How does stronghold work? | Tauri Apps | Page 1

copper flume Aug 28, 2023, 6:28 PM

#

I'm confused on how https://github.com/tauri-apps/tauri-plugin-stronghold#v1 works. Whats the difference between a Stronghold vs a Client vs a Vault and what are all these paths for?

GitHub

GitHub - tauri-apps/tauri-plugin-stronghold: [READ ONLY] This repos...

[READ ONLY] This repository is a mirror, for issue tracking and development head to: https://github.com/tauri-apps/plugins-workspace - GitHub - tauri-apps/tauri-plugin-stronghold: [READ ONLY] This ...

copper flume Aug 29, 2023, 6:11 PM

#

anybody...?

outer fiber Aug 30, 2023, 6:50 AM

#

The plugin is a wrapper for IOTA Stronghold, a Rust-based secrets library. A Stronghold is an instance of a Snapshot. A Snapshot is the encrypted storage format of the data, hence the need for a path and password for the load function that the plugin provides. A Client is the interface and a form of identity which restricts access to the data in the Vault to that client. A Vault is the secure database where the secure secrets are. A Store is a quicker key-value storage which is only encrypted by the Snapshot, meaning it is available to anyone who has the password.

copper flume Sep 2, 2023, 4:51 AM

#

outer fiber The plugin is a wrapper for [IOTA Stronghold](<https://wiki.iota.org/stronghold....

could you give a practical example of how it works

#

because there are passwords everywhere and I'm not sure what methods I should and should not be using

outer fiber Sep 2, 2023, 4:53 AM

#

By practical, do you mean example code or just a real-world scenario?

copper flume Sep 3, 2023, 5:49 AM

#

outer fiber By practical, do you mean example code or just a real-world scenario?

code

outer fiber Sep 5, 2023, 1:37 PM

#

async function stronghold_example() {
  let stronghold_path = await join(BASE, "stronghold");

  // Hard-coding passwords is a terrible practice. Prompt the user for the password instead.
  let stronghold = await Stronghold.load(stronghold_path, "internal-use-only-never-share-it");

  let client = await stronghold.createClient("client_identifier");

  let vault = client.getVault("vault_identifier");

  await vault.insert("record_identifier", [97, 98, 99]);

  // Secrets can't be read from the vault, only removed by their key.
  vault.remove(Location.generic("vault_identifier", "record_identifier"));

  let store = client.getStore();
  const STORE_ITEM_ID = "store_item_identifier";

  let expire_after = { secs: 5, nanos: 0 };
  await store.insert(STORE_ITEM_ID, [97, 98, 99], expire_after);

  await stronghold.save();

  let store_value = await store.get(STORE_ITEM_ID);
  console.log("store value", store_value);

  // Wait 5 seconds for store entry to expire.
  await new Promise((res) => setTimeout(res, 5000));

  let store_value_expired = await store.get(STORE_ITEM_ID);
  console.log("store value expired", store_value_expired);

  await stronghold.unload();
}

#

The author of the Rust library has made an excellent video explaining the concepts it provides: https://www.youtube.com/watch?v=pd-XWaGLIck

YouTube

Tensor Programming

Rust Library Overview - IOTA Stronghold

#Rust #IOTA #TensorProgramming

In this video, I talk about one of my recent projects, stronghold. I go over the different crates and discuss how they work and what they do.

Source Code: https://github.com/iotaledger/stronghold.rs
Blog Post about Stronghold: https://blog.iota.org/iota-stronghold-6ce55d311d7c
Stronghold Retrospective: https:...

▶ Play video

warm bone Oct 8, 2023, 11:46 AM

#

Hi @outer fiber, can you give me an exmaple for rust with stronghold. I want to move all important logic to rust to get the best performance.

#How does stronghold work?