Installation and usage of the platform
Confidential data exchange¶
The Waves Enterprise blockchain platform allows you to restrict access to certain data placed on the blockchain. To do this, users are divided into groups with access to confidential data.
Creation of a confidential data group¶
Anyone on the network can create a confidential data access group. Before you create an access group, decide on the list of members that will be part of it. Then sign and submit the transaction 112 CreatePolicy:
In the
recipients
field, enter the comma-separated addresses of participants who will have access to confidential data.In the
owners
field, add the comma-separated addresses of the group members who will be given administrator rights. The administrators of the access group, in addition to accessing confidential data, will be able to change the composition of the access group.
When you send a transaction, you will receive the ID of the created access group (policyId
). You will need it when you change the composition of its members.
Once a transaction is sent to the blockchain, all participants registered in the created access group will have access to the confidential data sent to the network. As the creator of the transaction, you will be able to change its composition, as will the participants added to the owners
field.
Updating a confidential data group¶
Only members of a confidential data group added to the owners
field when creating the group, as well as its creator himself (group owners) can change the composition of the access group.
To do this, sign and submit the transaction 113 UpdatePolicy:
In the
policyId
field, enter the identifier of the access group to be changed.In the
opType
field, enter the action to be performed on the group:add
- add members;remove
- delete members.If you want to add or remove members of an access group, type their public keys in the
recipients
field.To add or remove access group owners, type their public keys in the
owners
field.
Access group information is updated after a transaction is sent to the blockchain.
Sending confidential data into the network¶
REST API methods POST /privacy/sendData and POST /privacy/sendDataV2 are used to send confidential data to the network. These methods require authorization.
With the POST /privacy/sendData and POST /privacy/sendDataV2 methods, you can send data up to 20 megabytes.
When sending data, include the following information in your request:
sender
- blockchain address from which the data should be sent (corresponds to the value of the “privacy.owner-address” parameter in the configuration file of the node);password
- password to access the private key in the node keystore;policyId
- identifier of a group that will have access to the data to be forwarded;info
- information about data being sent;data
- string containing data in base64 format;hash
- sha256-hash data in base58 format.
Examples of query and response of the POST /privacy/sendData method:
The POST /privacy/sendDataV2 method allows you to attach a file in the Swagger window without having to convert it to the base64 format. The Data
field is missing in this version of the method.
Examples of query and response of the POST /privacy/sendDataV2 method:
Sending request of these types will result in a 114 PolicyDataHash transaction, which will send a hash of confidential data to the blockchain.