JavaScript dapps: Public and private data on Blockstack

With blockchain and the Blockstack.js library, mixed privacy apps aren’t as tricky as you might think

Over the last few weeks we’ve built up a decentralized application with Blockstack that lets you create and save web application snippets. So far, these snippets have been saved privately to your own personal storage. Not even the creator of the app can access them! But the web is about collaboration, too, so we need to incorporate the ability to make snippets publicly available.

In order to use some of the more sophisticated features of Blockstack persistence in our application, we’ll need to request permission to do so from the user. This is a safety prompt you’re probably used to seeing when using federated authentication and authorization. It will look like this:

blockstack select id IDG

You may not notice a difference from our existing blockstack log-in prompt, but if you look more closely, you’ll see that “publish data stored for this app” is a new permission we’re requesting.

In order to make this request, we simply need to specify that we want the publish_data scope when redirecting to the Blockstack log-in. Scopes are the first argument of the AppConfig object in Blockstack.js, so our new log-in code will require only a one-line change:

const appConfig = new blockstack.AppConfig(
    ['store_write', 'publish_data'],
  const userSession = new blockstack.UserSession({ appConfig })

To continue reading this article register now