Dumb DOM API questions

bochaco · August 3, 2017, 6:06am

That’s not possible at the moment @draw, although I did think about the possibility of such a thing too, e.g. if I am being spammed, or if undesirable emails from an account that I want to block/blacklist. These cases are not exactly the same as in current internet where you can do it for free, while in the SAFE net the spammer will need to pay for it, but still you may want to just block some annoying account which is not necessarily spamming but unwanted.

draw · August 3, 2017, 8:17am

I was more thinking if this could be a way to know the number of visitors (=unique accounts) of the ‘site’.
Or the possibility to make a poll where your are sure one account has only voted once, because enforced by the network.

bochaco · August 3, 2017, 8:30am

I think those cases should be in application layer/protocol, e.g. the app stores the vote in the MD entry along with its signature, and you can ignore a vote if it’s not signed.

draw · August 3, 2017, 8:51am

It could be that I don’t understand it, but is the app not running locally, hence hackable?
EDIT: or do you mean with signature a uniqe signature of the account (or combination account-app), that is/can be ‘checked’ as such?

rob · August 3, 2017, 9:40am

I’d say that the signature is using the user’s private key to sign. So if the signature cannot be decrypted with the users ID then its fake/spam

draw · August 3, 2017, 9:55am

If I understand you correctly, the decrypt part is with the ‘public key’ of the user id account of a certain mutable data ‘entry’. And this is a check done by another account or the network.
Is there a guarantee that this ‘public key’ is indeed linked to a ‘authenticator’ user account?
E.g. this user account cant use more than 1 key (pair) in that mutable data ‘list’.

I get that it is possible to make your own account-list: that one has to register at your app.
But is it possible to reuse the already existing ‘account’-list of the Safe users, e.g. so that no Safe ‘user account’ can vote more than once?
Maybe this is not possible or/and not wanted, because not anonymous enough.

rob · August 3, 2017, 10:55am

That signing only proves that the entry claiming to be made by an ID (public key) was in fact made by that ID

Joseph_Meagher · August 10, 2017, 2:23pm

I don’t know how to properly use the free instance methods. Here is some sample code from the safedemo website.

function showfiles() {
  window.safeApp.getContainer(auth, Container)
    .then((mdHandle) => {
      // console.log(mdHandle);
      fileshow.innerHTML = "";

      //can be used for identifing the Container but is mot needed here
      // window.safeMutableData.getNameAndTag(mdHandle)
      //   .then((data) =>
      // console.log(data));

      window.safeMutableData.getEntries(mdHandle)
        .then((entriesHandle) => {
          window.safeMutableDataEntries.forEach(entriesHandle,
            (key, value) => {
              // console.log('Entry Handle: ', entriesHandle);
              console.log('File found: ', uintToString(key));
              // console.log('Value: ', uintToString(value.buf));
              // console.log(key, value);

              $("#fileshow").append("<div class='icons'><i class='material-icons md-48'>description</i><p class='filedirnames'>" + uintToString(key) + "</p></div>");
            });

          // window.safeMutableDataEntries.free(entriesHandle);
          // window.safeMutableData.free(mdHandle);
        });
    }, (err) => {
      console.error(err);
      // Materialize.toast(err, 3000, 'rounded');
    });
}

Where would be the approriate place be to put window.safeMutableDataEntries.free and window.safeMutableData.free.

Joseph_Meagher · August 11, 2017, 10:28pm

What are the differences of piece of mutable data created with newpublic and a container?
Can I create a container?
What does serialise and fromserial do?

happybeing · August 12, 2017, 12:27pm

Can I add to this list:

is a container just a mutable data like any other, with the same features and limitations (eg 100 item limit), or if not what are the differences?

drehb · August 12, 2017, 12:49pm

My understanding is that the app can only create one container for itself (ownContainer), but not totally sure.

github.com

maidsafe/rfcs/blob/master/text/0046-new-auth-flow/containers.md

# Containers and their basic conventions

## Summary

This appendix to the New App Authentication describes how the general NFS and DNS will be working and handled in this new launcher-less approach. After talking about the general cases, this document will also outline how these will be used to manage **App Containers**, **Default Containers** (and which ones will be known to the system from the start), the **Root container** and how containers can be shared between apps.

