High-level guide on how to deal with user authorization?

@dmonad - Thanks for your response. Yeah, both of your approaches essentially rely on consensus for nodes to agree on what the “next” fork of the document should be (i.e. based on access control rules / user authorization). Users who got permissions revoked end up with the “old” fork of the document. It’s then an application decision whether you simply reject syncs on the “old” fork or allow syncing to continue on the “old” fork while most nodes migrate to the “new” fork, ignoring changes on the “old” fork. The client app could also be written such that the “old” document is deleted. In all cases, the consensus of nodes is what allows writes to continue down the “new” fork.

Consensus could be in the form of a blockchain, a central authoritative server, or a quorum of nodes.

1 Like