How RBAC works
- Per-index KEK. Each index is encrypted under a 32-byte Key-Encryption-Key (KEK), the
index_key. CyborgDB wraps a data key (DEK) under the KEK internally — callers only ever handle the KEK. - Per-user keys. The root KEK holder calls
CreateUserKeysto wrap the index key under a per-user 32-byte key (user_kek), granting read and/or write access. The set of wraps that exist defines the permission set — there is no separate permission flag. A read-only user simply has no write wrap. - Root-gated administration. Creating, deleting, and listing user keys always requires the root index KEK.
- User load. A user then opens the index with their own
user_kek, scoped to theiruser_id:Per-operation, the gate is enforced — a read-only user’sUpsert/Deleteare rejected.
Pass a per-user key context to data operations as
cyborg::KeyContext{user_kek, user_id}
where user_id is a std::array<uint8_t, 16> and user_kek is a std::array<uint8_t, 32>.CreateUserKeys
Parameters
| Parameter | Type | Description |
|---|---|---|
user_id | std::array<uint8_t, 16> | 16-byte user identifier. |
index_key | std::array<uint8_t, 32> | The root index KEK (admin gate). |
user_kek | std::array<uint8_t, 32> | The user’s 32-byte key under which access is wrapped. |
grant_read | bool | Grant read access. |
grant_write | bool | Grant write access. |
Exceptions
std::runtime_error
std::runtime_error
- Throws if the supplied key is not the root index KEK.
- Throws if the user keys could not be created.
DeleteUserKeys
Parameters
| Parameter | Type | Description |
|---|---|---|
user_id | std::array<uint8_t, 16> | 16-byte user identifier to revoke. |
index_key | std::array<uint8_t, 32> | The root index KEK (admin gate). |
Exceptions
std::runtime_error
std::runtime_error
- Throws if the supplied key is not the root index KEK.
ListUserKeys
Parameters
| Parameter | Type | Description |
|---|---|---|
index_key | std::array<uint8_t, 32> | The root index KEK (admin gate). |
Returns
std::vector<UserKeyInfo>: One entry per user. The UserKeyInfo struct:
Exceptions
std::runtime_error
std::runtime_error
- Throws if the supplied key is not the root index KEK.