• Story Points:


      1. Remove `user_root_dir` from the account packet - we don't need it now that we have fine-grained access control for Mutable Data.

      2. Instead, consider having a separate `access_container` entry in the account packet (instead of storing it indirectly in the config dir).

      3. Also consider removing the config dir too (or naming it e.g. "apps dir", if we store only the apps infos there)

      4. Instead of storing containers info in the user's root dir, store them in the access container with the `authenticator` key (encrypted with a user's key so that apps can't read the entry contents). Updating containers with new encryption info should be a single atomic operation while revoking an app.

      5. Refactor std dirs creation in `safe_authenticator`. Make sure that MDataInfo for standard dirs is stored in the account packet before actual dirs are created with `PutMData`, so that a user's account balance won't be wasted with failed operations. I.e. if you need to create dirs A, B, C and only dirs A & B are created successfully, make sure that only C is attempted to be created again on a subsequent operation recovery during user's login)

      6. Update `safe_authenticator` to use the new access container structure.

      7. Update relevant tests.

        Gliffy Diagrams




              • Assignee:
                nikita.baksalyar Nikita Baksalyar
                nikita.baksalyar Nikita Baksalyar
              • Votes:
                0 Vote for this issue
                1 Start watching this issue


                • Created: