# How it works

Download the immudb short research paper (opens new window) to learn about the technical foundations of immudb.

This section is not yet ready for immudb 0.9. We are working on it in order to improve it and we are close to deliver. Stay tuned!

# Adding data

This section is not yet ready for immudb 0.9. We are working on it in order to improve it and we are close to deliver. Stay tuned!

# Checking data consistency

This section is not yet ready for immudb 0.9. We are working on it in order to improve it and we are close to deliver. Stay tuned!

# State signature

Providing immudb with a signing key enables the cryptographic state signature. That means that an auditor or a third party client, for instance, could verify the authenticity of the returned current state after calling the currentState gRPC method. Here are the gRPC message definitions:

message ImmutableState {
	uint64 txId = 3;
	bytes txHash = 4;
	Signature signature = 5;
}

message Signature {
	bytes signature = 1;
	bytes publicKey = 2;
}

Check state signature and verify state signature paragraphs for additional details.

Immuclient and immugw (opens new window) are shipped with auditor capabilities. To get the signed state in combination with the auditor, launch...

  • ...immuclient with auditor capabilities:
immuclient audit-mode --audit-username {immudb-username} --audit-password {immudb-pw} --audit-signature validate
./immugw --audit --audit-username {immudb-username} --audit-password {immudb-pw} --audit-signature validate

# Item References

Enables the insertion of a special entry that references another item.

# Primary Index

The primary index enables queries and search based on the data key.

# Secondary Index

The secondary index enables queries and search based on the data value.

# Cryptographic signatures

A signature (PKI) provided by the client can become part of the insertion process.

# Authentication (transport)

Integrated mTLS offers the best approach for machine-to-machine authentication, also providing communications security (entryption) over the transport channel.

# immugw communication

immugw can be found in its own repository (opens new window)

immugw proxies REST client communication and gRPC server interface. For security reasons, immugw should not run on the same server as immudb. The following diagram shows how the communication works:

immugw communication explained