# S3 Uploads ### Kinds of validations Async or sync ? - Ensure upload is a valid CAR file. - User upload quota - Bad content like porn, licensed content, etc - Integrity - Available on the network/gateway # Approaches ## 1. Single Giant CAR to S3 - 💚 You can simply curl upload - 💔 User can upload garbage - 💔 Requires after the fact validation / client needs to check on if upload was valid. - It may not even be a CAR - Malicious actors might try to overwhelm system - Client can think it went through but it got rejected later - 💔 We don't know CID/Multihash of the CAR until we buffer. - With stream hash creation we can figure CID/Multihash at the end without buffering - 💔 No more multiplayer stuff (can't have multiple clients submitting DAGs concurrently) - 💔 No more intermidiate states can be represented - 💚 S3 native chunked uploads - 💔 We're tied to S3 ## 2. CAR per transaction (as pre revision protocol) with async validation lambda - 💔 Need to get a S3 token per CAR - 💔 Need to validate uploads later (may not be valid CAR or valid transaction) - 💔 Complexity on client side (need to poll to find out if submitted transaction got in, got validated). - 💚 Can represent intermidiate states - 💚 Can support multiplayer - 💔 We're tied to S3 ## 3. AWS Lambda in front of S3 - 💚 Validation happens on request so client knows right away if it's in or not. - 💔 No direct to s3 - 💚 Supports intermidiate states - 💚 Supports multiplayer - 💚 We no longer tie ourself to S3