This repository has been archived by the owner on Dec 18, 2024. It is now read-only.
[Question] Security and storage #88
Labels
Comments
skyne98
changed the title
|
Moving to the Field Manual repo for more details / discussion |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello there, guys!
I am very curious about the security and storage of your DB. As far as I can see, you can give write permissions. However, I am curious about one particular scenario. Let's say, I have a central server that is the main authority. It is designed to be as unimportant and as lightweight as possible, so most of the heavy lifting is done via the p2p data sharing.
The main idea initially was: give write permission to the main server only, leaving everyone basically read-only, while it is offline. However, it sounds too constraining. Are there any other possibilities or better battle-tested patterns? And, also, how secure will the whole system be?
Storage. Let's imagine I am creating Twitter-like service. Each user, message, and other data are stored on the distributed DB, which is the most intuitive way of achieving that. However, it makes me doubt about how feasible this tactic will be on mobile devices, with very limited data bandwidth and RAM. So, the question is, how is data being stored on the network? Does every user download and own the whole database? Or is it smartly split-up into chunks?
Does every user pin and host the database?
Sometimes I start to think that using some hand-written system, written on top of some WebRTC DHT, such as KAD.js might be overall more secure and simple to track problems in. For example, giving the main server a public-private key pair, which will allow it to sign some data pieces, that would be then stored on the client's side. However, it creates a question about data accessibility and sharing.
Thanks!
The text was updated successfully, but these errors were encountered: