# ACL storage architecture ## 1 - Global ACL consensus ![](https://i.imgur.com/tYRMbAU.png) System consists of: * Global Permissionless Ledger - store ACL indexes (consensus) * Network provider * Storage - store data + ACL payloads ### Write ACL 1. Write ACL_RECORD_PAYLOAD (signed by user's PK) to the current network provider storage: {NETWORK_ID, ACL_RECORD_PAYLOAD} -> ACL_PAYLOAD_CID 2. User signs ACL_PAYLOAD_CID with his private key -> ACL_PAYLOAD_CID_SIG 3. Write ACL_PAYLOAD_CID to the Ledger: 1. Check if USER_ID has enough funds 2. Verify ACL_PAYLOAD_CID_SIG signature 3. (CAN BE DONE IF NEEDED) Verify ACL record 4. Append ACL_PAYLOAD_CID to the ledger 5. Return new ACL_INDEX 7. Save ACL_INDEX to the Change ### Read ACL 1. Get ACL_INDEX from the Change 2. Get the ACL payload from the Ledger by {SPACE_ID, ACL_INDEX} -> ACL_PAYLOAD_CID 3. Get the current Network for USER_ID -> NETWORK_ID 4. Get the ACL record by {NETWORK_ID, ACL_PAYLOAD_CID} -> ACL_RECORD_PAYLOAD 5. Verify the ACL record --- ## 2 - Local ACL consensus ![](https://i.imgur.com/MsFjwWZ.png) System consists of: * ~~Global Permissionless Ledger~~ * Network provider * Storage - store data and ACL payloads ### Write ACL 1. (CAN BE DONE IF NEEDED) Verify ACL record 2. Write ACL_RECORD_PAYLOAD (signed by user's PK) to the MongoDB 1. Append ACL_RECORD_PAYLOAD to the SPACE_ID table (list) 2. Return new ACL_INDEX 3. Save ACL_INDEX to the Change ### Read ACL 1. Get ACL_INDEX from the Change 2. Get the ACL_RECORD_PAYLOAD payload from the MongoDB by ACL_INDEX 3. Verify the ACL. --- ### PROS of 1 * ACLs are always consistent. No “race conditions” * Migration to another network and the “credible exit” always work * “spaces migration across clusters doesn’t affect ACL table” * Simple logics: * No need to specify the location of the ACL for space * No ACL merges needed * Single source of truth without duplicates * Permissionless ACL index ### PROS of 2 * Simpler for self-hosted scenario * More scalable * **Simpler implementation:** * **Data and ACLs are more tightly coupled** * **Data verification on each WRITE can be simpler. On each READ it is still verified**.