# Protocol Documentation ## Table of Contents - [container/service.proto](#container/service.proto) - Services - [ContainerService](#neo.fs.v2.container.ContainerService) - Messages - [DeleteRequest](#neo.fs.v2.container.DeleteRequest) - [DeleteRequest.Body](#neo.fs.v2.container.DeleteRequest.Body) - [DeleteResponse](#neo.fs.v2.container.DeleteResponse) - [DeleteResponse.Body](#neo.fs.v2.container.DeleteResponse.Body) - [GetExtendedACLRequest](#neo.fs.v2.container.GetExtendedACLRequest) - [GetExtendedACLRequest.Body](#neo.fs.v2.container.GetExtendedACLRequest.Body) - [GetExtendedACLResponse](#neo.fs.v2.container.GetExtendedACLResponse) - [GetExtendedACLResponse.Body](#neo.fs.v2.container.GetExtendedACLResponse.Body) - [GetRequest](#neo.fs.v2.container.GetRequest) - [GetRequest.Body](#neo.fs.v2.container.GetRequest.Body) - [GetResponse](#neo.fs.v2.container.GetResponse) - [GetResponse.Body](#neo.fs.v2.container.GetResponse.Body) - [ListRequest](#neo.fs.v2.container.ListRequest) - [ListRequest.Body](#neo.fs.v2.container.ListRequest.Body) - [ListResponse](#neo.fs.v2.container.ListResponse) - [ListResponse.Body](#neo.fs.v2.container.ListResponse.Body) - [PutRequest](#neo.fs.v2.container.PutRequest) - [PutRequest.Body](#neo.fs.v2.container.PutRequest.Body) - [PutResponse](#neo.fs.v2.container.PutResponse) - [PutResponse.Body](#neo.fs.v2.container.PutResponse.Body) - [SetExtendedACLRequest](#neo.fs.v2.container.SetExtendedACLRequest) - [SetExtendedACLRequest.Body](#neo.fs.v2.container.SetExtendedACLRequest.Body) - [SetExtendedACLResponse](#neo.fs.v2.container.SetExtendedACLResponse) - [SetExtendedACLResponse.Body](#neo.fs.v2.container.SetExtendedACLResponse.Body) - [container/types.proto](#container/types.proto) - Messages - [Container](#neo.fs.v2.container.Container) - [Container.Attribute](#neo.fs.v2.container.Container.Attribute) - [Scalar Value Types](#scalar-value-types)
## container/service.proto ### Service "neo.fs.v2.container.ContainerService" `ContainerService` provides API to interact with `Container` smart contract in NeoFS sidechain via other NeoFS nodes. All of those actions can be done equivalently by directly issuing transactions and RPC calls to sidechain nodes. ``` rpc Put(PutRequest) returns (PutResponse); rpc Delete(DeleteRequest) returns (DeleteResponse); rpc Get(GetRequest) returns (GetResponse); rpc List(ListRequest) returns (ListResponse); rpc SetExtendedACL(SetExtendedACLRequest) returns (SetExtendedACLResponse); rpc GetExtendedACL(GetExtendedACLRequest) returns (GetExtendedACLResponse); ``` #### Method Put `Put` invokes `Container` smart contract's `Put` method and returns response immediately. After a new block is issued in sidechain, request is verified by Inner Ring nodes. After one more block in sidechain, container is added into smart contract storage. | Name | Input | Output | | ---- | ----- | ------ | | Put | [PutRequest](#neo.fs.v2.container.PutRequest) | [PutResponse](#neo.fs.v2.container.PutResponse) | #### Method Delete `Delete` invokes `Container` smart contract's `Delete` method and returns response immediately. After a new block is issued in sidechain, request is verified by Inner Ring nodes. After one more block in sidechain, container is added into smart contract storage. | Name | Input | Output | | ---- | ----- | ------ | | Delete | [DeleteRequest](#neo.fs.v2.container.DeleteRequest) | [DeleteResponse](#neo.fs.v2.container.DeleteResponse) | #### Method Get Returns container structure from `Container` smart contract storage. | Name | Input | Output | | ---- | ----- | ------ | | Get | [GetRequest](#neo.fs.v2.container.GetRequest) | [GetResponse](#neo.fs.v2.container.GetResponse) | #### Method List Returns all owner's containers from 'Container` smart contract' storage. | Name | Input | Output | | ---- | ----- | ------ | | List | [ListRequest](#neo.fs.v2.container.ListRequest) | [ListResponse](#neo.fs.v2.container.ListResponse) | #### Method SetExtendedACL Invokes 'SetEACL' method of 'Container` smart contract and returns response immediately. After one more block in sidechain, Extended ACL changes are added into smart contract storage. | Name | Input | Output | | ---- | ----- | ------ | | SetExtendedACL | [SetExtendedACLRequest](#neo.fs.v2.container.SetExtendedACLRequest) | [SetExtendedACLResponse](#neo.fs.v2.container.SetExtendedACLResponse) | #### Method GetExtendedACL Returns Extended ACL table and signature from `Container` smart contract storage. | Name | Input | Output | | ---- | ----- | ------ | | GetExtendedACL | [GetExtendedACLRequest](#neo.fs.v2.container.GetExtendedACLRequest) | [GetExtendedACLResponse](#neo.fs.v2.container.GetExtendedACLResponse) | ### Message DeleteRequest Container removal request | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [DeleteRequest.Body](#neo.fs.v2.container.DeleteRequest.Body) | | Body of container delete request message. | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message DeleteRequest.Body Container removal request body has a signed `ContainerID` as a proof of container owner's intent. The signature will be verified by `Container` smart contract, so signing algorithm must be supported by NeoVM. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container_id | [neo.fs.v2.refs.ContainerID](#neo.fs.v2.refs.ContainerID) | | Identifier of the container to delete from NeoFS | | signature | [neo.fs.v2.refs.Signature](#neo.fs.v2.refs.Signature) | | `ContainerID` signed with the container owner's key according to RFC-6979 | ### Message DeleteResponse `DeleteResponse` has an empty body because delete operation is asynchronous and done via consensus in Inner Ring nodes. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [DeleteResponse.Body](#neo.fs.v2.container.DeleteResponse.Body) | | Body of container delete response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message DeleteResponse.Body `DeleteResponse` has an empty body because delete operation is asynchronous and done via consensus in Inner Ring nodes. ### Message GetExtendedACLRequest Get Extended ACL | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [GetExtendedACLRequest.Body](#neo.fs.v2.container.GetExtendedACLRequest.Body) | | Body of get extended acl request message. | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message GetExtendedACLRequest.Body Get Extended ACL request body | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container_id | [neo.fs.v2.refs.ContainerID](#neo.fs.v2.refs.ContainerID) | | Identifier of the container having Extended ACL | ### Message GetExtendedACLResponse Get Extended ACL | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [GetExtendedACLResponse.Body](#neo.fs.v2.container.GetExtendedACLResponse.Body) | | Body of get extended acl response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message GetExtendedACLResponse.Body Get Extended ACL Response body can be empty if the requested container did not have Extended ACL Table attached or Extended ACL was not allowed at container creation. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | eacl | [neo.fs.v2.acl.EACLTable](#neo.fs.v2.acl.EACLTable) | | Extended ACL requested, if available | | signature | [neo.fs.v2.refs.Signature](#neo.fs.v2.refs.Signature) | | Signature of stable-marshalled Extended ACL according to RFC-6979 | ### Message GetRequest Get container structure | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [GetRequest.Body](#neo.fs.v2.container.GetRequest.Body) | | Body of container get request message. | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message GetRequest.Body Get container structure request body. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container_id | [neo.fs.v2.refs.ContainerID](#neo.fs.v2.refs.ContainerID) | | Identifier of the container to get | ### Message GetResponse Get container structure | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [GetResponse.Body](#neo.fs.v2.container.GetResponse.Body) | | Body of container get response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message GetResponse.Body Get container response body does not have container structure signature. It was already verified on container creation. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container | [Container](#neo.fs.v2.container.Container) | | Requested container structure | ### Message ListRequest List containers | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [ListRequest.Body](#neo.fs.v2.container.ListRequest.Body) | | Body of list containers request message | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message ListRequest.Body List containers request body. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | Identifier of the container owner | ### Message ListResponse List containers | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [ListResponse.Body](#neo.fs.v2.container.ListResponse.Body) | | Body of list containers response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message ListResponse.Body List containers response body. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container_ids | [neo.fs.v2.refs.ContainerID](#neo.fs.v2.refs.ContainerID) | repeated | List of `ContainerID`s belonging to the requested `OwnerID` | ### Message PutRequest New NeoFS Container creation request | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [PutRequest.Body](#neo.fs.v2.container.PutRequest.Body) | | Body of container put request message. | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message PutRequest.Body Container creation request has container structure's signature as a separate field. It's not stored in sidechain, just verified on container creation by `Container` smart contract. `ContainerID` is a SHA256 hash of the stable-marshalled container strucutre, hence there is no need for additional signature checks. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container | [Container](#neo.fs.v2.container.Container) | | Container structure to register in NeoFS | | signature | [neo.fs.v2.refs.Signature](#neo.fs.v2.refs.Signature) | | Signature of a stable-marshalled container according to RFC-6979 | ### Message PutResponse New NeoFS Container creation response | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [PutResponse.Body](#neo.fs.v2.container.PutResponse.Body) | | Body of container put response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message PutResponse.Body Container put response body contains information about the newly registered container as seen by `Container` smart contract. `ContainerID` can be calculated beforehand from the container structure and compared to the one returned here to make sure everything was done as expected. