Fully delete / wipe remote DWN

[bnonni]

It would be nice, especially for development puposes, to have an easy way to wipe the data store of a remote dwn. @csuwildcat said "We need a command like that, but don't have it." Consider this issue as the starting point for discussion on how to achieve this behavior. My initial idea is something simple: Create a function that proxies the functionality of web5.dwn.records.query and runs record.delete on each returned record. Same goes for web5.dwn.protocols.query but instead of .delete do a web5.dwn.protocols.configure({}); this could be exposed in @web5/api as web5.dwn.wipe. Open to other ideas.

[andorsk]

should you be able to partial wipe based on a subset of permissions or should wiping be bound only to tenant based activities?

i.e I Alice authored 1000 messages to Bob's remote node and has write permission. Can Alice purge records from Bob via wipe or is wipe bound to only tenant?

also, a thought to call it purge or prune. Not wipe.

[csuwildcat]

@andorsk we are using the word 'prune' already for deep deletes

[alanhkarp]

Fully deleting and wiping a remote data store are not necessarily the same thing. Wiping removes all content but may leave other metadata, such as the data store identity. That can be a problem when a test shouldn't know a new data store's identity. Fully deleting and starting a new data store avoids this hazard. (I'm particularly sensitive to this effect because it caused me a lot of pain debugging some tests.)

[bnonni]

@andorsk great thoughts. I really appreciate the immediate feedback. Given that prune exists for deep deletes, maybe purge is a better naming convention. I agree that permission-based purging is a good feature, and that's a great question to ask. My reaction is a question: What are the use cases for Bob creating a protocol permission for allowing others to purge records? Immediate first use case that comes to mind is a chat app where Alice wants to delete messages for both she and bob in the thread mimicking the functionality of signal and telegram when you delete a message in a conversation, you get prompted to delete it for either "Just You" or "You and <Other User(s) in Chat>". Delete for me purges the record from Alice's DWN. Delete for everyone purges the record on both sides.

Telegram example

Signal Example

@alanhkarp great point! Maybe there's room for multiple methods or a single method with args to allow for toggling partial delete based on some set of permissions and filter vs. full delete vs. wipe/purge.

As it stands, I believe I achieved similar results while testing by querying all records available to my DID in my DWN, iterated over them and deleted each one. Then did essentially the same thing for protocols by writing {}. This is effectively a "wipe" or "purge" but not a full delete.

Taking all this into consideration, I think a way to distinguish and outline these feature could be:

• fullDelete
  • tenant only
  • deletes all records, metadata and protocols
  • alternative names could be destroy or remove
• purge
  • permission-based
  • can be done in local and sent to remote + recipient dwn
  • adds new protocol role for purge / co-purge, destroy / co-destroy, remove / co-remove or rm / co-rm

Looks like there's already roles for CoDelete = 'co-delete' and CoPrune = 'co-prune', so any of the above naming conventions fit nicely.

[alanhkarp]

Or perhaps

remove: Completely deletes the datastore so that it's identity no longer exists.

empty: Removes the content but keeps the same identity and metadata.

restart: Equivalent to delete followed by create but the identity remains the same.

This last case is useful for testing because you don't have to communicate the identity to everyone who needs it for the next test.