true
if the given DID is an active tenant of the DWN; false
otherwise
Utility class for creating CIDs. Exported for the convenience of developers.
+Static
computeComputes a V1 CID for the provided payload
+the codec to use. Defaults to cbor
+the multihasher to use. Defaults to sha256
+payload CID
+Static
computeStatic
computeStatic
parseA simple implementation of DataStore that works in both the browser and server-side. +Leverages LevelDB under the hood.
+It has the following structure (+
represents an additional sublevel/partition):
+'data' +
Fetches the specified data.
+The logical ID of the record that references the data.
+The IPFS CID of the data.
+the data size and data stream if found, otherwise undefined
.
Stores the given data.
+The logical ID of the record that references the data.
+The IPFS CID of the data.
+Utility class for readable data stream, intentionally named to disambiguate from ReadableStream, readable-stream, Readable etc.
+Processes the given DWN message and returns with a reply.
+The tenant DID to route the given message to.
+Optional
options: MessagesSubscribeMessageOptionsOptional
options: RecordsWriteMessageOptionsOptional
options: MessageOptionsValidates structure of DWN message
+GenericMessageReply if the message has an integrity error, otherwise undefined.
+Checks tenant gate to see if tenant is allowed.
+The tenant DID to route the given message to.
+GenericMessageReply if the message has an integrity error, otherwise undefined.
+Static
createStatic
Readonly
maxThe maximum size of raw data that will be returned as encodedData
.
We chose 30k, as after encoding it would give plenty of headroom up to the 65k limit in most SQL variants. +We currently encode using base64url which is a 33% increase in size.
+A class that represents a DWN error.
+Utility class for performing common, non-DWN specific encryption operations.
+Static
isExpose eciesjs library configuration
+Static
aes256Static
aes256Static
eciesDecrypt the given plaintext using ECIES (Elliptic Curve Integrated Encryption Scheme) +with SECP256K1 for the asymmetric calculations, HKDF as the key-derivation function, +and AES-GCM for the symmetric encryption and MAC algorithms.
+Static
eciesEncrypts the given plaintext using ECIES (Elliptic Curve Integrated Encryption Scheme) +with SECP256K1 for the asymmetric calculations, HKDF as the key-derivation function, +and AES-GCM for the symmetric encryption and MAC algorithms.
+The EventStream interface implements a pub/sub system based on Message filters.
+Optional
config: EventLogLevelConfigRetrieves all of a tenant's events that occurred after the cursor provided. +If no cursor is provided, all events for a given tenant will be returned.
+The cursor is a messageCid.
+Returns an array of messageCids that represent the events.
+Optional
cursor: PaginationCursorretrieves a filtered set of events that occurred after a the cursor provided, accepts multiple filters.
+If no cursor is provided, all events for a given tenant and filter combo will be returned. +The cursor is a messageCid.
+Returns an array of messageCids that represent the events.
+Optional
cursor: PaginationCursorClass containing hierarchical deterministic key related utility methods used by the DWN.
+Static
deriveDerives a key using HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869. +TODO: Consolidate HKDF implementation and usage with web5-js - https://github.com/TBD54566975/dwn-sdk-js/issues/742
+Static
deriveDerives a descendant private key. +NOTE: currently only supports SECP256K1 keys.
+Static
deriveStatic
deriveDerives a descendant public key from an ancestor private key. +NOTE: currently only supports SECP256K1 keys.
+Utility class for JWS related operations.
+Static
createCreates a Signer from the given Persona.
+Static
createCreates a Signer[] from the given Personas.
+Static
decodeStatic
extractStatic
getStatic
getStatic
verifyVerifies the signature against the given payload.
+true
if signature is valid; false
otherwise
A class containing utility methods for working with DWN messages.
+Static
compareStatic
compareStatic
createCreates the authorization
property to be included in a DWN message.
Optional
delegatedOptional
permissionOptional
protocolused as an authorization
property.
Static
createCreates a generic signature from the given DWN message descriptor by including descriptorCid
as the required property in the signature payload.
