scoped into:
- Storage Kit Server (Provider): Hosting EDVs
- Storage Kit Client (Client): Interfacing with remote EDVs
- Service wrapper (Service): Easily access data of your clients directly in their EDVs
soon: Alternatively the library or the additional Docker container can be run as RESTful webservice.
The Confidential Storage functions are in the scope of:
(special features are highlighted)
- 1.1 Server request validation
- 1.2 Encrypted data persistence
- 1.3 Global configuration (capability discovery)
- 1.4 Enforcement of authorization policies with ZCap-LD
- 1.5 Encrypted data chunking
- 1.5 Resource structures
- 1.6 Encrypted Resource structures
- Encrypted search
- Versioning and replication
- sharing with other entities
- Notifications
- Vault-wide integrity protection
(cmp. Confidential Storage specifications from the Identity Foundation)
val clientService = ClientService().run {
// Setup client
createMasterKey(tmasterkey)
unlockWithMasterKey(tmasterkey)
setupSessionService()
// Create session
val newSess = sessionService.createSession("sess01")
sessionService.selectSession(newSess.sessionId)
// Setup
setup()
// Create EDV
edvService.createEdv("http://localhost:7000")
// Create document
documentService.create("doc1", "this is a document".toByteArray())
// Load document
val loadedDocument = documentService.load("doc1").toString()
println(loadedDocument)
// Enable notification handler
edvService.notificationsConnect(edvId) { event ->
println("Received notification from EDV $edvId: Document ${event.documentId} was ${event.operation.name} by ${event.invoker}.")
}
// Update document
documentService.update("doc1", "new content".toByteArray())
// Encrypted search
val results = documentService.search("content")
results.forEach { println(it) }
// Delete document
documentService.delete("doc1")
// Export session
val exportJWE = sessionService.export(sessionService.sessionId)
}val req = reader.readLine("Enter data request: ")
// Verify request
println("Verifying request...")
val verified = clientService.dataRequestService.verifyDataRequest(req)
if (!verified) {
out("SIGNATURE VERIFICATION FAILED!")
return
}
out("Signature successfully verified.")
// Decode request
val dataRequest = clientService.dataRequestService.decodeDataRequest(req)
out("[${dataRequest.context}]:")
out("DID ${dataRequest.did} requests a ${dataRequest.preferredDataType}.")
out()
out("Do you want to accept at ${dataRequest.responseUrl}?")
val input = reader.readLine("Accept request (y/n)$boldColon ")
if (input != "y") {
out("Data request disposed.")
return
}
// Accept request
val docId = dataRequest.preferredDataType
val childDid = dataRequest.did
val caveats = listOf(ValidOperationsCaveat(listOf("RetrieveDocument")), ValidOperationTargetsCaveat(listOf(docId)))
val delegation = clientService.dataRequestService.createDataDelegation(edvId, childDid, caveats)
out("Delegated permissions for EDV $edvId from owner ${getSession().did} to child $childDid!")
clientService.dataRequestService.acceptDataRequest(dataRequest, edvId, delegation)
out("Data request accepted!")- Connect and get the latest updates: Discord | Newsletter | YouTube | Twitter
- Get help, request features and report bugs: GitHub Discussions
Licensed under the Apache License, Version 2.0