A major release of the immudb 1.0 database engine is introduced, guaranteeing the immutability and preservation of all data ever added, as well as providing protection against retroactive changes and enabling cryptographic proof of ownership of data. Initially, the project developed as a specialized NoSQL-storage that manipulates data in the key/value format, but since release 1.0 immudb has been positioned as a full-fledged DBMS with SQL support. The project code is written in Go and distributed under the Apache 2.0 license.
Information in immudb is stored using a blockchain-like structure that guarantees the integrity of the entire chain of existing records and does not allow changing already stored data or replacing / inserting a record into the transaction history. The repository only supports the addition of new data, without the possibility of deleting or changing information already added. An attempt to change records in the DBMS only leads to saving a new version of the record, the old data is not lost and remains available in the change history.
At the same time, unlike typical blockchain-based solutions, immudb allows you to achieve performance at the level of millions of transactions per second and can be used to run lightweight services or to embed its functionality into applications in the form of a library.
High performance is achieved through the use of an LSM (Log-structured merge-tree) tree with a log of values, which provides fast access to records with a high intensity of data addition. To maintain the integrity of the storage, a Merkle Tree tree structure is additionally involved, in which each branch verifies all underlying branches and nodes due to joint (tree) hashing. Having a final hash, the user can verify the correctness of the entire history of operations, as well as the correctness of the past states of the database (the root verification hash of the new state of the database is calculated taking into account the past state).
Clients and auditors are provided with cryptographic proof of data ownership and integrity. The use of public key cryptography does not require the client to trust the server, and the connection of each new client to the DBMS increases the overall level of trust in the entire repository. Public keys and key revocation lists are stored in the database, and when performing encryption operations, Intel SGX enclaves can be used.
From the functionality of the DBMS, SQL support, key / value storage mode, indexes, database sharding (sharding), creating data state snapshots, ACID transactions with support for snapshot isolation (SSI), high read and write performance, optimizations for efficient operation on SSD- drives, support for working in the form of a server and an embedded library, support for the REST API and the presence of a web interface for management. Typical applications where DBMS like immudb are in demand include credit card transactions, storage of public keys, digital certificates, checksums and logs, creation of duplicate storage for important fields in traditional DBMS. Client libraries for working with immudb are prepared for Go, Java, .NET, Python and Node.js.
Key improvements in immudb 1.0 release:
- Support for SQL with the ability to protect rows from hidden modification.
- TimeTravel mode, which makes it possible to switch the state of the database to a certain moment in the past. Including the data cut time can be set at the level of individual subqueries, which simplifies the analysis of changes and comparison of data.
- Support for the PostgreSQL client protocol, which allows you to use existing applications and libraries designed to work with PostgreSQL with immudb. Including, in addition to native client libraries, you can use typical Ruby, C, JDBC, PHP, and Perl client libraries.
- Web Console for interactive data navigation and DBMS administration. Through the web interface, you can send requests, create users and manage data. Additionally, the Playground learning environment is available.
Source: opennet.ru