+NOTE: there is an opportunity to consolidate RecordsWrite.createSignerSignature() wth this method
Optional
additionalPayloadProperties: { Optional
delegatedOptional
permissionOptional
protocolStatic
getGets the CID of the given message.
+Static
getnewest message in the array. undefined
if given array is empty.
Static
getoldest message in the array. undefined
if given array is empty.
Static
getGets the DID of the signer of the given message, returns undefined
if message is not signed.
Static
isStatic
isStatic
isSee if the given message is signed by an author-delegate.
+Static
isSee if the given message is signed by an owner-delegate.
+Static
validateStatic
validateValidates the structural integrity of the message signature given:
+descriptorCid
property matches the CID of the message descriptor
+NOTE: signature is NOT verified.The key to look up the JSON schema referenced in compile-validators.js
and perform payload schema validation on.
the parsed JSON payload object if validation succeeds.
+A simple implementation of MessageStore that works in both the browser and server-side. +Leverages LevelDB under the hood.
+Deletes the message associated with the id provided.
+Optional
options: MessageStoreOptionsFetches a single message by cid
from the underlying store.
+Returns undefined
no message was found.
Optional
options: MessageStoreOptionsadds a message to the underlying store. Uses the message's cid as the key
+indexes (key-value pairs) to be included as part of this put operation
+Optional
options: MessageStoreOptionsQueries the underlying store for messages that matches the provided filters. +Supplying multiple filters establishes an OR condition between the filters.
+Optional
messageSort: MessageSortOptional
pagination: PaginationOptional
options: MessageStoreOptionsStatic
buildBuilds the IndexLevel QueryOptions object given MessageStore sort and pagination parameters.
+DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
parseDID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
parseDID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Called by JSON.stringify(...)
automatically.
Static
createCreates a MessagesSubscribe message.
+Static
parseA class representing a Permission Grant for a more convenient abstraction.
+Optional
Readonly
conditionsOptional conditions that must be met when the grant is used.
+Readonly
dateTimestamp at which this grant will no longer be active.
+Readonly
dateThe date at which the grant was given.
+Optional
Readonly
delegatedWhether this grant is delegated or not. If true
, the grantedTo
will be able to act as the grantedTo
within the scope of this grant.
Optional
Readonly
descriptionOptional string that communicates what the grant would be used for
+Readonly
granteeThe grantee of the permission.
+Readonly
grantorThe grantor of the permission.
+Readonly
idThe ID of the permission grant, which is the record ID DWN message.
+Optional
Readonly
requestOptional CID of a permission request. This is optional because grants may be given without being officially requested
+Readonly
scopeThe scope of the allowed access.
+Static
parseA class representing a Permission Request for a more convenient abstraction.
+Optional
Readonly
conditionsOptional conditions that must be met when the requested grant is used.
+Optional
Readonly
delegatedWhether the requested grant is delegated or not.
+If true
, the requestor
will be able to act as the grantor of the permission within the scope of the requested grant.
Optional
Readonly
descriptionOptional string that communicates what the requested grant would be used for.
+Readonly
idThe ID of the permission request, which is the record ID DWN message.
+Readonly
requesterThe requester for of the permission.
+Readonly
scopeThe scope of the allowed access.
+Static
parseThis is a first-class DWN protocol for managing permission grants of a given DWN.
+Static
Readonly
definitionThe definition of the Permissions protocol.
+Static
Readonly
grantThe protocol path of the grant
record.
Static
Readonly
requestThe protocol path of the request
record.
Static
Readonly
revocationThe protocol path of the revocation
record.
Static
Readonly
uriThe URI of the DWN Permissions protocol.
+Static
createConvenience method to create a permission grant.
+Static
createConvenience method to create a permission request.
+Static
createConvenience method to create a permission revocation.
+Static
fetchFetches PermissionGrant with the specified recordID
.
the PermissionGrant matching the recordId
specified.
Static
getGets the scope from the given permission record. +If the record is a revocation, the scope is fetched from the grant that is being revoked.
+The message store to fetch the grant for a revocation.
+Static
hasType guard to determine if the permission is a protocol-scoped
+Static
parseStatic
validateValidates the given Permissions protocol RecordsWrite. It can be a request, grant, or revocation.
