MultiChain data streams

For shared immutable key–value and time series databases

MultiChain streams enable a blockchain to be used as a general purpose append-only database, with the blockchain providing timestamping, notarization and immutability. A MultiChain blockchain can contain any number of streams, where the data published in every stream is stored in full or referenced by a hash inside transactinos. If a node chooses to subscribe to a stream, it will index that stream’s contents in real-time to enable efficient retrieval in various ways.

Each stream is an ordered list of items, with the following characteristics:

• One or more publishers who have digitally signed that item.
• One or more keys between 0 and 256 bytes in length, to allow efficient retrieval. (In MultiChain 1.0, only one key is allowed per item.)
• Some data in JSON, text or binary format, which can be on-chain (embedded in the transaction) or off-chain (represented by a hash in the transaction). (In MultiChain 1.0, only on-chain binary data is supported).
• Information about the item’s transaction and block, including its txid, blockhash, blocktime, and so on.

Stream filters can also be coded to define custom validation rules for items in the stream (not in MultiChain 1.0).

Like native assets, MultiChain streams can be referred to in any of three ways:

• An optional stream name, chosen at the time of stream creation. If used, the name must be unique on a blockchain, between both assets and streams. Stream names are stored as UTF-8 encoded strings up to 32 bytes in size and are case insensitive.
• A createtxid, containing the txid of the transaction in which the stream was created.
• A streamref which encodes the block number and byte offset of the stream creation transaction, along with the first two bytes of its txid.

If root-stream-name in the blockchain parameters is a non-empty string, it defines a stream which is created with the blockchain and can be written to immediately. The root stream’s createtxid is the txid of the coinbase of the genesis block, and its streamref is 0-0-0.

For more background on streams, please see the blog posts on introducing streams, MultiChain 2.0 enhancements and off-chain data.

Permissions in streams

Streams are created by a special transaction output, which must only be signed by addresses which have the create permission (unless anyone-can-create is true in the blockchain parameters). This is easy to do using the create command in multichain-cli or the JSON-RPC API. The stream’s creator automatically receives admin, activate and write permissions for that stream. It is not possible to create more than one stream in a single transaction, or to combine stream creation with initial or follow-on asset issuance.

Stream do not yet have effective read permissions. (Even if these were implemented at the level of MultiChain’s API, the stream data could still be read directly from the network or each node’s disk drive.) For now, read permissions in a stream can be managed through application-level encryption of each item’s data, with decryption keys distributed as appropriate – see this tutorial. Look out for more functionality in this area soon.

Each stream item is encoded in a single transaction output (see below), which is easy to create using the publish command. A single transaction can write to multiple streams atomically using the publishmulti command in MultiChain 2.0, or raw transactions in MultiChain 1.0 or 2.0. The publishers of a stream item are defined by the addresses used in the inputs which signed the output containing that item. If an input spends a pay-to-scripthash (P2SH) multisig output, the P2SH address is considered as the item publisher, independent of the actual public keys used in the input.

When a stream is created, it is either open or closed. Any address can publish items into an open stream, subject to the usual restriction that the address used in each input of a transaction must have global send permissions. In closed streams, every publisher of a stream item must have write permission for that stream, or the item and its transaction are not valid. The write permission for an address can be modified in a permissions transaction signed by an address with per-stream admin or activate permissions, while admin or activate permissions can be changed by those with per-stream admin permissions only.

For the root stream, the creator of the chain’s first genesis block automatically receives admin, activate and write permissions. The root stream is open for general writing if the root-stream-open blockchain parameter is true.

Streams in transaction data

For regular use of MultiChain, you can ignore the technical details below. They are only relevant if you want to work with the raw data within MultiChain transactions. Note that you can also use the raw transactions APIs to encode and decode this information.

Stream creation outputs

A transaction output creates a stream if it contains the following, followed by an OP_DROP (0x75) and OP_RETURN (0x6a):

Below is a list of special property keys used in the above structure (all are optional):

Stream item outputs

A transaction output containing an on-chain stream item has the following structure:

stream-identifier OP_DROP [item-key OP_DROP, ...] (item-format OP_DROP) OP_RETURN item-data

A transaction output containing an off-chain stream item has the following structure:

stream-identifier OP_DROP [item-key OP_DROP, ...] offchain-descriptor OP_DROP OP_RETURN

In either case, the stream-identifier has the following structure:

And each item-key has the following structure:

For on-chain items, the optional item-format has the following structure: (otherwise the data is assumed to be raw binary)

For on-chain items, the item-data has no prefix and is embedded directly after the OP_RETURN. If the data format is text, it uses UTF-8 encoding. If the data format is JSON, it is serialized in the UBJSON format.

For off-chain items, the offchain-descriptor has the following structure: