Skip to content

External Storage

External Storage is a feature which allows blockchain users to maintain and verify records on the blockchain while actually storing their files externally. This has the benefit of creating an immutable record of the file, by reference, and the related credentials and attestations, while at the same time not clogging the blockchain with large video or media files or external datasets which could (over time) affect blockchain performance. Currently, the storage mechanism utilized by External Storage is Amazon (AWS) S3, and to be able to upload data, one or more users will need an AWS S3 account, with the appropriate permissions settings configured.

Setup AWS S3 Credentials

To enable external storage feature on the STRATO node or network, see the Deployment: External Storage section.

Additionally, the administrator of the STRATO node/network will need to have administrator permissions on the AWS S3 bucket that is being utilized by STRATO. By enabling the feature in STRATO, the AWS S3 bucket will be able to provide one-time links to users for the S3 buckets based on STRATO permissions.

Upload File to S3

To upload a file to an AWS S3 bucket and create a smart contract with the URI of the file on S3, you can use the following curl command:

curl -X POST "http://<your_ip_address>/apex-api/bloc/file/upload" -H "accept: application/json;charset=utf-8" -H "Content-Type: multipart/form-data" -F "username=<your_username>" -F "password=<your_password>" -F "address=<your_user_address>" -F "provider=s3" -F "metadata=<your_description>" -F "[email protected]<path_to_your_file>;type=image/png"

This allows a user to cryptographically prove that the file was uploaded to S3 at a specific date. If the file is uploaded successfully, we'll get a response with the address of the smart contract that is storing our file.

{
  "contractAddress": "0x123456789",
  "URI": "`...`",
  "metadata": "a sample video on s3"
}

Attest Legitimacy of File

This endpoint can be used to sign a method in the smart contract to attest the legitimacy of the uploaded file on S3.

curl -X POST "http://<your_ip_address>/apex-api/bloc/file/attest" -H  "accept: application/json;charset=utf-8" -d  "ea5e32eff6edcfa1da15a124b73c6995096799a7"

This returns a JSON with a list of addresses that have signed the contract:

{
  "signers": [
    {
      "1": "0x123456",
      "2": "0x246810",
      "3": "0x235711"
     }
  ]
}

Get Signers of File

This endpoint returns the list of users who have attested the legitimacy of the stored resource.

curl -x GET "http://localhost/apex-api/bloc/file/verify"
    -H  "accept: application/json;charset=utf-8"
    -d  "ea5e32eff6edcfa1da15a124b73c6995096799a7"

We'll get a JSON response with the list of addresses who have attested the legitimacy of the stored resource.

{
  "uri": "0123456",
  "timestamp": "02182018_2253",
  "signers": [
    {
      "1": "0x123456789",
      "2": "02468101214"
    }
  ]
}

Download Stored File

We can download the file from S3 with this endpoint:

curl -X POST "http://<your_ip_address>/apex-api/bloc/file/download" -H  "accept: application/json;charset=utf-8" -d  "ea5e32eff6edcfa1da15a124b73c6995096799a7"

This will immediately begin download of the stored resource to the user's computer.

External Storage Smart Contract

Every time a file is uploaded using this feature, the STRATO platform creates an onchain smart contract to store the hash of this file and the various attestations. The contract has the following form:

contract ExternalStorage {
    string public fileKey;
    string public uri;
    string public host;
    string public fileHash;
    address[] public signers;
    uint public timeStamp;
    string public metadata;

    function ExternalStorage(string _fileKey, string _uri, string _host, string _hash, string _metadata) public {
        fileKey = _fileKey;
        uri = _uri;
        host = _host;
        fileHash = _hash;
        signers = [msg.sender];
        metadata = _metadata;
        timeStamp = now;
    }

    function attest() public returns(address[]) {
        signers.push(msg.sender);
        return(signers);
    }
}