API reference / @evolu/common / Evolu/Owner
Evolu/Owner
Evolu Owner - Data Ownership and Collaboration
An Owner is an entity that represents ownership of data in Evolu. It consists of cryptographic keys derived from a Mnemonic via SLIP-21:
- OwnerId: Globally unique public identifier
- EncryptionKey: Symmetric encryption key for data protection
- WriteKey: Authentication token for write operations
Every Evolu app has at least one owner, the AppOwner. There are several owner variants for different use cases:
ShardOwner: Derived from AppOwner for partitioning data and selective synchronization using createShardOwner
SharedOwner: Created for collaboration with write access, not meant to be shared directly
SharedReadonlyOwner: Read-only version for safe data sharing, created from SharedOwner using createSharedReadonlyOwner
Owners are designed for data synchronization and backup. Authentication systems built on public/private key cryptography use these primitives. This design ensures Evolu Relay knows as little as possible - it only sees Timestamp, OwnerId, and EncryptedDbChange.
Interfaces
| Interface | Description |
|---|---|
| AppOwner | The owner representing app data. Can be created from a Mnemonic or from external keys when the mnemonic should not be shared with the Evolu app. |
| Owner | Represents ownership of data in Evolu. Created from a Mnemonic via SLIP-21 key derivation using createOwner, providing cryptographic keys for data access and authentication. |
| ShardOwner | Owner for sharding app data. Allows partitioning of database changes for selective synchronization. |
| SharedOwner | Owner for collaborative data with write access. Created by a user for their own use, not meant to be shared directly. To share data, use createSharedReadonlyOwner to create a SharedReadonlyOwner for read-only access. |
| SharedReadonlyOwner | Read-only version of a SharedOwner for data sharing. Contains only the OwnerId and EncryptionKey needed for others to read the shared data without write access. |
Type Aliases
| Type Alias | Description |
|---|---|
| OwnerId | - |
| WriteKey | - |
Variables
| Variable | Description |
|---|---|
| OwnerId | The unique identifier of Owner derived from the Mnemonic. |
| WriteKey | A secure token proving that the initiator can write changes. Derived from a mnemonic or randomly generated via createWriteKey. It is rotatable. |
| writeKeyLength | - |
Functions
| Function | Description |
|---|---|
| createAppOwner | - |
| createOwner | Creates an Owner from a Mnemonic using SLIP-21 key derivation. |
| createOwnerFromMnemonicSeed | Creates an Owner from a MnemonicSeed using SLIP-21 key derivation. |
| createShardOwner | Creates a ShardOwner derived from an AppOwner using the specified path. |
| createSharedOwner | Creates a SharedOwner with a freshly generated Mnemonic. |
| createSharedReadonlyOwner | Creates a SharedReadonlyOwner from a SharedOwner. |
| createWriteKey | Creates a randomly generated WriteKey. |
| rotateWriteKey | Rotates the WriteKey for an AppOwner, ShardOwner, or SharedOwner, returning a new instance with the updated key. |