+Static
pollThe interval in milliseconds to wait before retrying the delegate function.
+Static
pollThe maximum time in milliseconds to wait before timing out the delegate function.
+Static
pollPolls the delegate function until it succeeds or the timeout is exceeded.
+a function that returns a promise and may throw.
+the interval in milliseconds to wait before retrying the delegate function.
+the maximum time in milliseconds to wait before timing out the delegate function.
+A signer that signs using a private key.
+The name of the signature algorithm used by this signer. +This value will be used as the "alg" parameter in JWS produced. +This parameter is not used by the DWN but is unfortunately a required header property for a JWS as per: +https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.1 +Valid signature algorithm values can be found at https://www.iana.org/assignments/jose/jose.xhtml
+The ID of the key used by this signer.
+This needs to be a fully-qualified ID (ie. prefixed with DID) so that author can be parsed out for processing such as recordId
computation.
+Example: did:example:alice#key1
+This value will be used as the "kid" parameter in JWS produced.
+While this property is not a required property per JWS specification, it is required for DWN authentication.
Class containing Protocol related utility methods.
+Static
deriveDerives public encryptions keys and inject it in the $encryption
property for each protocol path segment of the given Protocol definition,
+then returns the final encryption-enabled protocol definition.
+NOTE: The original definition passed in is unmodified.
DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
parseDID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
normalizeStatic
parseClass containing useful utilities related to the Records interface.
+Static
buildThis will create individual keys for each of the tags that look like tag.tag_property
Static
constructConstructs full key derivation path using the specified scheme.
+Static
constructStatic
constructStatic
constructConstructs the full key derivation path using protocolPath
scheme.
Static
constructStatic
convertStatic
convertStatic
decryptDecrypts the encrypted data in a message reply using the given ancestor private key.
+Any ancestor private key in the key derivation path.
+Static
deriveDerives a descendant private key given an ancestor private key and the full absolute derivation path.
+NOTE: right now only ECIES-ES256K
algorithm is supported for asymmetric encryption,
+so we will only derive SECP256K1 key without additional conditional checks
Static
filterStatic
filterStatic
getGets the DID of the author of the given message.
+Static
getStatic
isChecks if the given message is a RecordsWriteMessage
.
Static
isStatic
normalizeNormalizes the protocol and schema URLs within a provided RecordsFilter and returns a copy of RecordsFilter with the modified values.
+incoming RecordsFilter to normalize.
+a copy of the incoming RecordsFilter with the normalized properties.
+Static
shouldStatic
validateValidates that ancestor derivation path matches the descendant derivation path completely.
+Static
validateValidates the referential integrity of both author-delegated grant and owner-delegated grant.
+Decoded payload of the author signature of the message. Pass undefined
if message is not signed.
+Passed purely as a performance optimization so we don't have to decode the signature payload again.
Optional
ownerSignaturePayload: GenericSignaturePayloadDecoded payload of the owner signature of the message. Pass undefined
if no owner signature is present.
+Passed purely as a performance optimization so we don't have to decode the owner signature payload again.
DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Indexed properties needed for MessageStore indexing.
+Called by JSON.stringify(...)
automatically.
Static
createCreates a RecordsDelete message.
+Static
parseA class representing a RecordsQuery DWN message.
+DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Authorizes the delegate who signed this message.
+Used to check if the grant has been revoked.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
parseDID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Authorizes the delegate who signed this message.
+Used to check if the grant has been revoked.
+Called by JSON.stringify(...)
automatically.
Static
createCreates a RecordsRead message.
+Static
parseA class representing a RecordsSubscribe DWN message.
+DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
Valid JSON message representing this DWN message.
+Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Authorizes the delegate who signed the message.
+Used to check if the grant has been revoked.
+Called by JSON.stringify(...)
automatically.
Static
createStatic
parseA class representing a RecordsWrite DWN message.
+NOTE: Unable to extend AbstractMessage
directly because the incompatible _message
type, which is not just a generic <M>
type.
DID of the logical author of this message.
+NOTE: we say "logical" author because a message can be signed by a delegate of the actual author,
+in which case the author DID would not be the same as the signer/delegate DID,
+but be the DID of the grantor (grantedBy
) of the delegated grant presented.