## Containers

In its core, NFS always has been and will continue to be an emulation on top of generic network data types, which are formed following a specific convention: but while that was previously done with StructuredData, it will now use the new MutableData. And rather than having a hierarchy of StructuredData pointing to "subdirectories", we will flatten the structure into a single key-value-store mapping and emulate a file system like access on top of that.

We call these "containers" in correspondence with the same concept being used in cloud storage and service providers (some also call these "buckets"). And these emulation "conventions" (or "access convention") and they describe certain protocols that the client should adhere to when access and manipulating the data. Whenever a container is first shared with any third party (for example through the Authenticator URL-Scheme Protocol), the sharing party must indicate in its response any convention it knows about for said container. A container might adhere to multiple (non-conflicting) conventions at the same time.

**Encryption**

Furthermore, containers might be fully-encrypted with a key pair that is not available within the container, but kept in a different location to prevent vaults from understand the data itself. If such encryption is used, the same key-pair must be shared across all entities having access to it and each party must encrypt every key and every value with it before transmitting it to the network. We call this the "local key" within this document and the container to be "locally encrypted".

It is the sharing parties responsibility to share that key, too.

**Following the convention**

This file has been truncated. show original

Joseph_Meagher · August 13, 2017, 3:24pm

Why is mutable data limited to 100 entries and 1 mb per entry?

happybeing · August 13, 2017, 3:31pm

It isn’t 1MB per entry, but 1MB per MutableData (and 100 entries per MutableData). Those are implementation decisions - ie what the SAFE network supports. My understanding is that if you want more/bigger you will need to string multiple MD together yourself once a limit is reached.

I think that is the case with containers too, because each is just an MD, but my question is just to check that this is the case and that the API does not have code to string multiple MDs together per container.

In the case of the root container, each entry is an MD which is also a container. See the RFC referenced above.

bochaco · August 15, 2017, 12:01pm

I would say the only difference if the way you reference it, i.e. the containers have a name which can be provided to the API to fetch it, whilst for fetching MutableData’s you need the XoR name and tag type. After you fetch them, you interact with them both in the exct same way, i.e. using the MutableData API and NFS emulation if you prefer to.

At the moment from the safe_app_nodejs and DOM API it’s not possible to create another container but the one you can request to be created when you authorise the app with the own_container option param. But this is something that was thought to eventually be possible if the app requests permissions for it, although I haven’t explored the lower level safe_core API well enough to provide more details at this time, I just remember this was somehow mentioned in the RFC: rfcs/text/0046-new-auth-flow/containers.md at master · maidsafe/rfcs · GitHub

As mentioned above, in order to fetch a MutableData you need the XoR name and the tag type, and if you want to fetch a Private MutableData you need the encryption keys in addition to that.
If your app needs to store a reference to a MutableData it can store the required information so it can then fetch it, or alternatively it can just serialise the MutableData, store it, and then it can deserialise it to fetch it.

Correct, this is not supported yet.

rob · August 19, 2017, 3:02am

9 posts were split to a new topic: Error on create/insert with NFS (bug discussion arising from Dumb DOM API Questions)

loziniak · August 19, 2017, 2:50pm

Hypothetically, is this possible that one instance will send v=1, and other v=2, and they both get accepted? Where can I read more about a consensus mechanism, Is there some RFC about that?

loziniak · August 19, 2017, 2:58pm

So, is it account or app? Can I restrict permissions to some app used by any user, or some user using any app? Or is it always account+app combination? Or maybe it is always a user using current app?

loziniak · August 19, 2017, 3:02pm

I think it could be done just by clever design of application data structures. You can perhaps save email={ login: “…”, content: “…”} instead of email=“…” as a mutable data entry value and ignore/delete entries that don’t have email field.

loziniak · August 19, 2017, 3:06pm

Great topic anyway, great questions, great answers. I think every question in this topic should result in a commit to documentation, or a ticket Or perhaps a FAQ could be compiled of it.

bochaco · August 22, 2017, 4:46pm

The account is the owner of the MD created, and the app which requested the creation of the MD is added to the permissions list when it invokes the quickSetup function in the MD API (or using the put function of the MD API it can specify which permissions to be set for itself in the MD).
So you can restrict access to the MD entries using the MD Permissions and PermissionsSet APIs, and you can set those permissions to specific sign keys (that’d be the app’s sign key you are giving/denying access to), or you can set permissions for any app by providing a null sign key to those APIs (we’ll expose that as constants eventually to make it clearer for the developer).