Using OrbitDB to create a distributed website with user functionality

[MirceaKitsune]

I'm trying to understand how to use OrbitDB to create a distributed website similar to social media. The plan is for the entire site to run within the browser, the JavaScript files embedded in the HTML will be doing all the work. I already got the base setup running using the browser example provided by Orbit, which allows my browser to read and write a database through IPFS without having to run extra software in the background.

The next step is for me to understand how I'm going to use and structure the Orbit database to create a functional user system, allowing people to create an account and make post under it while other users can add posts to playlists and comment on them. I'm still new to Orbit and have a hard time understanding the exact structure of the functions I'll need to use.

When an user registers, they're given the name of the new database as well as its password. That database must have 4 overall functionalities: Parts only the owner can read (eg: private messages), parts only the owner can modify (eg: creating posts, changing profile information), parts that anyone may read (eg: the contents of posts, profile information), and parts that anyone may modify (eg: comments on your posts). Parts that are readable and / or writable only to the owner must be protected by the password / key and securely encrypted to anyone who doesn't have it... parts that are readable and / or writable to anyone must be public.

So first I will need functions that let the user create an account (sub-database) protected by a password or private key... after that I'll need functions that can read and write various data and fields in this database, some only accessible to the owner while others to anyone else. For instance, if you're looking at a post made by an user, the site script will need to tell Orbit "get data from orbitdb/the_site/the_user/the_post". Ideally posts and profiles can be stored as json files, from which you read parameters like the date or content or attachments as variables in the object... if not I'm also fine with the database storing each value as an individual boolean / float / integer / string.

Can anyone please point me to any examples that can make getting started easier? If someone already attempted such a project, I'd like to see a simple showcase of it. Otherwise I'd like a list of all the OrbitDB function calls I'll be using in my site scripts for each of those functionalities. Thank you.

[MirceaKitsune]

https://github.com/orbitdb/orbit-db/blob/master/GUIDE.md#access-control

I've been reading this section of the GUIDE.md to better understand how securing write access to a database works. I now get the general functionality, but also see huge issues to overcome.

Databases can't be secured using an username + password or public + private key pair as I had hoped. Security is based on database ownership, which is itself determined by a key. You obtain this key using orbitdb.key.getPublic('hex') which outputs the public key of your OrbitDB instance. I have several questions about this key and how it's used.

First of all, I wish to know whether it's the same as your IPFS peer key. Is the Orbit public key essentially the key that identifies your IPFS daemon in the swarm?

Second and most importantly, I'd like to know how device portability can be achieved with such a model. Say I create a secure database using one web browser on one of my computers. Now I wish to modify it from another computer, or even another web browser on the same computer. The keys will not match! It would be ridiculous to ask users to create an account for every browser and device they use. There are only two solutions: Either users can mirror their identifying key across all browsers and devices (but then anyone could do it and gain access) or the device that created the database can give write access to other keys (without requiring a new database to be created). What is the solution to this problem?

[MirceaKitsune]

Thinking about it now, there may actually be some good in this system: Imagine users never having to register with an username and password at all, but automatically being recognized by their account when viewing it from a device that belongs to them. This is much more convenient while also remaining pretty much secure.

But for that model to work, devices need to be able to grant or revoke access to other devices. I understand you can update the access field of an Orbit database, however that requires generating a full copy of the whole database. Apart from this meaning that peers have to re-download all of the data, pointers to the old database would become invalid and you essentially have to update several external entries. There must be a more flexible way to add or remove access keys in an existing database!

[coyotespike]

howdy@MirceaKitsune! Yes, dynamic access permissions are definitely needed and are under active development.

As you noted, if you just want databases that only the owner can edit, or anyone can edit, you can already accomplish this goal with OrbitDB. You can also currently grant access to a group of people, if you know them and have access to their OrbitDB keys at the time of creating the database.

To change devices, you will have two options, after the dynamic access permission branch lands. You will be able to govern access with another Orbit database, or with a smart contract.

You should also be able to store your data essentially as JSON, using a key-value database, for instance.

It would be great to have a starter project, the OrbitDB equivalent of create-react-app, but this is not there yet.

I hope this helps, please keep asking questions - here or on #orbitdb on IRC is the best place to ask.

[MirceaKitsune]

@coyotespike Thank you for clarifying! I'm looking forward to this branch... this functionality is essential for a secure yet portable account system to be possible through Orbit.

I'd like to know where I can try out this branch, and how far the development of this feature has gotten at this stage. Can this feature be tested anywhere at the moment?

If so I would also like to know whether its API is documented anywhere. The existing API.md obviously doesn't include it, and I'd like to see exactly how this will work so I can plan in my mind how I'm going to use it. Being able to use one database to establish access rights to another database will be very useful, for instance allowing comments on posts which are stored in their own database but should only be editable by the owner of the poster account.

[coyotespike]

Yes! Check out the proto/dynamic-access branch in this repo. That has tests and basic functionality for an Orbit access controller (to be clear, OrbitDB currently uses an IPFS access controller). The contract access controller is still WIP.

There is no API documentation yet, sadly.

[RichardLitt]

@coyotespike Should we open an issue to add API docs for that?

[coyotespike]

Yeah, I think eventually, maybe wait a bit for the branch to get closer to being merged though.

[filips123]

@coyotespike When will dynamic access be ready and released? I would need it for 3box/3box-js#299.

[aphelionz]

@filips123 Custom ACLs and dynamic access are now part of the 0.20.0 branch, which is now, finally in RC!

You can use npm i -S orbit-db@rc3 to get the latest code but keep an eye on releases if you're using the release candidate! They will be changing quick.

[filips123]

@aphelionz When will they be stable?

[aphelionz]

We're in RC now which you know means testing, finding bugs, fixing bugs, repeat. I'm hesitant to give a stable date but we will be announcing on Gitter and here as soon as we can be concrete.