UCAN: User Controlled Authorization Networks
Fission-led
UCANs are a trustless, secure, user-originated authorization and revocation scheme.
Traditionally, when a developer wants to interact with services that have access to data, the different parts of the network have to have individual agreements with one another, and the developer has to pre-negotiate tokens to interact with each part. This is because you need an authorization server in a specific place to handle these negotiation requests and agreements.
In distributed systems using content addressing, we can use capabilities rather than an authorization server. A capability defines what the issuer is granting permission for and what the recipient can do. It is entirely defined by the person issuing the UCAN and the ability of the recipient service to understand the request.
Connections
Here are all the other parts of the Fission ecosystem connects to it.
WNFS
A distributed file system built on IPFS. It is versioned, logged, programmable, encrypted, and fully controlled by the end user.
IPVM
An open, decentralized, and local-first execution layer that brings compute to IPFS.
Fission Reactor
Our applied research pod, currently focused on CRDTs and edge databases
RhizomeDB
A far-edge database for local-first applications and autonomous computing agents
Distributed Systems Reading Group
A monthly reading group for folks interested in learning more about distributed systems.
WhoCAN & NNS
A way to share UCAN permissions with keys without knowing what those keys are - it assigns a name address to the key.