Skip to main content

Arcana Store

Arcana offers world-class distributed, decentralized storage and access control for Web3 data. The target audience is dApp developers who need to quickly enable the following for dApp users:

Decentralized Storage for Web3

The Arcana Store is a decentralized, distributed, privacy-preserving, access-controlled data storage system that allows dApp users to own data.

It is built using zero-trust, cutting-edge data encryption algorithms with multi-region support. It provides highly available, and reliable storage that enables data privacy for dApp users. Only the data owner can access the data after the right to access is proven. For regulatory purposes, the dApp developer can choose the storage region as per the dApp requirements. All the data files uploaded by the dApp users will be confined to the configured storage region.

The best part is, onboarding users is super easy.

What this means is, Arcana Store offers simple and easy-to-onboard storage that allows dApp users to be in full control of their data. The choice to share data or transfer data ownership resides solely with the user. To attain data sovereignty, users don't need to bother about managing the cryptographic complexities of handling secret keys. Those are seamlessly managed by the Arcana wallet.

Web3 developers can quickly plug in user data privacy by integrating the dApp with the Arcana Storage SDK, a client-side JS library. To provide a simple Web2-like familiar user onboarding experience, the dApp can also integrate with the Arcana Auth SDK, another client-side JS library. The Arcana wallet is part of the Auth SDK and it is used to sign all blockchain transactions related to the Arcana Store operations.

Data Storage & Access Control

Arcana Network platform offers data storage and access control functionality.

The Arcana Store contains all dApp user data that is uploaded. Any dApp user can upload data to the Arcana Store after authentication. But not every user can access it unless the user has requisite access rights.

Store Functionality

Access Functionality

By default, all data uploaded to the Arcana Store is considered private and access to private data is fully controlled by the data owner. At the time of upload, data class can be specified as public. Unlike private data, public data does not have any access control.

Users can upload the same data file any number of times, irrespective of whether it is public or private.

How does Arcana Store work?

Any authenticated dApp user can upload data to the Arcana Store. However, to download or access data from the Arcana Store, a dApp user must first authenticate and prove their ownership.

Note that this restriction is relaxed for public data. It is accessible by anyone and no authentication is needed.

How Arcana Works (Top level) How Arcana Works (Top level)

When a dApp user uploads a data file into the Arcana Store, it is encrypted by default, split up into several parts, and distributed across all the participating storage nodes in the selected storage region and configured by the dApp developer. Initially, any data file residing in the Arcana Store can only be accessed by the owner. Owners have full control over their data and can decide who to share it with, for how long and when to revoke access, delete the data, or change data ownership.

Several key components of the Arcana Network platform work together to provide the resilience, security, and data privacy required by the Arcana Store. These components include the distributed key generator (DKG, a storage gateway), and a set of upgradable smart contracts that are deployed on the Arcana blockchain to manage storage operations.

The following section covers various storage operations supported by the Arcana Store.

Data Upload

Every data file uploaded by an authenticated dApp user is associated with a cryptographic key (managed by the Arcana DKG). Using this cryptographic key, file data is encrypted, split into multiple chunks, and stored on several nodes, in a region chosen by the dApp developer. Each cryptographic key itself is split into multiple parts and stored on different DKG nodes. After a successful upload, each data file is assigned a unique identifier called DID. By default, all data is encrypted and private.

It is possible to classify the data as 'public' at the time of upload. Public data is not encrypted and can be accessed by anyone with no authentication, as long as the user has access to the file DID.

See here for various Arcana Network platform component interactions that ensure data encryption data integrity, privacy, and security during upload.

Data Download

An authenticated dApp user must prove data ownership before they can download it. The storage gateway node interacts with the blockchain and DKG nodes to prove ownership. Once proven, requisite keys for decrypting the file are given to the client and the file is decrypted on the client's machine.

In the case, of public files, anyone can download the data. There is no need for authentication and proving ownership.

See here for various Arcana Network platform component interactions that ensure data is decrypted, and data integrity, privacy, and security are maintained at download.

Share & Revoke Access

An authenticated dApp user must prove data ownership before sharing it with another user or revoking access. The storage gateway node interacts with the blockchain and DKG nodes to prove ownership. Once proven, the access control list of the data file is updated accordingly in the database. This database update happens only after secret verification using the blockchain.

See here for various Arcana Network platform component interactions that ensure data integrity, privacy, and security are maintained while sharing/revoking access.

Delete Data

An authenticated dApp user must prove data ownership before deleting it. The storage gateway node interacts with the blockchain and DKG nodes to prove ownership. Once proven, the gateway interacts with Storage nodes to delete the file segments from all the storage nodes as per the dApp storage region configuration.

See here for various Arcana Network platform component interactions that ensure data integrity, privacy, and security are maintained while deleting the file.

Change Ownership

An authenticated dApp user must prove data ownership before transferring the data file ownership to another user. The storage gateway node interacts with the blockchain and DKG nodes to prove ownership. Once proven, the access control list of the data file is updated in the database for ownership change. This database update happens only after secret verification using the blockchain.

