Confidential data exchange

Before you can share the confidential data, you need to create access groups. Using transactions, you can add or change access groups to the confidential data.

Creation of the confidential data access group

The confidential data access group can be created by any network participant. You need to specify the range of participants, which will get the data. Then any of participant will perform the following actions:

  1. The network participant, the future owner of the group, is creating the 112 CreatePolicy with the following parameters:

  • sender - the public key of the access group creator.

  • description - description of the access group.

  • policyName - the name of the access group.

  • recipients - public keys of access group participants, that will have the access to the confidential data.

  • owners - public keys of access group participants, which, in addition to the data access, can change the lineup of the group participants.

  1. This transaction is fell into the block and approved by other nodes.

  2. After accepting the transaction the nodes which are the access group participants will get the access to the confidential data.

Changing the access group

Access groups can only be changed by their owners. The following actions are performed to change the list of participants in the access group:

  1. The group owner creates the 113 UpdatePolicy transaction with the following parameters:

  • policyId - identifier of the access group;

  • sender - the public key of the access group owner;

  • opType - the option of the adding (add) or the removing (remove) the group participants;

  • recipients - public keys of access group participants, which are added or removed from the access group;

  • owners - public keys of access group participants, which are added or removed from the access group.

  1. This transaction is fell into the block and approved by other nodes.

  2. After accepting the transaction the information about participants of the changed access group will update.

Exchanging the confidential data

Important

The size of the transferred data via API method POST /privacy/sendData to the network is up to 20 MB.

  1. Using the API POST /privacy/sendData tool the client sends the data to the network (API parameters: sender, password, policy ID, data type, data information, data and hash).

  2. Access group participants use the GET /privacy/{policyId}​/getData/{policyItemHash} tool for getting information about data and its further download.

Follow these steps for the values creation of the data and hash fields:

  1. Translate the data byte sequence into the Base64 encoding.

  2. Place the result of the data conversion to the "data": "29sCt...RgdC60LL" field of the API POST /privacy/sendData.

  3. Specify the data hash sum according to the SHA-256 algorithm in the "hash": "9wetTB...SU2zr1Uh" field. You need to specify the hash result in the Base58 encoding.

  4. Send the data to the network by pressing the Try it out! button.

  5. Node automatically will create the 114 PolicyDataHash transaction as a result of the data sending.