I’m trying to understand how to use OrbitDB to create a distributed website similar to social media. The plan is for the entire site to run within the browser, the JavaScript files embedded in the HTML will be doing all the work. I already got the base setup running using the browser example provided by Orbit, which allows my browser to read and write a database through IPFS without having to run extra software in the background.
The next step is for me to understand how I’m going to use and structure the Orbit database to create a functional user system, allowing people to create an account and make post under it while other users can add posts to playlists and comment on them. I’m still new to Orbit and have a hard time understanding the exact structure of the functions I’ll need to use.
When an user registers, they’re given the name of the new database as well as its password. That database must have 4 overall functionalities: Parts only the owner can read (eg: private messages), parts only the owner can modify (eg: creating posts, changing profile information), parts that anyone may read (eg: the contents of posts, profile information), and parts that anyone may modify (eg: comments on your posts). Parts that are readable and / or writable only to the owner must be protected by the password / key and securely encrypted to anyone who doesn’t have it… parts that are readable and / or writable to anyone must be public.
So first I will need functions that let the user create an account (sub-database) protected by a password or private key… after that I’ll need functions that can read and write various data and fields in this database, some only accessible to the owner while others to anyone else. For instance, if you’re looking at a post made by an user, the site script will need to tell Orbit “get data from orbitdb/the_site/the_user/the_post”. Ideally posts and profiles can be stored as json files, from which you read parameters like the date or content or attachments as variables in the object… if not I’m also fine with the database storing each value as an individual boolean / float / integer / string.
Can anyone please point me to any examples that can make getting started easier? If someone already attempted such a project, I’d like to see a simple showcase of it. Otherwise I’d like a list of all the OrbitDB function calls I’ll be using in my site scripts for each of those functionalities. Thank you.
hi maybe you can check that
Rotonde a p2p social network base on dat. that can permit to you to see how to architecture your database maybe
1 Like
Thanks. That may help with a few aspects although it looks like a very different thing. DAT isn’t IPFS even if the two are highly similar. I’m interested in some examples for Orbit itself if any exist, granted it’s what I’m planning to go with and I’ll need to better know about its functions and how to use them.
I’ve been reading this section of the GUIDE.md to better understand how securing write access to a database works. I now get the general functionality, but also see huge issues to overcome.
Databases can’t be secured using an username + password or public + private key pair as I had hoped. Security is based on database ownership, which is itself determined by a key. You obtain this key using orbitdb.key.getPublic('hex') which outputs the public key of your OrbitDB instance. I have several questions about this key and how it’s used.
First of all, I wish to know whether it’s the same as your IPFS peer key. Is the Orbit public key essentially the key that identifies your IPFS daemon in the swarm?
Second and most importantly, I’d like to know how device portability can be achieved with such a model. Say I create a secure database using one web browser on one of my computers. Now I wish to modify it from another computer, or even another web browser on the same computer. The keys will not match! It would be ridiculous to ask users to create an account for every browser and device they use. There are only two solutions: Either users can mirror their identifying key across all browsers and devices (but then anyone could do it and gain access) or the device that created the database can give write access to other keys (without requiring a new database to be created). What is the solution to this problem?
Hi mirceaKitsune,
First of all, I wish to know whether it’s the same as your IPFS peer key. Is the Orbit public key essentially the key that identifies your IPFS daemon in the swarm?
i think yes
your second question is a question hunting me since few months. i think a whole system about that for the moment i see i not found a whole solution without past by 3rd party :
and use that to authenticate your user and save information to get your database another browser or ipfs daemon instance.
regards
Thinking about it now, there may actually be some good in this system: Imagine users never having to register with an username and password at all, but automatically being recognized by their account when viewing it from a device that belongs to them. This is much more convenient while also remaining pretty much secure.
But for that model to work, devices need to be able to grant or revoke access to other devices. I understand you can update the access field of an Orbit database, however that requires generating a full copy of the whole database. Apart from this meaning that peers have to re-download all of the data, pointers to the old database would become invalid and you essentially have to update several external entries. There must be a more flexible way to add or remove access keys in an existing database!