-
Notifications
You must be signed in to change notification settings - Fork 11
/
coin.rs
56 lines (48 loc) · 1.81 KB
/
coin.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
use ate::prelude::*;
#[allow(unused_imports)]
use serde::{Deserialize, Serialize};
#[derive(Clone, Serialize, Deserialize)]
struct TrustedRecord {
hidden_data: String,
}
#[tokio::main(flavor = "current_thread")]
async fn main() -> Result<(), AteError> {
// Make the keys that will protect the data
let root = PrivateSignKey::generate(KeySize::Bit192);
let ek = EncryptKey::generate(KeySize::Bit192);
let sk = PrivateSignKey::generate(KeySize::Bit192);
// Create the chain with a public/private key to protect its integrity
let conf = ConfAte::default();
let builder = ChainBuilder::new(&conf)
.await
.add_root_public_key(&root.as_public_key())
.build();
let chain = builder.open(&ChainKey::from("universe")).await?;
// Our session needs the keys
let mut session = AteSessionUser::new();
session.add_user_write_key(&root);
session.add_user_write_key(&sk);
session.add_user_read_key(&ek);
let key = {
// Now create the data using the keys we have
let dio = chain.dio_mut(&session).await;
let mut dao = dio.store(TrustedRecord {
hidden_data: "Secret data".to_string(),
})?;
dao.auth_mut().read = ReadOption::from_key(&ek);
dao.auth_mut().write = WriteOption::Specific(sk.hash());
dio.commit().await?;
dao.key().clone()
};
// Build a new session that does not have the root key
let mut session = AteSessionUser::new();
session.add_user_write_key(&sk);
session.add_user_read_key(&ek);
{
// Only we can read or write this record (and anything attached to it) in the chain-of-trust
let dio = chain.dio(&session).await;
let _ = dio.load::<TrustedRecord>(&key).await?;
}
// All errors in ATE will convert into the AteError
Ok(())
}