If this message is signed by an author-delegate.
+If this message is signed by an owner-delegate.
+Valid JSON message representing this RecordsWrite.
+The owner DID of the message if owner signature is present in the message; undefined
otherwise.
+This is the logical owner of the message, not to be confused with the actual signer of the owner signature,
+this is because the signer of the owner signature may not be the actual DWN owner, but a delegate authorized by the owner.
Decoded owner signature payload.
+Gets the signer of owner signature; undefined
if owner signature is not present in the message.
+This is not to be confused with the logical owner #owner of the message,
+this is because the signer of the owner signature may not be the actual DWN owner, but a delegate authorized by the owner.
+In the case that the owner signature is signed by the actual DWN owner, this value will be the same as #owner.
Decoded payload of the signature of this message.
+Gets the signer of this message. +This is not to be confused with the logical author of the message.
+Authorizes the author-delegate who signed this message.
+Used to check if the grant has been revoked.
+Authorizes the owner-delegate who signed this message.
+Used to check if the grant has been revoked.
+Encrypts the symmetric encryption key using the public keys given and attach the resulting encryption
property to the RecordsWrite.
Signs the RecordsWrite, the signer is commonly the author, but can also be a delegate.
+Optional
delegatedOptional
permissionOptional
protocolSigns the RecordsWrite
as the DWN owner.
+This is used when the DWN owner wants to retain a copy of a message that the owner did not author.
+NOTE: requires the RecordsWrite
to already have the author's signature.
Signs the RecordsWrite
as the DWN owner-delegate.
+This is used when a DWN owner-delegate wants to retain a copy of a message that the owner did not author.
+NOTE: requires the RecordsWrite
to already have the author's signature.
Called by JSON.stringify(...)
automatically.
Static
createCreates a RecordsWrite message.
+Static
createCreates the attestation
property of a RecordsWrite message if given signature inputs; returns undefined
otherwise.
Optional
signers: Signer[]Static
createConvenience method that creates a message by:
+Static
createCreates the signature
property in the authorization
of a RecordsWrite
message.
Optional
delegatedOptional
permissionOptional
protocolStatic
fetchFetches the initial RecordsWrite of a record.
+The initial RecordsWrite if found; undefined
if the record is not found.
Static
fetchStatic
getStatic
getComputes the deterministic Entry ID of this message.
+Static
getGets the initial write from the given list of RecordsWrite
.
Static
isChecks if the given message is the initial entry of a record.
+Static
parseParses a RecordsWrite message and returns a {RecordsWrite} instance.
+Static
verifyVerifies that immutable properties of the two given messages are identical.
+A simple single-instance implementation of ResumableTaskStore that works in both browsers and node.js. +Leverages LevelDB under the hood.
+Extends the timeout of the task associated with the task ID provided. +No-op if the task is not found, as this implies that the task has already been completed. +This allows the client that is executing the task to continue working on it before the task is considered timed out.
+ID of the task to extend the timeout for.
+Timeout in seconds from the current time.
+Grabs a number of unhandled tasks from the store. +Unhandled tasks are tasks that are not currently in-flight/under processing (ie. tasks that have timed-out). +NOTE: The implementation must make sure that once a task is grabbed by a client, +tis timeout must be updated so that it is considered in-flight/under processing +and cannot be grabbed by another client until it is timed-out.
+Desired number of tasks to grab.
+A list of tasks exclusive for the caller to handle; or empty array if there is no tasks, or if all tasks are already grabbed by others.
+Reads the task associated with the task ID provided regardless of whether it is in-flight/under processing or not. +This is mainly introduced for testing purposes: ie. to check the status of a task for easy test verification.
+ID of the task to read.
+Registers a new resumable task that is currently in-flight/under processing to the store.
+If the task is timed out, a client will be able to grab it through the grab()
method and resume the task.
Task specific data. This is deliberately of type any
because this store should not have to be ware of its type.
Timeout in seconds from the current time.
+A ManagedResumableTask
object that can be used to extend or delete the task.
Class containing SECP256K1 related utility methods.
