mirror of
https://github.com/orbitdb/orbitdb.git
synced 2025-03-30 15:08:28 +00:00
85e6848f4c
* docs: Update README to match new version. * docs: Update events example to use new API. * docs: Correctly print out db query results. * test: Remove concurrent. * test: Remove unimplemented and 3rd party AC tests. * test: Remove unimplemented and 3rd party identity tests. * docs: Move jsdoc config to conf directory. * Point package.json main at index.js to access all exported functions. * docs: Vetted AC docs; these examples should work if implemented in code. Explicitly show orbit-db function imports. * docs: Fix incorrectly declared write objects. * docs: Improved canAppend documentation. Better JS syntax highlighting. * docs: wss and define filters for localhost separately. * docs: Simplified webSockets implementation with filters. * docs: Return manifest json only (no hash). JS highlighting. * docs: Remove operations documentation. * docs: Update heading levels. * docs: Differentiate between db types which expose put/add function. * docs: Correctly import IPFS and pass config. * docs: A simple method for full db replication. * docs: Link to existing examples of db implementation. * docs: Update heading. * docs: JS code formatting. import statements. * docs: Expand on the concepts of identities and identity management. * docs: Describe head sync-ing and full replication. * docs: Comprehensive explanation of setting up a db and sync-ing/replicating data across peers. Examples can be run in node.js. * docs: Syntax highlighting. Correct code implementation for custom/3rd party storage implementations. * docs: Getting started cleanup. * docs: Manifest as an IPLD data strcture.
50 lines
2.2 KiB
Markdown
50 lines
2.2 KiB
Markdown
# Identities
|
|
|
|
An identity is a cryptographically signed public key which can be used to sign and verify various data. Within OrbitDB, the main objective of an identity is verify write access to a database's log and, if allowed, to sign each entry as it is added to the log.
|
|
|
|
`Identities` provides methods to manage one or more identities and includes functionality for creating, retrieving, signing and verifying an identity as well as signing and verifying messages using an existing identity.
|
|
|
|
## Creating an identity
|
|
|
|
An identity can be created by using the `createIdentity` function.
|
|
|
|
A root key is used to create a new key with the "id" of the root key's public key, Using the derived private key, the root public key is signed. This is known as the "signed message".
|
|
|
|
A new identity is signed using the root key's private key. The identity is consists of the signed message and the derived public key concatenated together ("signed identity")
|
|
|
|
A "signatures object" is then created to hold both the signed message and signed identity.
|
|
|
|
Finally, a new identity consisting of the root public key and derived public key plus the signatures object is generated and stored to the Identities storage.
|
|
|
|
```js
|
|
import { Identities } from 'orbit-db'
|
|
|
|
const id = 'userA'
|
|
const identities = await Identities()
|
|
const identity = identities.createIdentity({ id })
|
|
```
|
|
|
|
The `id` parameter that is passed to createIdentity is used to reference the root key pair in the PublicKeyIdentityProvider. The id can be any arbitrary text, e.g. 'bob', 'My-Key-123', etc.
|
|
|
|
The PublicKeyIdentityProvider stores the id and the root keys as a key/value pair in the key store. Other providers may not store root keys in the same manner and so the `id` parameter may not always be required.
|
|
|
|
Once created, `identities` and the associated `id` can be passed to OrbitDB:
|
|
|
|
```js
|
|
const orbitdb = await OrbitDB({ identities, id: 'userA' })
|
|
```
|
|
|
|
This identity can now be used by OrbitDB to control access to database actions such as write.
|
|
|
|
## Specifying a keystore
|
|
|
|
An existing keystore can be passed to `Identities`:
|
|
|
|
```js
|
|
import { Identities, KeyStore } from 'orbit-db'
|
|
|
|
const keystore = await KeyStore()
|
|
const id = 'userA'
|
|
const identities = await Identities({ keystore })
|
|
const identity = identities.createIdentity({ id })
|
|
``` |