See here for various Arcana Network platform component interactions that ensure data integrity, privacy, and security are maintained while deleting the file or changing data ownership.

Using Arcana Store

You can build privacy-preserving dApps by integrating the Arcana Network platform.

At a minimum, to use Arcana Store, developers need to interact with three components:

Before integrating your dApp code, ensure that the dApp is registered and configured for storage limits and user experience settings by using the Arcana Developer Dashboard.

<StorageSDKName/> Diagram <StorageSDKName/> Diagram

Configuration

You can access the Arcana Developer Dashboard and register your dApp first. It is recommended that you use the Arcana Auth SDK and the embedded Arcana wallet to sign blockchain transactions required for performing various storage operations that require access control.

The dashboard can be used to configure both the storage usage as well as the user experience for signing blockchain transactions.

If you do not wish to use the Auth SDK, you can use any supported third-party web wallet and configure it for Arcana Network. See third-party wallet configuration guide for details.

Once the configuration is done using the dashboard, a unique application identifier or App Address is assigned to each dApp. Make a note of it as you will require it during initialization of the Arcana Storage SDK.

Initialization & Usage

As a prerequisite to integrating the dApp with the Storage SDK, the developers must register and configure the dApp to obtain a unique identifier, the App Address.

Also, the dApp must have access to the standard EIP 1193 Ethereum provider required for signing storage operations related to blockchain transactions. This provider can be obtained via the Arcana Auth SDK integration or through one of the supported third-party Web3 wallet providers.

Install and import the Storage SDK. Initialize the StorageProvider using the App Address and the Web3 wallet provider.

import { StorageProvider } from '@arcana/storage';
//You need to initialize StorageProvider in your dApp code only once
//Use the same initialized instance across dApp functions.
dAppStorageProvider = await StorageProvider.init({
// Use the App Address obtained via the Arcana Dashboard
appAddress: ARCANA_APP_ADDRESS,
email: user_email_string, //optional
chainId: 100, //optional
provider: 'window.arcana.provider', //optional
// use 'window.arcana.provider', if using the Auth SDK
// or use 'window.ethereum' if using a third-party wallet
});

Now you can use the StorageProvider object methods such as upload, download, share, revoke access, delete and transfer ownership in your dApp.

await dAppStorageProvider.upload(file, {
onProgress: (bytesUploaded, bytesTotal) => {
console.log('Progress:', ((bytesUploaded / bytesTotal) * 100).toFixed(2), '%')
}
}).then((did) => console.log('File successfully uploaded. DID:', did)).catch(e => console.error(e));

It is simple and easy, just a single line of code to share the file!

// did: DID of file from which access is removed
// address: Address of the user with whom file access is shared
await dAppStorageProvider.files.share(did, address);

For more details, check out the Storage SDK Quick Start Guide, Usage Guide, SDK Reference Guide, and several other developer resources such as code samples, and tutorial videos in the documentation home.

Use Cases

Arcana Store is perfect for Web3 dApps that need to store data, typically data that is written once, rarely updated, and read multiple times (WORM-write once read many).

It is not well suited for mutable or frequently changing dApp user data. Applications that require uncensored data storage, always available, cryptographically robust, secure access, and fully controlled by data owners, spread across geographic regions or multiple nodes in a specified region, and can easily use Arcana Store.

Arcana Store provides dynamic and flexible data storage and access. It is dynamic in the sense that every data upload can be classified as public or private. If the use case requires strictly access-controlled data and some public data, it can be addressed easily.

If the dApp use case requires that any digital asset can be transacted solely by the data owner by scheduling the asset sale to the highest bidder, Arcana Store can handle such a use case. The asset can be listed in a public marketplace and the owner is not necessarily required to be online to make the transaction. Arcana Store is equipped to handle ownership changes for all private assets. It can manage unique private NFTs across such transactions.

Here are a few common use cases:

  • Store private data - for example, a legal document, a personal will shared with the executors and access controlled, super confidential sales data, etc.
  • Store any access-controlled data, for example, company confidential information
  • Media Storage - images, artwork, music, music sheets, movies, videos, drawings, templates, creative content
  • Create, store and manage private NFT digital assets, multiple copies of sellable training modules with the same content, etc.
  • Store any executables, programs, or algorithms with unique implementations that are digital assets
  • Streaming data - for example, a decentralized Twitter feed
  • Store dApp user data that could either be public or private as selected by the dApp user.
  • Store any digital asset of any size
note

If your use case is not listed in this list above, but you would like to try out Arcana Store, contact us.

Future

At present, Arcana Store functionality can be accessed by dApps through a client-side JS SDK. We are working on the server-side Golang library as well.

The Arcana Store data access management can be delegated by the dApp users to a delegate, say the dApp developer, for better scalability and ease. We are working on piping hot new features to enable newer dApp use cases. Stay tuned!