Hot Storage

The Hot Storage component is used to store "hot shares": shares that are required each time an operation is performed with the private key the "hot share" belongs to: log in, sign transactions, export the private key, and more.

Unlike the Cold Storage component, which is only accessed when the user logs into a new device, the hot storage handles fast, frequent access.

The hot storage doesn't include a production-ready implementation. A base implementation for development purposes is available under the hot_storage/sample directory. Implement your own version according to your needs.

The sample implementation is written in Go, uses PostgreSQL to store data, and can be configured through the environment variables shown in the docker-compose.yml file at the root of the repository.

How it works

The Hot Storage links shares to a specific device, user, and auth provider, and stores them in a database. The user is validated against the specified auth provider using the configured Auth Service.

Users must specify the user ID, auth provider, and device ID when requesting shares, and prove their identity through a JWT token issued by the specified auth service. The auth service must match the one configured when creating the share.

Hot shares are not encrypted with user entropy, so it is important to ensure that the database is secure and access is controlled. Follow best practices for database security.

Specification

The full specification for the request is available in the API documentation, and a Postman collection with pre-configured calls is available at the Postman Collection.