In the evolving landscape of digital storage, ETH Drive emerges as a groundbreaking Web3 cloud storage system designed to share content securely and effortlessly. Much like Google Drive in functionality, it leverages decentralized technologies to overcome the limitations of traditional and existing Web3 storage solutions.
While several Web3 storage systems utilize IPFS (InterPlanetary File System) for content distribution and storage, they often fall short in security. IPFS allows anyone with knowledge of a content identifier (CID) and filename to access the data, making it unsuitable for sensitive or restricted information.
ETH Drive addresses these critical issues by integrating ENS (Ethereum Name Service), Filecoin (via Web3.Storage), and PGP (Pretty Good Privacy). This powerful combination ensures that content remains confidential and accessible only to authorized users.
How ETH Drive Enhances Security
At its core, ETH Drive encrypts all content with PGP before uploading it to Filecoin. This means that even if a file's CID or name is exposed, the encrypted data remains unreadable to unauthorized parties. The system's true innovation, however, lies in its sophisticated access control mechanism.
Group Authentication via ENS Domains
ETH Drive uses the ENS domain system to manage permissions seamlessly. Users are grouped based on a shared parent ENS domain, regardless of their individual subdomains. This creates a secure, organizational structure for access management.
The authentication process involves three key steps:
- User Login with Ethereum Wallet: Users connect to ETH Drive using their Ethereum wallet, providing a public address as their identity.
- ENS Domain Retrieval: The system uses Ethers.js to resolve the user's wallet address to their associated ENS domain name.
- Group Verification: ETH Drive checks if the user’s ENS domain is a subdomain of a pre-configured parent domain. If it is, the user is authenticated as a member of that group and granted access to shared resources.
This method ensures that only verified members of an organization or group can interact with stored content.
The Technical Process: Encryption and Access
To guarantee that only authorized users can decrypt content, ETH Drive implements a robust public-key cryptography system.
- Key Generation: Each user generates a unique public key and private key pair.
- Key Registration: The public key is registered and stored in the user's ENS text record. The private key remains securely stored on the user's local device and is never shared or transmitted.
- Content Encryption: Before a file is uploaded to Filecoin, it is encrypted using a single, common symmetric key.
- Key Distribution: This common key is then encrypted individually using the public key of each authorized user. This allows multiple users to access the same file securely.
- Decryption Process: When a user downloads a file, they first decrypt the common key using their private key. Once the common key is retrieved, it is used to decrypt the actual file content.
This dual-layer encryption strategy ensures end-to-end security, from upload to download.
Frequently Asked Questions
What is the main advantage of ETH Drive over IPFS?
IPFS focuses on distributed storage and content addressing but lacks built-in access control. ETH Drive adds a crucial layer of security by encrypting all data and using ENS to manage permissions, ensuring that only authorized users can decrypt and view content.
How do I gain access to files on ETH Drive?
Access is granted based on your ENS domain. If your wallet's ENS domain is a subdomain of the parent domain that controls a shared drive, you will be automatically authenticated and able to view, download, and decrypt the files shared with that group.
Where is my private key stored?
Your private key is generated and stored locally on your device. It is never sent to any server or stored in the cloud, giving you complete control and significantly enhancing security.
What technologies form the foundation of ETH Drive?
ETH Drive is built on a stack of decentralized Web3 technologies: Filecoin for resilient storage, PGP for powerful encryption, and ENS for identity management and access control.
Can I use ETH Drive without an ENS domain?
An ENS domain is essential for the authentication mechanism. It serves as your identity and group membership credential within the system. You would need to obtain one to use the service fully.
Is this service free to use?
While the core framework is built on decentralized protocols, costs may be associated with storing data on Filecoin and registering an ENS domain. The pricing model for the ETH Drive application itself would be determined by its developers.
For those interested in the future of secure, decentralized data sharing, this represents a significant step forward. 👉 Explore secure storage solutions to understand how these technologies are being applied today.