+Static
generateGenerates a random key pair in JWK format.
+Static
generateStatic
getGets the public JWK of the given private JWK.
+Static
getStatic
privateCreates a private key in raw bytes from the given SECP256K1 JWK.
+Static
privateConverts a private key in bytes into a JWK.
+Static
publicCreates a compressed key in raw bytes from the given SECP256K1 JWK.
+Static
publicStatic
signSigns the provided content using the provided JWK.
+Static
validateValidates the given JWK is a SECP256K1 key.
+Static
verifyVerifies a signature against the provided payload hash and public key.
+a boolean indicating whether the signature is valid.
+Class containing SECP256R1 related utility methods.
+Static
bytesStatic
generateGenerates a random key pair in JWK format.
+Static
privateCreates a private key in raw bytes from the given SECP256R1 JWK.
+Static
publicStatic
signSigns the provided content using the provided JWK. +Signature that is outputted is JWS format, not DER.
+Static
validateValidates the given JWK is a SECP256R1 key.
+Static
verifyVerifies a signature against the provided payload hash and public key.
+the signature to verify. Can be in either DER or compact format. If using Oracle Cloud KMS, keys will be DER formatted.
+a boolean indicating whether the signature is valid.
+Utility class for generating data for testing.
+Static
createCreates a mock DID resolution result for testing purposes.
+Static
generateStatic
generateStatic
generateStatic
generateGenerates a valid RecordsWrite that modifies the given an existing write.
+Any mutable property is not specified will be automatically mutated.
+e.g. if published
is not specified, it will be toggled from the state of the given existing write.
Static
generateStatic
generateStatic
generateStatic
generateStatic
generateStatic
generateGenerates a encrypted RecordsWrite message for testing.
+Set to true
to attach the symmetric key encrypted by the protocol context derived public key
Set to true
to attach the symmetric key encrypted by the protocol path derived public key
Optional
protocolOptional
protocolProtocol definition used to generate the RecordsWrite.
+Must be the RECIPIENT's protocol definition if encryptSymmetricKeyWithProtocolPathDerivedKey
is true,
+because the recipient's public keys will be needed to encrypt the symmetric key.
Optional
protocolOptional
recipient?: stringStatic
generateGenerates a ProtocolsConfigure message for testing.
+Optional parameters are generated if not given.
+Implementation currently uses ProtocolsConfigure.create()
.
Optional
input: GenerateProtocolsConfigureInputStatic
generateStatic
generateStatic
generateStatic
generateStatic
generateStatic
randomStatic
randomStatic
randomStatic
randomStatic
randomStatic
randomGenerates a random timestamp. Optionally allows you to set specific non-randomized values for the timestamp.
+Optional
options: { Optional
day?: numberOptional
hour?: numberOptional
microsecond?: numberOptional
millisecond?: numberOptional
minute?: numberOptional
month?: numberOptional
second?: numberOptional
year?: numberrandom UTC ISO-8601 timestamp
+Time related utilities.
+Static
createStatic
createCreates a UTC ISO-8601 timestamp in microsecond precision accepted by DWN.
+Options for creating the timestamp.
+Optional
day?: numberOptional
hour?: numberOptional
microsecond?: numberOptional
millisecond?: numberOptional
minute?: numberOptional
month?: numberOptional
second?: numberOptional
year?: numberstring
+Static
getStatic
minimalWe must sleep for at least 2ms to avoid timestamp collisions during testing. +https://github.com/TBD54566975/dwn-sdk-js/issues/481
+Static
sleepStatic
validateDWN SDK error codes.
+Key derivation using the dataFormat
value for Flat-space records.
Key derivation using the schema
value for Flat-space records.
The interface that defines how to store and fetch data associated with a message.
+Fetches the specified data.
+The logical ID of the record that references the data.
+The IPFS CID of the data.
+the data size and data stream if found, otherwise undefined
.
Stores the given data.
+The logical ID of the record that references the data.
+The IPFS CID of the data.
+Retrieves all of a tenant's events that occurred after the cursor provided. +If no cursor is provided, all events for a given tenant will be returned.
+The cursor is a messageCid.
+Returns an array of messageCids that represent the events.
