Closed draeder closed 2 years ago
I think I found my answer in content addressing. I was so focused on the immutable links portion that I completely overlooked that I could do this:
gun.on('auth', async ack => {
console.log('Authenticated')
let data = JSON.stringify({hello: "world"})
let hash = await SEA.work(data, null, null, {name: "SHA-256"})
gun.user(ack.soul).get('#').get(hash).put(data)
gun.user(ack.soul).get('#').get(hash).once(console.log)
let badGuy = await gun.get('~'+ack.soul).get('#').get(hash).put("hi")
console.log('badGuy', badGuy)
let afterBadGuy = await gun.get('~'+ack.soul).get('#').get(hash)
console.log('afterBadGuy', afterBadGuy)
})
I and other users have been struggling with and debating this issue on the chat for some time. There does not appear to be an obvious or tenable solution to this dilemma.
To me, it would seem that any data written by an authenticated user to their own graph, including any object subkey values should be immutable to all but the original author.
An authenticated user puts an object to his graph:
This returns as expected:
However, a non-authenticated user can overwrite the object keys' data:
This will then return
null
:And so will this: