jazz icon indicating copy to clipboard operation
jazz copied to clipboard
verified publisher icon gardencmp

Group: add an agent key to use to reveal keys to parent groups and writeOnly keys to members

Open gdorsi opened this issue 8 months ago • 1 comments

There are some edge cases that are not handled by the current writeOnly key system (see this test for reference) and we currently can't let accounts extend groups if they don't have access to their readKey

To fix these issues we want to add an asymmetric key on Group to make it possible to do key revelations without having access to the readKey.

This way we can:

  • Do a single key revelation for the entire group when creating a writeOnly key
  • Use the parent public key to reveal the current group readKey to be able to do group extension without read access (would fix #1331)

Started to draft the idea here: https://github.com/garden-co/jazz/commit/f1e9d9f6f8e088eebe04fbd0b169ae0c16c2731a

gdorsi avatar Apr 23 '25 10:04 gdorsi

Should also fix this: https://github.com/garden-co/jazz/blob/d63716a8272502af7d35396e008af2d761c6f6da/packages/cojson/src/coValues/group.ts#L609

gdorsi avatar May 16 '25 10:05 gdorsi