TLaaS (LEX) — On‑Chain vs IPFS/Arweave Storage: Data Storage Strategies

1. Purpose

Define secure, scalable, and cost‑optimized data storage strategies for TLaaS (LEX) license metadata, proofs, and associated assets. Ensure compliance, immutability, and retrieval reliability while maintaining interoperability with TLAAS (DLA) for verification and DAL for governance oversight.

2. Design Principles

  • Deterministic Referencing: All off‑chain assets referenced by immutable content hashes (e.g., IPFS CIDv1, Arweave TX IDs).
  • Minimal On‑Chain Storage: Only critical data and proofs stored on‑chain (hashes, signatures, essential state).
  • Hybrid Architecture: Combine blockchain storage for verification and decentralized file storage for bulk data.
  • Redundancy: Multiple pinning and replication strategies to avoid single points of failure.

3. Data Classification

  • On‑Chain Only: License identifiers, state, payment proofs, compliance attestations.
  • Off‑Chain (Decentralized): Full license documents, media, extended metadata.
  • Off‑Chain (Controlled): Private compliance files, KYC data (encrypted, access‑controlled).

4. On‑Chain Storage Implementation

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

contract LicenseRegistry {
    struct LicenseRecord {
        bytes32 metadataHash; // IPFS CID hashed to bytes32
        uint256 issuedAt;
    }
    mapping(bytes32 => LicenseRecord) public records;

    function registerLicense(bytes32 id, bytes32 hash) external {
        records[id] = LicenseRecord({ metadataHash: hash, issuedAt: block.timestamp });
        emit LicenseRegistered(id, hash);
    }
    event LicenseRegistered(bytes32 indexed id, bytes32 hash);
}

5. IPFS Strategy

  • CID Version: Use CIDv1 in Base32 for URL safety.
  • Pinning: Leverage multiple pinning services + self‑hosted IPFS nodes.
  • Content Verification: Clients verify retrieved files match on‑chain hash.

Integration Example (JavaScript) 

import { create } from 'ipfs-http-client';
const ipfs = create({ url: 'https://ipfs.infura.io:5001/api/v0' });

async function storeMetadata(obj) {
  const { cid } = await ipfs.add(JSON.stringify(obj));
  return cid.toV1().toString();
}

6. Arweave Strategy

  • Permanent Storage: Use Arweave for perpetual hosting of compliance‑critical assets.
  • Transaction Anchoring: Store Arweave TX ID on‑chain for verification.
  • Bundling: Combine multiple small files into a single Arweave bundle to optimize costs.

Solidity Reference 

bytes32 public arweaveTxId;
function setArweaveTx(bytes32 _txId) external onlyOwner {
    arweaveTxId = _txId;
}

7. Hybrid Flow (On‑Chain + IPFS/Arweave)

  1. Generate metadata JSON.
  2. Store JSON on IPFS or Arweave.
  3. Hash CID/TX ID and store hash on‑chain.
  4. Use DAL governance to approve storage provider changes.

8. Security & Compliance

  • Immutable Hash Anchoring: Prevents tampering of off‑chain data.
  • Encryption: AES‑256‑GCM for sensitive metadata before off‑chain storage.
  • Access Control: Enforce retrieval permissions via signed URLs or encryption keys.

9. Integration with TLAAS & DAL

  • TLAAS (DLA): Verifies that referenced off‑chain content matches on‑chain hashes before license activation.
  • DAL: Approves or revokes storage providers; arbitrates disputes over data integrity.

10. Operational Runbook

  • Pin/re‑pin strategy schedule.
  • Verify hashes monthly.
  • Migrate to new providers if uptime SLAs fail.
  • Maintain encryption keys in HSM or multisig‑protected vault.

11. Acceptance Criteria

  • All off‑chain data retrievable via multiple gateways.
  • On‑chain references immutable and match content.
  • Encryption and compliance rules enforced.
  • No single point of storage failure.

Next Article: License Proof Generation & Zero‑Knowledge Verification

Was this article helpful?

TLaaS (LEX) — Off‑Chain Compute Oracles for Advanced Compliance Checking
TLaaS (LEX) — Oracle & KYC Integration: Off-Chain Data Verification Patterns