'ok but rdf is esoteric': yeah it is. 1) some might already have data in that format and eager to try it out (e.g. https://openlibrary.org) and more importantly 2) you can represent any bytes in rdf or any http in rdf meaning any http-based protocol which is a lot including much of web archives and including any libp2p-http or maybe even coap protocol traffic. you can also describe some of ethereum in rdf and ERC-4824: Common Interfaces for DAOs.
overview
let D be a dataset
let C(D) be rdfcanon1(D), i.e. the canonicalization of the dataset. the output of C(D) is n-quads which is newline-delimited sequence of 4-tuples.
let Q(C(D)) be the sequece of quads in the n-quads representation of C(D)-then-slit-on-newlines. the elements of Q(C(D)) are 4-tuples of cryptographic values that correspond to the edges in a graph like [source, link, target, context].
note each 4-tuple is a sequence so you can get a unique comm(D) using something like @mikeal/pkv. another comm(D) method is described below that only reuses rdfcanon1.
Purpose of this Document
Explain how @web3-storage/access-api stores data today.https://github.com/web3-storage/w3up/issues/684
Enable planning of how to scale the service
access-api invocation handlers
not exhaustive. these are the recent ones that interact with data stores.
provider/add
access/delegateasserts hasStorageProvider({ consumer: space })
tl;dr wdyt of moving access-api from d1+r2+cf-workers to ?+s3+lambda?
I get people don't really want to be using D1 with access-api.
Do we even want to be using cloudflare workers for it? Are you a fan of a potential future where we run access-api in aws lambda ?
It seems like it might be easier to reason about all the w3up stuff if all the business logic was in one place.
and not split across access-api in cloudflare vs upload-api in aws.
We could make it so w3protocol monorepo
syntax did:ucan2:${encodeURIComponent(dataUri)}
we can say the dataUri must be decodable to either application/json or dag-json
how to resolve did:ucan2 to did document
decodeUriComponent to get a data uri
decode the data uri to get a did document
assert did document has controller property of a verifiable ucan principal (e.g. did:key)
assert did document has a proof property containing a proof created by controller - (this may not be that important)
I have a keypair, so I have a did:key, and I can create capability certificates as UCANs.
But I don't trust my ability to keep the private key safe forever, especially if I try to use it across many devices. I'll probalby mess something up and leak the key, and if I don't do that, I'll probalby lose my devices before long.
I do trust trust.storage though. I want to authorize trust.storage to help me recover access to stuff if I lose all the other ways I can prove control over my stuff.
Create
To create a DID Account, you first need an asymmetric keypair. The public key of the keypair will correspond to the account id.
Create an AccountCredential creating a Verifiable Credential ("VC") describing the Account. The VC's proof MUST have a root of trust in the private key corresponding to the account id's public key.