# Main operations in the network¶

The moment of the first node running is the beginning of the new blockchain net creation. You can create the blockchain net from the starting only one node, further you can add new nodes as required.

After starting a node you can make the following operations:

• Connect a new node into the existing network.
• Delete unnecessary nodes from the network.
• Add or change the confidential data access group.
• Exchange the confidential data.

## Connection of a new node to the existing net¶

You can add new nodes into the net at any time. The configuration files setting is described in the section Node configuration. Perform all these actions and run the node. The following steps are making:

1. The new node user gives the public key and the node description to the net administrator.
2. The network administrator (the node with “Connection-manager” role) uses the received public key and description for the 111 RegisterNode transaction creation with the "opType": "add" parameter.
3. Transaction falls to the block and further into the nodes states of network participants. As a result of the transaction among the stored data, each participant of the network stores the public key and the address of the new node.
4. If necessary, the network administrator can add additional roles to the new node using the transaction 102 Permit.
5. The user runs the node.
6. After starting, the node sends handshake-message with its public key to the participants from the “peers” list of its configuration file.
7. Network participants compare the public key from the handshake message and the key from transaction 111 RegisterNode sent earlier by the network administrator. If the check is successful, the network participant updates its database and sends the Peers Message message to the network.
8. Having successfully connected, the new node synchronizes with the network and receives the address table of the network participants.

## Deleting the node¶

1. The network administrator creates the 111 RegisterNode transaction with the parameter "opType": "remove" and the public key of the removed node within.
2. This transaction is fell into the block and approved by other nodes.
3. After accepting the transaction the nodes find the public key specified in the transaction 111 RegisterNode in their state and delete it from there.
4. Then nodes delete the network address of the removed node from the network.known-peers of the node configuration file.

## Creation of the confidential data access group¶

The confidential data access group can be created by any network participant. You need to specify the range of participants, which will get the data. Then any of participant will perform the following actions:

1. The network participant, the future owner of the group, is creating the 112 CreatePolicy with the following parameters:
• sender - the public key of the access group creator.
• description - the description of the access group.
• policyName - the name of the access group.
• recipients - public keys of access group participants, which will have the access to the confidential data.
• owners - public keys of access group participants, which, in addition to the data access, can change the lineup of the group participants.
1. This transaction is fell into the block and approved by other nodes.
2. After accepting the transaction the nodes which are the access group participants will get the access to the confidential data.

## Changing the access group¶

Access groups can only be changed by their owners. The following actions are performed to change the list of participants in the access group:

1. The group owner creates the 113 UpdatePolicy transaction with the following parameters:
• policyId - identifier of the access group.
• sender - the public key of the access group owner.
• opType - the option of the adding (add) or the removing (remove) the group participants.
• recipients - public keys of access group participants, which are added or removed from the access group.
• owners - public keys of access group participants, which are added or removed from the access group.
1. This transaction is fell into the block and approved by other nodes.
2. After accepting the transaction the information about participants of the changed access group will update.

## Exchanging the confidential data¶

Important

The size of the transferred data via API method POST /privacy/sendData to the network is up to 20 MB.

1. Using the API POST /privacy/sendData tool the client sends the data to the network (API parameters: sender, password, policy ID, data type, data information, data and hash).
2. Access group participants use the GET /privacy/getData/{hash} tool for getting information about data and its further download.

Follow these steps for the values creation of the data and hash fields:

1. Translate the data byte sequence into the Base64 encoding.
2. Place the result of the data conversion to the "data": "29sCt...RgdC60LL" field of the API POST /privacy/sendData request.
3. Specify the data hash sum according to the SHA-256 algorithm in the "hash": "9wetTB...SU2zr1Uh" field. You need to specify the hash result in the Base58 encoding.
4. Send the data to the network by pressing the Try it out! button.
5. Node automatically will create the 114 PolicyDataHash transaction as a result of the data sending.