...
Swarm provides methods for allowing applications to obtain and validate integrity guarantees on the stored data. In this context, integrity Integrity is an independently verifiable guarantee that the data returned for a given name or UUID is exactly the same data that was stored using that name or UUID, perhaps many months or years in the past. This is done performed by hashing the data using a cryptographic hash algorithm.
Content metadata is not included in the hash. If the application stores the name or UUID and its the associated hash value, these can be used later to verify the content has not changed, either through accidental or malicious means.
...
An integral seal is a URL containing the object name or UUID, its the hash value, and the type of hash algorithm that was used for the computations.
| Info |
|---|
Direct to SwarmonlyIntegrity Seal upgrades cannot be performed through Content Gateway. Request them directly from the back-end Swarm cluster. |
...
md5
sha1
sha256
sha384
sha512
After creating the object and assigning a name or UUID, Swarm replies with a 201 (Created) response that includes a location header with a URL that can later be used to retrieve the data after creating the object and assigning a name or UUID.
In addition to the host and name or UUID, the URL includes the hash type and value computed from the content object. This URL, including the triple name or UUID, hash type, and hash, is known as the content object integrity seal.
...
When Swarm receives such a READ request, it recomputes the hash of the stored content using the supplied hash type and compares the computed hash with the hash value in the integrity seal.
Match - If The hashes match if the content was not modified or corrupted in any way, the hashes match. Swarm returns the object with the computed digest as a trailing
Locationheader.No match - If the two values do not match, Swarm will drop Swarm drops the connection before sending the object content at the end of the request if the two values do not match.
Because the hash algorithms are published and well-known, users and third parties can independently validate an object that was stored by Swarm by reading its the contents, computing the hash value, and comparing it with the hash value in the seal. By publishing an integrity seal when it is created, you it can verify be verified the stored content was is not modified and it has always been associated with the same UUID.
...
| Code Block | ||
|---|---|---|
| ||
GET http://129.69.251.143/41A140B5271DC8D22FF8D027176A0821 ?hashtype=md5 &hash=7A25E6067904EAC8002498CF1AE33023 &newhashtype=sha256 HTTP/1.1 |
This READ request will first validate validates the given integrity seal, then reseal it by wrapping the content in the new, upgraded hash algorithm – sha256 in the example. If the requested object fails to validate against its integrity seal, Swarm will send Swarm sends a 200 OK response but will drop drops the connection prior to sending the object content . If if the object validates properly, a requested object fails to validate against the integrity seal. A new integrity seal will be is returned with the new hash type and hash value if the object validates properly.