+Optional
cursor: PaginationCursorretrieves a filtered set of events that occurred after a the cursor provided, accepts multiple filters.
+If no cursor is provided, all events for a given tenant and filter combo will be returned. +The cursor is a messageCid.
+Returns an array of messageCids that represent the events.
+Optional
cursor: PaginationCursorThe EventStream interface implements a pub/sub system based on Message filters.
+Deletes the message associated with the id provided.
+Optional
options: MessageStoreOptionsFetches a single message by cid
from the underlying store.
+Returns undefined
no message was found.
Optional
options: MessageStoreOptionsadds a message to the underlying store. Uses the message's cid as the key
+indexes (key-value pairs) to be included as part of this put operation
+Optional
options: MessageStoreOptionsQueries the underlying store for messages that matches the provided filters. +Supplying multiple filters establishes an OR condition between the filters.
+Optional
messageSort: MessageSortOptional
pagination: PaginationOptional
options: MessageStoreOptionsInterface for interacting with the resumable task store.
+Implementer's Note:
+The store implementation used in a horizontally scalable deployment, such as in a Kubernetes cluster,
+must account for concurrent access by multiple ResumableTaskStore
instances.
+It would be undesirable to have many kubernetes pods all trying to handle the same resumable task.
+A minimal viable implementation can use a per tenant exclusive lock on the store when grab()
and method is called.
+This would prevent issues that occur from concurrent modification to the same task to the store,
+but negatively impacts the throughput performance of the DWN.
+Requirements for a more performant implementation that allows distributed processing of resumable tasks across multiple clients:
grab()
and/or open()
implementation will need to copy the timed-out tasks from persistent store into the message queue/service
+for distributed processing by multiple clients when there is no resumable tasks to grab in the message queue.
+During the move, the persistent store should be locked to prevent multiple copies of the same tasks from being copied.delete()
can be called with task ID.Extends the timeout of the task associated with the task ID provided. +No-op if the task is not found, as this implies that the task has already been completed. +This allows the client that is executing the task to continue working on it before the task is considered timed out.
+ID of the task to extend the timeout for.
+Timeout in seconds from the current time.
+Grabs a number of unhandled tasks from the store. +Unhandled tasks are tasks that are not currently in-flight/under processing (ie. tasks that have timed-out). +NOTE: The implementation must make sure that once a task is grabbed by a client, +tis timeout must be updated so that it is considered in-flight/under processing +and cannot be grabbed by another client until it is timed-out.
+Desired number of tasks to grab.
+A list of tasks exclusive for the caller to handle; or empty array if there is no tasks, or if all tasks are already grabbed by others.
+Reads the task associated with the task ID provided regardless of whether it is in-flight/under processing or not. +This is mainly introduced for testing purposes: ie. to check the status of a task for easy test verification.
+ID of the task to read.
+Registers a new resumable task that is currently in-flight/under processing to the store.
+If the task is timed out, a client will be able to grab it through the grab()
method and resume the task.
Task specific data. This is deliberately of type any
because this store should not have to be ware of its type.
Timeout in seconds from the current time.
+A ManagedResumableTask
object that can be used to extend or delete the task.
A signer that is capable of generating a digital signature over any given bytes.
+The name of the signature algorithm used by this signer. +This value will be used as the "alg" parameter in JWS produced. +This parameter is not used by the DWN but is unfortunately a required header property for a JWS as per: +https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.1 +Valid signature algorithm values can be found at https://www.iana.org/assignments/jose/jose.xhtml
+The ID of the key used by this signer.
+This needs to be a fully-qualified ID (ie. prefixed with DID) so that author can be parsed out for processing such as recordId
computation.
+Example: did:example:alice#key1
+This value will be used as the "kid" parameter in JWS produced.
+While this property is not a required property per JWS specification, it is required for DWN authentication.
An interface that gates tenant access to the DWN.
+true
if the given DID is an active tenant of the DWN; false
otherwise
The result of the isActiveTenant() call.
+Optional
detail?: stringAn optional detail message if the given DID is not an active tenant of the DWN.
+true
if the given DID is an active tenant of the DWN; false
otherwise.
