Irys
Last updated
Last updated
This three-step guide explains how to integrate TACo with , thereby enabling end-users to flexibly share/access encrypted data uploaded to permanent storage on . There are plenty of reasons to combine these technologies. Irys's sub-millisecond upload & data egress can be parallelized with TACo's low-latency decryption flow, ensuring rapid access to shared data. Provenance features like transaction receipts and cryptographic proof-of-time are fully compatible with TACo and are equally (or arguably more) important for sensitive information and messages. Broadly, integrating Irys & TACo offers long-term sovereignty to end-users – i.e. that their private data will remain accessible to qualifying devices forever.
Governance. Generate tamper-proof, timestamped records of voting activity, enhancing transparency and reducing trust assumptions.
Connected Vehicles. Store sensitive real-time vehicle diagnostics and geolocation data, such that the data stream is instantly available when required (e.g. while driving) but not leaked beyond known and legitimate recipients (e.g. a smart city traffic system).
Private NFTs. Move beyond the status quo of symbolic receipts stored on centralized platforms, to a world where one owns the decryption rights to a movie, track, in-game asset, or piece of art – trustlessly and in perpetuity.
Check out this , an intuitive mini-app that demonstrates the power and simplicity of using Irys & TACo in concert. Images are encrypted via the TACo API and stored on-chain via Irys. To view the images, users must prove they hold special-purpose NFT.
From the data consumer's perspective, we now use the receiptID
to find and retrieve the encrypted payload via an Irys gateway. Note that the same data identifier works with Arweave gateways.
Finally, we prove we own a wallet that this wallet holds the correct NFT, retrieve fragments of decryption material from TACo nodes, assemble these fragments locally, and decrypt the payload. All of these steps are contained in the decrypt()
function below.
As noted, the parameters specified in this guide are for testing and hacking only. For real-world use cases where uploaded data should remain private & permanent, production versions of Irys & TACo are required:
First, we initialize the taco-web
.
As the data producer, we create an access condition. Here we use the simple condition ownsNFT
– data consumers must prove ownership of a specific ERC-721 NFT in order to gain decryption material pertaining to the encrypted message. More on condition types .
We encrypt the message using the ownsNFT
condition, specifying the aforementioned testnet domain
and ritualID
, and a standard web3 provider/signer. The output of this function is a messageKit
– a payload containing both the encrypted data and embedded condition metadata necessary for a qualifying data consumer to decrypt the message. Finally, we convert the messageKit
to a hex string format, which will help us upload it via Irys in a single transaction.
This guide utilizes the parameters ritualId = 6
and domains.TESTNET
. These refer to an open DKG public key and hacker-facing stable testnet respectively. Although fully functional and up-to-date with Mainnet, this development environment is not decentralized and unsuitable for real-world sensitive data. For more information, see the .
First, we connect to an Irys node. This requires funding a wallet with any of the devnet supported by Irys. In this example, we're using Polygon (Amoy) MATIC.
We then construct a single JSON object from the encryptedMessageHex
. We can now upload the encrypted data to Arweave, which will be retrievable once an Irys has indexed the data. This is identifiable via the receiptID
, which is provided to the data consumer via a side-channel.
For Irys, connect to a Mainnet Node rather than a Devnet node. This requires a wallet with any of the supported Mainnet payment tokens.
For TACo, a funded Mainnet ritualID
is required – this connects the encrypt/decrypt API to a cohort of independently operated nodes and corresponds to a DKG public key generated by independent parties. A dedicated ritualID
for Irys + TACo projects will be sponsored soon. Watch for updates here or in the Discord channel.