stream permission issues

+2 votes
will we able to prevent the subscribtion to the streams created by another node? Right now, when I create a stream using option "false" it does restrict the second node from publishing, but they can see the streams created using the liststreams command and also subscribe to them thereby giving access to the data posted in that stream
asked Sep 21, 2016 by Rajasekhar

1 Answer

+2 votes

No, I'm afraid it's not possible to restrict who can subscribe to and read a stream. This is a characteristic of blockchains themselves. Even if we restricted stream reading within the MultiChain software, every node has a full copy of the blockchain on disk, and that includes all of the stream's contents, so the users could find another way to extract the contents. As taken from our blog post on streams:

Confidentiality is the biggest challenge in a large number of blockchain use cases. This is because each node in a blockchain sees a full copy of the entire chain’s contents. Streams provide a natural way to support encrypted data on a blockchain, as follows:

  1. One stream is used by participants to distribute their public keys for any public-key cryptography scheme.
  2. A second stream is used to publish data, where each piece of data is encrypted using symmetric cryptography with a unique key.
  3. A third stream provides data access. For each participant who should see a piece of data, a stream entry is created which contains that data’s secret key, encrypted using that participant’s public key.

This provides an efficient way to archive data on a blockchain, while making it visible only to certain participants.

answered Sep 21, 2016 by MultiChain