Private, non-shared data in repo?

[raisch]

I have a use-case for keeping private data in a repo, i.e. data that does not leave the repo via the standard sharing mechanisms, and before I leap into modifying the code to support it, I'd like to get some feedback (or at least reasons why this would not be a "good idea.") While I know I can run a side-car service to support this, I'd very much like to leverage existing atproto tools/tech.

My strategy is that, for data with any NSID in the form local.* (per RFC6762) or perhaps localhost.* (per RFC2606), disable update event generation and contribution to CBOR packaging.

A possible enhancement would be to enable storage of such "private" data to other data-stores via a startup feature flag and adding support for CRUD operations via custom interfaces to external storage.

Ok all, rip me to shreds, please. ;)

Thanks.

[DavidBuchanan314]

I think this could work. You'd still want to CBOR-ify it (since CIDs are integral to various APIs, and the data model in general), but you could skip MST updates and the firehose broadcast. You'd need to make sure the records can only be fetched by the currently-authed user (from their own repo).