Dumb DOM API questions

David mentioned a little while ago that it would be possible to update a MD and optionally have the network keep a copy of the previous MD as a “receipt” which is in essence a previous version.

1 Like

Yes, you are right, I remember that, at the moment is not like that though.


Hi @bochaco, What I meant is, is it possible to create a mutable data that everyone on the testnet can access and add data to but the previous data can not be taken away deleted or removed (a bit like using .push to add an item to an array)?

Yes, you need to set the permissions to allow insert to ANYONE, and keep the permissions of update and delete to be allowed only to the MD owner’s account/app.

1 Like

How do you set a permisson to allow ANYONE and reserve one for the person who made the mutable data originally?
Do you use setuserpermissions for anyone and insertpermissionset for just yourself, or is it the other way around?

The email app does that for the inbox:

So anyone can append new emails to the inbox but only the owner can remove/update them, so it sets all permissions for the email app’s instance sign key using the quickSetup function on the MD, and it then sets the permissions for ANYONE (using null as the signKey, we will be exposing constants for these things) for insert.


Is it also possible to use such a Mutable data to count the number of unique accounts that have inserted something?
I guess not because then there must be some sort of ‘id’-field with each insertion with a value, unique to the ‘insert’-account, that can’t be set by the ‘insert’-account.

1 Like

That’s not possible at the moment @draw, although I did think about the possibility of such a thing too, e.g. if I am being spammed, or if undesirable emails from an account that I want to block/blacklist. These cases are not exactly the same as in current internet where you can do it for free, while in the SAFE net the spammer will need to pay for it, but still you may want to just block some annoying account which is not necessarily spamming but unwanted.

1 Like

I was more thinking if this could be a way to know the number of visitors (=unique accounts) of the ‘site’.
Or the possibility to make a poll where your are sure one account has only voted once, because enforced by the network.

I think those cases should be in application layer/protocol, e.g. the app stores the vote in the MD entry along with its signature, and you can ignore a vote if it’s not signed.

It could be that I don’t understand it, but is the app not running locally, hence hackable?
EDIT: or do you mean with signature a uniqe signature of the account (or combination account-app), that is/can be ‘checked’ as such?

1 Like

I’d say that the signature is using the user’s private key to sign. So if the signature cannot be decrypted with the users ID then its fake/spam

If I understand you correctly, the decrypt part is with the ‘public key’ of the user id account of a certain mutable data ‘entry’. And this is a check done by another account or the network.
Is there a guarantee that this ‘public key’ is indeed linked to a ‘authenticator’ user account?
E.g. this user account cant use more than 1 key (pair) in that mutable data ‘list’.

I get that it is possible to make your own account-list: that one has to register at your app.
But is it possible to reuse the already existing ‘account’-list of the Safe users, e.g. so that no Safe ‘user account’ can vote more than once?
Maybe this is not possible or/and not wanted, because not anonymous enough.

That signing only proves that the entry claiming to be made by an ID (public key) was in fact made by that ID

1 Like

I don’t know how to properly use the free instance methods. Here is some sample code from the safedemo website.

function showfiles() {
  window.safeApp.getContainer(auth, Container)
    .then((mdHandle) => {
      // console.log(mdHandle);
      fileshow.innerHTML = "";

      //can be used for identifing the Container but is mot needed here
      // window.safeMutableData.getNameAndTag(mdHandle)
      //   .then((data) =>
      // console.log(data));

        .then((entriesHandle) => {
            (key, value) => {
              // console.log('Entry Handle: ', entriesHandle);
              console.log('File found: ', uintToString(key));
              // console.log('Value: ', uintToString(value.buf));
              // console.log(key, value);

              $("#fileshow").append("<div class='icons'><i class='material-icons md-48'>description</i><p class='filedirnames'>" + uintToString(key) + "</p></div>");

          // window.safeMutableDataEntries.free(entriesHandle);
          // window.safeMutableData.free(mdHandle);
    }, (err) => {
      // Materialize.toast(err, 3000, 'rounded');

Where would be the approriate place be to put window.safeMutableDataEntries.free and window.safeMutableData.free.

1 Like

What are the differences of piece of mutable data created with newpublic and a container?
Can I create a container?
What does serialise and fromserial do?


Can I add to this list:

  • is a container just a mutable data like any other, with the same features and limitations (eg 100 item limit), or if not what are the differences?

My understanding is that the app can only create one container for itself (ownContainer), but not totally sure.

1 Like

Why is mutable data limited to 100 entries and 1 mb per entry?

It isn’t 1MB per entry, but 1MB per MutableData (and 100 entries per MutableData). Those are implementation decisions - ie what the SAFE network supports. My understanding is that if you want more/bigger you will need to string multiple MD together yourself once a limit is reached.

I think that is the case with containers too, because each is just an MD, but my question is just to check that this is the case and that the API does not have code to string multiple MDs together per container.

In the case of the root container, each entry is an MD which is also a container. See the RFC referenced above.