Key management utility for NuCypher (optional support for multiple decentralized storage backends like IPFS, Arweave, Sia Skynet, etc.)
https://www.youtube.com/watch?v=yjq3mofMb4A
-
Clone Repo
git clone https://github.com/viraja1/nucypher_kms.git -
Change directory
cd nucypher_kms -
Install requirements (tested only for python 3.7 and pip 19.0.3)
pip install -r requirements.txt -
Run nucypher ursula in a new tab of terminal (required only for federated mode)
python run_demo_ursula_fleet.py -
Run below examples in ipython console
ipython
import os
from nucypher_kms import KMS
# Share secret with yourself (Without IPFS)
user1 = KMS(ursula_url="localhost:11500", dir_name="user1", passphrase="&W=nqr2N:,[2}sAr")
label, data_source_public_key, data = user1.encrypt_data(plaintext="sample plaintext")
print("encrypted data: {}".format(data))
pubkeys = user1.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
result = user1.decrypt_data(data_source_public_key=data_source_public_key, data=data, policy_info=policy_info)
print("decrypted data: {}".format(result))
# Share secret with another user (Without IPFS)
user1 = KMS(ursula_url="localhost:11500", dir_name="user1", passphrase="&W=nqr2N:,[2}sAr")
user2 = KMS(ursula_url="localhost:11500", dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx")
label, data_source_public_key, data = user1.encrypt_data(plaintext="sample plaintext")
print("encrypted data: {}".format(data))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
result = user2.decrypt_data(data_source_public_key=data_source_public_key, data=data, policy_info=policy_info)
print("decrypted data: {}".format(result))
# Share secret with another user (With IPFS)
# Start ipfs daemon v0.7.0 locally before running the code (https://docs.ipfs.io/how-to/command-line-quick-start/#install-ipfs)
user1 = KMS(ursula_url="localhost:11500", dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
ipfs_addr="/ip4/127.0.0.1/tcp/5001/http")
user2 = KMS(ursula_url="localhost:11500", dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
ipfs_addr="/ip4/127.0.0.1/tcp/5001/http")
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="ipfs")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="ipfs")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="ipfs")
print("decrypted data: {}".format(result))
# Share secret with another user (With Sia Skynet)
user1 = KMS(ursula_url="localhost:11500", dir_name="user1", passphrase="&W=nqr2N:,[2}sAr")
user2 = KMS(ursula_url="localhost:11500", dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx")
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="skynet")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="skynet")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="skynet")
print("decrypted data: {}".format(result))
# Share secret with another user (With Arweave)
# Generate arweave wallet keyfile and store it in locally. It should have sufficient balance (https://www.arweave.org/wallet)
user1 = KMS(ursula_url="localhost:11500", dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
arweave_wallet_file_path=os.path.expanduser("~/arweave.json"))
user2 = KMS(ursula_url="localhost:11500", dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
arweave_wallet_file_path=os.path.expanduser("~/arweave.json"))
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="arweave")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="arweave")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="arweave")
print("decrypted data: {}".format(result))
Set the below env variables
export SIGNER_URI=
export PROVIDER_URI=
export ETHEREUM_ADDRESS=
export KEYSTORE_PASSWORD=
export URSULA_URL=
export DOMAIN=
SIGNER_URI represents the path for the ethereum keystore e.g. keystore://{path}
PROVIDER_URI represents the infura https endpoint for the nucypher testnet (goerli) or mainnet
ETHEREUM_ADDRESS represents the ethereum address for the nucypher testnet (goerli) or mainnet (should have sufficient ETH balance)
KEYSTORE_PASSWORD represents the password for the ethereum keystore file
URSULA_URL represents the ursula url for the nucypher testnet (lynx) or mainnet i.e. https://lynx.nucypher.network:9151 for nucypher testnet (lynx) or https://mainnet.nucypher.network:9151 for nucypher mainnet
DOMAIN represents the nucypher network name i.e. lynx for nucypher testnet or mainnet for nucypher mainnet
import os
from nucypher_kms import KMS
# Share secret with another user (Without IPFS)
user1 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
user2 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
label, data_source_public_key, data = user1.encrypt_data(plaintext="sample plaintext")
print("encrypted data: {}".format(data))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
result = user2.decrypt_data(data_source_public_key=data_source_public_key, data=data, policy_info=policy_info)
print("decrypted data: {}".format(result))
# Share secret with another user (With IPFS)
# Start ipfs daemon v0.7.0 locally before running the code (https://docs.ipfs.io/how-to/command-line-quick-start/#install-ipfs)
user1 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
ipfs_addr="/ip4/127.0.0.1/tcp/5001/http", federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
user2 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
ipfs_addr="/ip4/127.0.0.1/tcp/5001/http", federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="ipfs")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="ipfs")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="ipfs")
print("decrypted data: {}".format(result))
# Share secret with another user (With Sia Skynet)
user1 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
user2 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
federated_only=False, signer_uri=os.environ.get('SIGNER_URI'),
checksum_address=os.environ.get('ETHEREUM_ADDRESS'), client_password=os.environ.get('KEYSTORE_PASSWORD'),
provider_uri=os.environ.get('PROVIDER_URI'), domain=os.environ.get('DOMAIN'))
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="skynet")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="skynet")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="skynet")
print("decrypted data: {}".format(result))
# Share secret with another user (With Arweave)
# Generate arweave wallet keyfile and store it in locally. It should have sufficient balance (https://www.arweave.org/wallet)
user1 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user1", passphrase="&W=nqr2N:,[2}sAr",
arweave_wallet_file_path=os.path.expanduser("~/arweave.json"), federated_only=False,
signer_uri=os.environ.get('SIGNER_URI'), checksum_address=os.environ.get('ETHEREUM_ADDRESS'),
client_password=os.environ.get('KEYSTORE_PASSWORD'), provider_uri=os.environ.get('PROVIDER_URI'),
domain=os.environ.get('DOMAIN'))
user2 = KMS(ursula_url=os.environ.get('URSULA_URL'), dir_name="user2", passphrase="6Yd5M-d=rZ4Ny?Nx",
arweave_wallet_file_path=os.path.expanduser("~/arweave.json"), federated_only=False,
signer_uri=os.environ.get('SIGNER_URI'), checksum_address=os.environ.get('ETHEREUM_ADDRESS'),
client_password=os.environ.get('KEYSTORE_PASSWORD'), provider_uri=os.environ.get('PROVIDER_URI'),
domain=os.environ.get('DOMAIN'))
label, data_source_public_key, hash_key = user1.upload_data(plaintext="sample plaintext test", storage="arweave")
print("hash key: {}".format(hash_key))
pubkeys = user2.pubkeys
policy_info = user1.share_data_access(pubkeys=pubkeys, label=label)
shareable_code = user1.get_shareable_code(hash_key=hash_key, data_source_public_key=data_source_public_key,
policy_info=policy_info, storage="arweave")
print("Shareable code for user2: {}".format(shareable_code))
result = user2.fetch_data(shareable_code=shareable_code, storage="arweave")
print("decrypted data: {}".format(result))