Installation and usage of the platform

Confidential data exchange

The Waves Enterprise blockchain platform allows you to restrict access to certain data placed on the blockchain. To do this, users are divided into groups with access to confidential data.

Creation of a confidential data group

Anyone on the network can create a confidential data access group. Before you create an access group, decide on the list of members that will be part of it. Then sign and submit the transaction 112 CreatePolicy:

  1. In the recipients field, enter the comma-separated addresses of participants who will have access to confidential data.

  2. In the owners field, add the comma-separated addresses of the group members who will be given administrator rights. The administrators of the access group, in addition to accessing confidential data, will be able to change the composition of the access group.

When you send a transaction, you will receive the ID of the created access group (policyId). You will need it when you change the composition of its members.

Once a transaction is sent to the blockchain, all participants registered in the created access group will have access to the confidential data sent to the network. As the creator of the transaction, you will be able to change its composition, as will the participants added to the owners field.

Updating a confidential data group

Only members of a confidential data group added to the owners field when creating the group, as well as its creator himself (group owners) can change the composition of the access group.

To do this, sign and submit the transaction 113 UpdatePolicy:

  1. In the policyId field, enter the identifier of the access group to be changed.

  2. In the opType field, enter the action to be performed on the group: add - add members; remove - delete members.

  3. If you want to add or remove members of an access group, type their public keys in the recipients field.

  4. To add or remove access group owners, type their public keys in the owners field.

Access group information is updated after a transaction is sent to the blockchain.

Sending confidential data into the network

REST API methods POST /privacy/sendData and POST /privacy/sendDataV2 are used to send confidential data to the network. These methods require authorization.

With the POST /privacy/sendData and POST /privacy/sendDataV2 methods, you can send data up to 20 megabytes.

When sending data, include the following information in your request:

  • sender - blockchain address from which the data should be sent (corresponds to the value of the “privacy.owner-address” parameter in the configuration file of the node);

  • password - password to access the private key in the node keystore;

  • policyId - identifier of a group that will have access to the data to be forwarded;

  • info - information about data being sent;

  • data - string containing data in base64 format;

  • hash - sha256-hash data in base58 format.

Examples of query and response of the POST /privacy/sendData method:

POST /privacy/sendData:

Query:

{
"sender": "3HYW75PpAeVukmbYo9PQ3mzSHdKUgEytUUz",
"password": "apgJP9atQccdBPA",
"policyId": "4gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaC",
"info": {
  "filename":"Service contract #100/5.doc",
  "size": 2048,
  "timestamp": 1000000000,
  "author": "[email protected]",
  "comment": "some comments"
 },
 "data": "TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ1dCBieSB0aGlzIHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaCBpcyBhIGx1c3Qgb2YgdGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGVsaWdodCBpbiB0aGUgY29udGludWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Yga25vd2xlZGdlLCBleGNlZWRzIHRoZSBzaG9ydCB2ZWhlbWVuY2Ugb2YgYW55IGNhcm5hbCBwbGVhc3VyZS4=",
 "hash": "FRog42mnzTA292ukng6PHoEK9Mpx9GZNrEHecfvpwmta"
 }

Response:

{
"senderPublicKey": "Gt3o1ghh2M2TS65UrHZCTJ82LLcMcBrxuaJyrgsLk5VY",
"policyId": "4gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaC",
"sender": "3HYW75PpAeVukmbYo9PQ3mzSHdKUgEytUUz",
"dataHash": "FRog42mnzTA292ukng6PHoEK9Mpx9GZNrEHecfvpwmta",
"proofs": [
"2jM4tw4uDmspuXUBt6492T7opuZskYhFGW9gkbq532BvLYRF6RJn3hVGNLuMLK8JSM61GkVgYvYJg9UscAayEYfc"
],
"fee": 110000000,
"id": "H3bdFTatppjnMmUe38YWh35Lmf4XDYrgsDK1P3KgQ5aa",
"type": 114,
"timestamp": 1571043910570
}

The POST /privacy/sendDataV2 method allows you to attach a file in the Swagger window without having to convert it to the base64 format. The Data field is missing in this version of the method.

Examples of query and response of the POST /privacy/sendDataV2 method:

POST /privacy/sendDataV2:

Query:

{
"sender": "3HYW75PpAeVukmbYo9PQ3mzSHdKUgEytUUz",
"password": "apgJP9atQccdBPA",
"policyId": "4gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaC",
"info": {
  "filename":"Service contract #100/5.doc",
  "size": 2048,
  "timestamp": 1000000000,
  "author": "[email protected]",
  "comment": "some comments"
 },
 "hash": "FRog42mnzTA292ukng6PHoEK9Mpx9GZNrEHecfvpwmta"
 }

Response:

{
"senderPublicKey": "Gt3o1ghh2M2TS65UrHZCTJ82LLcMcBrxuaJyrgsLk5VY",
"policyId": "4gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaC",
"sender": "3HYW75PpAeVukmbYo9PQ3mzSHdKUgEytUUz",
"dataHash": "FRog42mnzTA292ukng6PHoEK9Mpx9GZNrEHecfvpwmta",
"proofs": [
"2jM4tw4uDmspuXUBt6492T7opuZskYhFGW9gkbq532BvLYRF6RJn3hVGNLuMLK8JSM61GkVgYvYJg9UscAayEYfc"
],
"fee": 110000000,
"id": "H3bdFTatppjnMmUe38YWh35Lmf4XDYrgsDK1P3KgQ5aa",
"type": 114,
"timestamp": 1571043910570
}

Sending request of these types will result in a 114 PolicyDataHash transaction, which will send a hash of confidential data to the blockchain.

See also