Smart Vault

A Decentralised Datastore for Private Groups

Introduction

The Smart Vault is a decentralized datastore for private files.

Users of Smart Vault enabled applications, benefit by having true ownership and sovereignty of their data, eliminating the risk of relying on third-party data storage where personal information can be lost, hacked or sold onto others.

Smart Vault applications are decoupled from the data they produce and consume and are instead connected to a universal source of truth, a network of Smart Vaults that hold the latest version of permissioned data. This eliminates vendor lock-in and information going stale and out of date between applications.

What is the Smart Vault?

The Smart Vault is a decentralized datastore with privacy controls. What makes the Smart Vault unique is its peer-to-peer design for transmitting data directly to other authorized Smart Vaults and its security model that uses smart contracts for managing a decentralized Access Control List (ACL) of permissions for a file. Using the Smart Vault, a data owner can share a file directly to members within a peer-to-peer private group or vendors can sell content in a peer-to-peer network of consumers in exchange for payment that is managed by a smart contract.

Applications can use the Smart Vault to:

  • Sell digital content (e.g. video, music, images).

  • Transfer ownership of digital assets (e.g. and titles, vehicle registrations).

  • Track and trace a product in a value chain (e.g. a food supply chain).

  • Share confidential information directly between members of a private group.

  • Transmit self-sovereign identity claims.

  • Source always up to date product, user information and activity.

The Benefits of Using the Smart Vault

Eliminate the Cost of Blockchain Storage.

Storing data on the blockchain is both impractical and expensive. By using the Smart Vault you can store your application's state information on a decentralized datastore that is managed by smart contracts. Storage costs are eliminated since users of your application store and manage data within a Smart Vault that they own.

Eliminate Data Liability.

As a developer, you must ensure that your application complies with data privacy laws such as GDPR and CCPA regulations when handling the personal data of users. By letting users store and manage data using a Smart Vault, you eliminate your compliance burden and the liability associated with protecting and securing this sensitive data.

Create Decentralized Private Groups.

The Smart Vault provides applications with granular control for accessing data. No one can access data unless they are granted permission, including access to the data in encrypted format. The data owner always has control over who has access, when access was approved and they can revoke access to anyone at any time. Note: Some decentralized datastores provide data privacy by solely using encryption and storing the information publicly without access controls. The encrypted data is available to anyone to download, regardless of having permission or not. This method leaks information about the encrypted data and the data owner.

Sell Content. Transfer and Track Assets.

‌The Smart Vault enables you to develop peer-to-peer business models for selling digital content and transferring assets. Digital content (video, music, art, games) can be sold by content producers in a peer-to-peer manner giving greater control and a reduction in cost. The sale and transfer of ownership of digitized assets (e.g. land titles, vehicle registrations) can also be executed directly between parties without requiring an intermediary.

How Does it Work?

Data is stored in a distributed manner by Smart Vault nodes that have been granted permission. Data owners manage access permissions using smart contracts.

IPFS Distributed Storage

The Smart Vault uses the InterPlanetary File System(IPFS) an open standard for storing and transmitting data in a distributed manner. The IPFS protocol provides high redundancy and availability of data by multiple computers hosting and serving the same file in parallel to applications. Applications retrieve files using an addressing scheme that is based on the content of the file rather than its location. The IPFS protocol provides a paradigm shift from traditional application design where one entity usually hosts all user information and content that it needs.

The Smart Vault extends the IPFS protocol so that files are only transmitted to other Smart Vault nodes that have been authorized to access the protected data.

The default IPFS protocol has no security mechanism for restricting access to data. The Smart Vault extends the IPFS protocol with a security layer for controlling access to protected data.

Distributed Peer-to-Peer Transmission

A file that is stored in a Smart Vault is broken into blocks of data. When a block of data refers to a protected file, transmission of the block will only be permitted by verifying that the blockchain account requesting the data has been authorized.

Data blocks are transmitted in a peer-to-peer manner between nodes such that a Smart Vault will receive data in parallel from multiple Smart Vault nodes at the same time. This redundancy ensures that access to the data will still be available when a Smart Vault is offline.

Ethereum Smart Contract Permissions

The Smart Vault can integrate with the Ethereum mainnet or any Ethereum-compatible blockchain such as Lightchain. Permissions to access a file are managed by a smart contract that is controlled by the data owner. A user could have multiple blockchain accounts associated with their Smart Vault node.

Smart contracts enable the management of file access permissions in a decentralized manner. They provide granular control when granting permissions to a single entity or a private group.

Smart contracts also ensure transparency and traceability for when, by whom, and to who permission was granted.

Demonstration

You can see a demonstration of the Smart Vault as follows:

Security Issues and Disclosures

The Smart Vault and its implementations are still in heavy development. The Smart Vault has been developed using open source software in particular IPFS which is is currently not production ready. This means that there may be problems in our software or the underlying software, or there may be mistakes in our implementations. We take security vulnerabilities very seriously. If you discover a security issue, please bring it to our attention right away!

If you find a vulnerability that may affect live deployments -- for example, by exposing a remote execution exploit -- please send your report privately to support@ipfs.io. Please DO NOT file a public issue.

If the issue is a protocol weakness that cannot be immediately exploited or something not yet deployed, just discuss it openly.