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | container_id | [neo.fs.v2.refs.ContainerID](#neo.fs.v2.refs.ContainerID) | | Unique identifier of the newly created container | ### Message SetExtendedACLRequest Set Extended ACL | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [SetExtendedACLRequest.Body](#neo.fs.v2.container.SetExtendedACLRequest.Body) | | Body of set extended acl request message. | | meta_header | [neo.fs.v2.session.RequestMetaHeader](#neo.fs.v2.session.RequestMetaHeader) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.RequestVerificationHeader](#neo.fs.v2.session.RequestVerificationHeader) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message SetExtendedACLRequest.Body Set Extended ACL request body does not have separate `ContainerID` reference. It will be taken from `EACLTable.container_id` field. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | eacl | [neo.fs.v2.acl.EACLTable](#neo.fs.v2.acl.EACLTable) | | Extended ACL table to set for container | | signature | [neo.fs.v2.refs.Signature](#neo.fs.v2.refs.Signature) | | Signature of stable-marshalled Extended ACL table according to RFC-6979 | ### Message SetExtendedACLResponse Set Extended ACL | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | body | [SetExtendedACLResponse.Body](#neo.fs.v2.container.SetExtendedACLResponse.Body) | | Body of set extended acl response message. | | meta_header | [neo.fs.v2.session.ResponseMetaHeader](#neo.fs.v2.session.ResponseMetaHeader) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. | | verify_header | [neo.fs.v2.session.ResponseVerificationHeader](#neo.fs.v2.session.ResponseVerificationHeader) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. | ### Message SetExtendedACLResponse.Body `SetExtendedACLResponse` has an empty body because the operation is asynchronous and update should be reflected in `Container` smart contract's storage after next block is issued in sidechain. ## container/types.proto ### Message Container Container is a structure that defines object placement behaviour. Objects can be stored only within containers. They define placement rule, attributes and access control information. ID of the container is a 32 byte long SHA256 hash of stable-marshalled container message. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | version | [neo.fs.v2.refs.Version](#neo.fs.v2.refs.Version) | | Container format version. Effectively the version of API library used to create container. | | owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | Identifier of the container owner | | nonce | [bytes](#bytes) | | Nonce is a 16 byte UUIDv4, used to avoid collisions of `ContainerID`s | | basic_acl | [uint32](#uint32) | | `BasicACL` contains access control rules for owner, system, others groups and permission bits for `BearerToken` and `Extended ACL` | | attributes | [Container.Attribute](#neo.fs.v2.container.Container.Attribute) | repeated | Attributes represent immutable container's meta data | | placement_policy | [neo.fs.v2.netmap.PlacementPolicy](#neo.fs.v2.netmap.PlacementPolicy) | | Placement policy for the object inside the container | ### Message Container.Attribute `Attribute` is a user-defined Key-Value metadata pair attached to the container. Container attributes are immutable. They are set at container creation and can never be added or updated. Key name must be a container-unique valid UTF-8 string. Value can't be empty. Containers with duplicated attribute names or attributes with empty values will be considered invalid. There are some "well-known" attributes affecting system behaviour: * __NEOFS__SUBNET \ String ID of container's storage subnet. Container can be attached to only one subnet. And some well-known attributes used by applications only: * Name \ Human-friendly name * Timestamp \ User-defined local time of container creation in Unix Timestamp format | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | key | [string](#string) | | Attribute name key | | value | [string](#string) | | Attribute value | ## Scalar Value Types | .proto Type | Notes | C++ Type | Java Type | Python Type | | ----------- | ----- | -------- | --------- | ----------- | | double | | double | double | float | | float | | float | float | float | | int32 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. | int32 | int | int | | int64 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long | | uint32 | Uses variable-length encoding. | uint32 | int | int/long | | uint64 | Uses variable-length encoding. | uint64 | long | int/long | | sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int | | sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long | | fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int | | fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long | | sfixed32 | Always four bytes. | int32 | int | int | | sfixed64 | Always eight bytes. | int64 | long | int/long | | bool | | bool | boolean | boolean | | string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode | | bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str |