-
Notifications
You must be signed in to change notification settings - Fork 91
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: chenchanglew <[email protected]>
- Loading branch information
1 parent
f45665c
commit 58e4f79
Showing
1 changed file
with
54 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| # Secret Keeper | ||
|
|
||
| Secret Keeper is a demo application designed to securely store sensitive information, acting as a digital vault. It's ideal for users who need to manage access to shared secrets within a team or organization. | ||
|
|
||
| ## Functions | ||
|
|
||
| Secret Keeper provides the following functionalities: | ||
|
|
||
| - **InitSecretKeeper**: Initializes the application with default authorization and secret values. Intended for one-time use at application setup. Note: While potential misuse is considered low-risk, it's recommended to secure access to this function. | ||
|
|
||
| - **RevealSecret**: Allows authorized users to view the currently stored secret. | ||
|
|
||
| - **LockSecret**: Enables authorized users to update the secret value. This action replaces the existing secret. | ||
|
|
||
| - **AddUser**: Permits authorized users to add a new user to the authorization list, granting them access to all functions. | ||
|
|
||
| - **RemoveUser**: Allows authorized users to remove an existing user from the authorization list, revoking their access. | ||
|
|
||
| ## Example Usage | ||
|
|
||
| To demonstrate Secret Keeper's capabilities, you can deploy the chaincode to [the-simple-testing-network](https://github.com/hyperledger/fabric-private-chaincode/tree/main/samples/deployment/fabric-smart-client/the-simple-testing-network) and then invoke it with the [simple-cli-go](https://github.com/hyperledger/fabric-private-chaincode/tree/main/samples/application/simple-cli-go). | ||
|
|
||
| 1. Initialize Secret Keeper: | ||
| ``` | ||
| ./fpcclient invoke initSecretKeeper | ||
| ``` | ||
| 2. Reveal the secret as Alice: | ||
| ``` | ||
| ./fpcclient query revealSecret Alice | ||
| ``` | ||
| 3. Change the secret as Bob: | ||
| ``` | ||
| ./fpcclient invoke lockSecret Bob NewSecret | ||
| ``` | ||
| 4. Attempt to reveal the secret as Alice (now updated): | ||
| ``` | ||
| ./fpcclient query revealSecret Alice | ||
| ``` | ||
| 5. Remove Bob's access as Alice: | ||
| ``` | ||
| ./fpcclient invoke removeUser Alice Bob | ||
| ``` | ||
| 6. Attempt to reveal the secret as Bob (should fail): | ||
| ``` | ||
| ./fpcclient query revealSecret Bob // (will failed) | ||
| ``` | ||
| 7. Re-add Bob to the authorization list as Alice: | ||
| ``` | ||
| ./fpcclient invoke addUser Alice Bob | ||
| ``` | ||
| 8. Bob can now reveal the secret successfully: | ||
| ``` | ||
| ./fpcclient query revealSecret Bob // (will success) | ||
| ``` |