GenosDB integrates a robust Role-Based Access Control (RBAC) module designed to secure peer-to-peer distributed graph databases through cryptographically verifiable user identities and permissions.Key Concepts:• Identity Management:Users are identified by their Ethereum addresses. Authentication supports WebAuthn (biometric or hardware key protection) and mnemonic phrase recovery. Private keys are securely managed to sign database operations.• Role Hierarchy and Permissions:Roles such as guest, user, admin, and superadmin define granular permissions (e.g., read, write, assignRole). Roles and assignments are stored within GenosDB itself as part of the synchronized distributed state.• Superadmins:One or more Ethereum addresses can be configured as superadmins with elevated privileges, including exclusive rights to assign roles to other users.• Secure P2P Operations:Every outgoing database operation is cryptographically signed by the active user’s private key. Incoming operations from peers are verified for valid signatures and checked against the user’s assigned permissions before acceptance.• Encrypted Local Data Storage:Data tied to users is compressed and encrypted using keys derived from their Ethereum identities, ensuring privacy even in distributed environments.Operational Flow:1. Initialization:RBAC is activated on a GenosDB instance by initializing a security context and optionally defining superadmin addresses.2. Authentication:Users authenticate via WebAuthn or mnemonic phrases, activating local signing capabilities.3. Role Assignment:Superadmins assign roles to user Ethereum addresses within the distributed database, with optional expiration of assignments.4. Real-Time Enforcement:Signatures and roles are verified on all nodes for each operation, ensuring integrity before changes propagate across the network.5. Security State Monitoring:Callbacks allow applications to dynamically respond to changes in authentication or permission states.Benefits:• Decentralized and cryptographically secure permission management without a central server.• Natural integration of blockchain-based identities with real-time P2P synchronization.• Granular access control, ideal for complex distributed applications.- No requirement for traditional identity management protocols like SCIM, SAML, or SSO, simplifying architecture and user experience.
RBAC in GenosDB — Brief Overview
GenosDB features a secure Role-Based Access Control (RBAC) system built for peer-to-peer distributed databases using Ethereum-based identities.- Users authenticate with Ethereum addresses via WebAuthn or mnemonic phrases.- Roles (guest, user, admin, superadmin) control fine-grained permissions.- Superadmins hold exclusive rights to assign roles within the network.- All database operations are cryptographically signed and verified across peers.- Data is encrypted locally, ensuring privacy in a distributed environment.- No need for traditional identity protocols like SCIM, SAML, or SSO, reducing complexity.This enables decentralized, real-time permission enforcement ideal for scalable, trustless applications.
This article is part of the official documentation of GenosDB (GDB).
GenosDB is a distributed, modular, peer-to-peer graph database built with a Zero-Trust Security Model, created by Esteban Fuster Pozzi (estebanrfp).
📄 Whitepaper | overview of GenosDB design and architecture
🛠 Roadmap | planned features and future updates
💡 Examples | code snippets and usage demos
📖 Documentation | full reference guide
🔍 API Reference | detailed API methods
📚 Wiki | additional notes and guides
💬 GitHub Discussions | community questions and feedback
🗂 Repository | Minified production-ready files
📦 Install via npm | quick setup instructions
Top comments (0)