What if some application want to replace /directory which has already maintained by another application ?
It technically can’t – the root directory for an app is derived from the app’s private key, which is derived from its domain (i.e. myapp.com
). If it were to “replace” the other app, then it would have to have the same domain, or use a type of collection (which isn’t implemented yet).
Is there a way to get full URL to send GET (POST) request (in postman for example) to get application data ?
yes - if you have the app bucket, you can use this:
GET https://gaia.blockstack.org/hub/{bucket address}/{path}
If it’s not the official gaia hub, use {gaia address}/hub_info
and use the read_url_prefix
from that instead of gaia.blockstack.org/hub/
e.x.:
https://hub.blockstack.org/hub_info returns
{
"challenge_text":"[\"gaiahub\",\"0\",\"storage2.blockstack.org\",\"blockstack_storage_please_sign\"]",
"latest_auth_version":"v1",
"read_url_prefix":"https://gaia.blockstack.org/hub/"
}
and using that with an identity-bucket-address and the profile.json filename:
https://gaia.blockstack.org/hub/126EcTCb6sZ54xv8jpLvhWPUGeDWZ4LuMy/profile.json
Granted, if it is encrypted you will have to decrypt your own data using your private key to generate the app’s private key, etc etc… and the bucket address is different per user. So it’s not fun to migrate yourself, and it’s impossible to migrate others, if that’s what you are trying to do.
I just wanna understand how it works)
- What is the signature in profile.json ?
- How app address is generated ? (What function to use)
The signature in the profile.json
is just the JSON Web Token signature that is created via the browser. You can learn about JWTs here: https://jwt.io/ .
Start with the master keychain (from your account’s recovery phrase mnemonic):
- Derive (hardened) by 888 (I believe it’s an index but can’t recall correctly), and then derived (hardened) again by 0 – this gets you the identity keychain.
- Derive (hardened) by the identity index (for the root identity, this is 0) to get that particular sub-identity’s keychain.
a) Create a salt as well, which is made by sha256 hashing the identity public key (the root one, not the sub- one), transforming it into a hex string. - Derive (hardened) the sub-identity’s keychain by 0 to get the “Apps Node” keychain.
- Create a sha256 hash of the (appDomain + salt from 2a), and transform it into hex
- Take this hash and transform it through this function to create an app index:
function hashCode(string) {
let hash = 0;
if (string.length === 0) return hash;
for (let i = 0; i < string.length; i++) {
const character = string.charCodeAt(i);
hash = (hash << 5) - hash + character;
hash = hash & hash;
}
return hash & 0x7fffffff;
}
- Take the resulting app index and derive (hardened) the “Apps Node” keychain by this number.
Congratulations, you now have the app keychain, which contains both the private and public keys. The app address is made via transforming the public key through p2pkh
, I forgot exactly how but yes.
That’s how it works, if you can understand this – it’s a lot of bitcoin deriving and whatnot.
If you want to see it in practice, I made Mercurius to do all of this automatically and allow you to download your app’s information – and even those files that are encrypted get decrypted by the app for you!
What does value field in profile.json -> app files correspond to ?
What URL to use to get user’s data that correspond to specific app ?
Is this information in official docs ?
These are apps that requested the publish_files
scope when authenticating, so they have a link between their app domain and the bucket they own (for other users to know what bucket to access within the app).
Get the app’s bucket and use the url I specified above.
For deriving the app key? No, that’s in the blockstack-browser
source code. For the profile.json jwt? Not that I know of, as it’s mostly internal stuff that modifies, signs, and verifies the integrity of it.
Does application have own storage ? What is the bucket address for application, why we need this ?
When I try to get https://gaia.blockstack.org/hub/{app bucket address}/ I get error - The specified blob does not exist.
what is the app bucket address you are using?
I don’t feel like you understand how blockstack works quite well. Every user generates each app their own, unique bucket where only the app can write to when the user is signed into it. Every bucket address is unique (even among all users), and can only be created using the user’s private key and app’s domain.
I cannot recall specifically why it was done this way, but I’m sure it’s in a FAQ somewhere. The team behind Blockstack doesn’t do things trivially, I know that for certain.
How can i get My own bucket address; Thanks so much…
A bucket address is generated when the application is authenticated with the Blockstack Browser. You generally don’t mess with this application side, but you can look at the network requests in the browser developer tools when you make a putFile
call from blockstack.js
to see it at work.
Thanks Got it;