Optional
attestationOptional
data?: Uint8ArrayOptional
dataThe data format of the new data. If not given, the data format from the existing message will be used.
+Optional
dateOptional
delegatedThe delegated grant to sign on behalf of the logical author, which is the grantor (grantedBy
) of the delegated grant.
Optional
encryptionOptional
messageOptional
protocolOptional
published?: booleanOptional
signer?: SignerThe signer of the message, which is commonly the author, but can also be a delegate.
+Optional
tags?: RecordsWriteTagsRepresents a RecordsWrite message with encoded data attached.
+The encoded data of the record if the data associated with the record is equal or smaller than DwnConstant.maxDataSizeAllowedToBeEncoded
.
Result of a data store get()
method call if the data exists.
The number of bytes of the data stored.
+Result of a data store put()
method call.
The number of bytes of the data stored.
+DWN configuration.
+Input that describes how data is encrypted as spec-ed in TP18 (https://github.com/TBD54566975/technical-proposals/pull/6).
+Optional
algorithm?: EncryptionAlgorithmAlgorithm used for encrypting the Data. Uses {EncryptionAlgorithm.Aes256Ctr} if not given.
+Initialization vector used for encrypting the data.
+Symmetric key used to encrypt the data.
+Array of input that specifies how the symmetric key is encrypted. +Each entry in the array will result in a unique ciphertext of the symmetric key.
+Intersection type for all concrete message types.
+Input that specifies how a symmetric key is encrypted.
+Optional
algorithm?: EncryptionAlgorithmAlgorithm used for encrypting the symmetric key. Uses {EncryptionAlgorithm.EciesSecp256k1} if not given.
+Key derivation scheme used to derive the public key to encrypt the symmetric key.
+Public key to be used to encrypt the symmetric key.
+Fully qualified ID of root public key used derive the public key to be used to to encrypt the symmetric key. +(e.g. did:example:abc#encryption-key-id)
+Contains a public-private key pair and the associated key ID.
+An managed resumable task model.
+Globally unique ID. Used to extend or delete the task.
+Number of retries
+Task specific data. This is deliberately of type any
because this store should not have to be ware of its type.
Task timeout in Epoch Time.
+MessageEvent contains the message being emitted and an optional initial write message.
+Optional
initialthe initial write of the RecordsWrite or RecordsDelete message
+filters used when filtering for any type of Message across interfaces
+Pagination Options for querying messages.
+The cursor is the messageCid of the message you would like to pagination from.
+Optional
publication?: PermissionConditionPublicationindicates whether a message written with the invocation of a permission must, may, or must not
+be marked as public.
+If undefined
, it is optional to make the message public.
Type for the data payload of a permission grant message.
+Optional
conditions?: PermissionConditionsTimestamp at which this grant will no longer be active.
+Optional
delegated?: booleanWhether this grant is delegated or not. If true
, the grantedTo
will be able to act as the grantedTo
within the scope of this grant.
Optional
description?: stringOptional string that communicates what the grant would be used for
+Optional
requestOptional CID of a permission request. This is optional because grants may be given without being officially requested
+The scope of the allowed access.
+Type for the data payload of a permission request message.
+Optional
conditions?: PermissionConditionsIf the grant is a delegated grant or not. If true
, the grantedTo
will be able to act as the grantedBy
within the scope of this grant.
Optional
description?: stringOptional string that communicates what the grant would be used for.
+The scope of the allowed access.
+Type for the data payload of a permission revocation message.
+Optional
description?: stringOptional string that communicates the details of the revocation.
+The data model for a permission scope.
+A logical grouping of user data used to generate test messages.
+the Elliptic Curve private key value. +It is represented as the base64url encoding of the octet string representation of the private key value +MUST be present to represent Elliptic Curve private keys.
+Denotes if this Protocol Definition can be returned by unauthenticated or unauthorized ProtocolsQuery
.
Optional
$actions?: ProtocolActionRule[]Optional
$encryption?: ProtocolPathEncryptionEncryption setting for objects that are in this protocol path.
+Optional
$role?: booleanIf true, this marks a record as a role
that may used within a context.
+The recipient of a $role record may invoke their role by setting protocolRole
property to the protocol path of the $role record.
Optional
$size?: { If $size is set, the record size in bytes must be within the limits.
+Optional
max?: numberOptional
min?: numberOptional
$tags?: { If $tags is set, the record must conform to the tag rules.
+Optional
$allowallow properties other than those explicitly listed. defaults to false
+Optional
$requiredarray of required tags
+The "crv" (curve) parameter identifies the cryptographic curve used with the key. +MUST be present for all EC public keys
+the x coordinate for the Elliptic Curve point. +Represented as the base64url encoding of the octet string representation of the coordinate. +MUST be present for all EC public keys
+Optional
y?: stringthe y coordinate for the Elliptic Curve point. +Represented as the base64url encoding of the octet string representation of the coordinate.
+Message returned in a query result. +NOTE: the message structure is a modified version of the message received, the most notable differences are:
+Optional
from?: stringInclusive starting date-time.
+Optional
to?: stringInclusive end date-time.
+Ranger filter. 1 condition is required.
+Optional
delegatedThe delegated grant to sign on behalf of the logical author, which is the grantor (grantedBy
) of the delegated grant.
Optional
messageOptional
protocolOptional
prune?: booleanDenotes if all the descendent records should be purged. Defaults to false
.
Optional
dateOptional
delegatedThe delegated grant to sign on behalf of the logical author, which is the grantor (grantedBy
) of the delegated grant.
Optional
messageOptional
pagination?: PaginationOptional
protocolOptional
signer?: SignerData structure returned in a RecordsQuery
reply entry.
+NOTE: the message structure is a modified version of the message received, the most notable differences are:
Optional
encodedThe encoded data of the record if the data associated with the record is equal or smaller than DwnConstant.maxDataSizeAllowedToBeEncoded
.
Optional
initialThe initial write of the record if the returned RecordsWrite message itself is not the initial write.
+Optional
delegatedThe delegated grant to sign on behalf of the logical author, which is the grantor (grantedBy
) of the delegated grant.
Optional
messageOptional
permissionOptional
protocolUsed when authorizing protocol records. +The protocol path to the role record type whose recipient is the author of this RecordsRead
+Optional
signer?: SignerOptional
delegatedThe delegated grant to sign on behalf of the logical author, which is the grantor (grantedBy
) of the delegated grant.
Optional
messageOptional
protocolOptional
signer?: SignerOptional
attestationOptional
data?: Uint8ArrayOptional
dataOptional
dataOptional
dateOptional
dateOptional
delegatedThe delegated grant invoked to sign on behalf of the logical author, which is the grantor of the delegated grant.
+Optional
encryptionOptional
messageOptional
parentMust be given if this message is for a non-root protocol record. +If not given, it either means this write is for a root protocol record or a flat-space record.
+Optional
permissionOptional
protocol?: stringOptional
protocolOptional
protocolOptional
published?: booleanOptional
recipient?: stringOptional
recordOptional
schema?: stringOptional
signer?: SignerThe signer of the message, which is commonly the author, but can also be a delegate.
+Optional
tags?: RecordsWriteTagsCatch-all message reply type. It is recommended to use GenericMessageReply or a message-specific reply type wherever possible.
+Optional
cursor?: PaginationCursorA cursor for pagination if applicable (e.g. RecordsQuery).
+Mutually exclusive with record
.
Optional
entries?: QueryResultEntry[] | ProtocolsConfigureMessage[] | string[]Resulting message entries or events returned from the invocation of the corresponding message.
+e.g. the resulting messages from a RecordsQuery, or array of messageCid strings for MessagesQuery
+Mutually exclusive with record
.
Optional
entry?: MessagesReadReplyEntryA single message entry if applicable (e.g. MessagesRead).
+Mutually exclusive with record
, entries
and cursor
.
Optional
record?: RecordsWriteMessage & { Record corresponding to the message received if applicable (e.g. RecordsRead).
+Mutually exclusive with entries
and cursor
.
Optional
subscription?: MessageSubscriptionA subscription object if a subscription was requested.
+
A tenant gate that treats every DID as an active tenant.
+