This demo application uses a minimal webapp to demonstrate how Ceramic can facilitate the sharing of private data between two users. In this iteration, the demo only implements access control on the Ceramic-One data feed API, showing how data can only be read if the controlling user grants the user who desires access a capability. Both users share the same node, but can only access each others data if explicitly granted that capability.
-
First, create a copy of the example env file and rename it
.envin the root of this directory. -
Next, create a WalletConnect project ID by visiting the WalletConnect Sign In page, create a new project (with a name of your choosing and the
Apptype selected), and copy theProject IDkey once available.
In your new environment file, assign this value to NEXT_PUBLIC_PROJECT_ID.
- Clone the rust-ceramic repository and check out into the feat/private-data branch. Next, install Profobuf, run the build process, and initialize your node:
# Install protobuf (can alternatively use `brew install protobuf`)
PROTOC_VERSION=3.20.1
PROTOC_ZIP=protoc-$PROTOC_VERSION-linux-x86_64.zip
curl --retry 3 --retry-max-time 90 -OL https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOC_VERSION/$PROTOC_ZIP \
&& unzip -o $PROTOC_ZIP -d /usr/local bin/protoc \
&& unzip -o $PROTOC_ZIP -d /usr/local 'include/*' \
&& rm -f $PROTOC_ZIP
# Build and initialize node
cargo run -p ceramic-one -- daemon- Back in the root of this repository, install your dependencies:
Install your dependencies:
npm install- Finally, start up your UI:
npm run dev- Navigate to
http://localhost:3000in your browser to view the UI
In your browser you'll see a simple application layout with the option to "Connect Wallet" in the navigation. Follow along with the steps below to interact with the app:
-
Click the "Connect Wallet" button to connect your wallet. Keep track of which account you use for this portion - we will be using different accounts to read this data. Please ensure you are authenticating with Eth Mainnet for all sign-ins throughout this demo.
-
You will see a signature request with the message "Give this application access to some of your data on Ceramic" - signing this request will create an authenticated browser session that the application will reference when writing data on your behalf. Go ahead and approve this request by clicking "Sign In".
-
Click on the "Write" toggle above the "C1 Endpoint" box. You will be prompted to enter a message - this can be any arbitrary message you'd like to use. Go ahead and enter this here and click "Create".
-
Open up your computer notepad and save the value you'll see under "Stream ID". We will need this later.
-
Grab another Eth address that you own and enter it into the text area underneath "Delegate read access to". Make a note of which address you entered
-
Finally, click "Create Capability" to generate the capability object which delegates read access to the Eth address you own. Paste the result into your notepad as well - we will use this later.
-
Manually disconnect the account you used for the previous session and sign in using the address you entered for step 5 from the previous section (or open the app in a new incognito tab).
-
Click the "Read" toggle above the "C1 Endpoint" box.
-
Enter the value for the Stream ID you saved in step 4 from the previous section under "Stream ID".
-
Do the same for the "Capability" text input.
-
Click on the "Load" button in order to load the stream contents given the delegated capability.
-
You should now be able to view the original message you entered and saved from the previous section.
-
Still in the same UI, make a random change to the capability value under "Capability" thus invalidating it.
-
Press "Load" again - you will see that we are now unable to access the same stream due to the invalid capability object.