eluv-io/elv-client-js

Auth V3 - Implement Reencrypted upload

Closed this issue · 1 comments

elv-arun commented

We need to Implement Reencrypted upload for Auth V3

paulgoleary commented

To be clear here: what we mean is the scenario where someone who is not the owner - but has edit rights - is able to encrypt new parts for an existing content object?

  • So, specifically, there is a CONK that has been created for the KMS. But since the user is not the owner, they don't have their own CONK that holds the content keys.

Current state:

  • The elv-master API GetSymmetricKeyAuth will give the caller the symmetric key of a content object if they have editor or access rights.
  • The elv-master API GetRencKeyAuth will create a re-encryption key only (currently) for a node registered in the space.
  • If I understand this scenario correctly, the user should need the symmetric key and the primary public AFGH key. We don't currently have an API to just get the public key but it's trivial to add.