From 3d4aef32efadd374d23c93abdd123eafac43c1a0 Mon Sep 17 00:00:00 2001
From: Mary Anthony <mary@blockstack.com>
Date: Tue, 3 Sep 2019 09:47:03 -0700
Subject: [PATCH] #231 clarify encrypt/decrypt

Signed-off-by: Mary Anthony <mary@blockstack.com>
---
 _browser/blockstack_storage.md | 5 +++--
 _browser/todo-list.md          | 7 +++----
 _core/attic/gaia.md            | 2 +-
 _data/glossary.csv             | 2 +-
 _develop/zero_to_dapp_3.md     | 5 ++---
 _develop/zero_to_dapp_3_win.md | 5 ++---
 _includes/keyphrase.md         | 2 +-
 _storage/write-to-read.md      | 4 +++-
 8 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/_browser/blockstack_storage.md b/_browser/blockstack_storage.md
index d8d06648..0d98e5b7 100644
--- a/_browser/blockstack_storage.md
+++ b/_browser/blockstack_storage.md
@@ -404,6 +404,8 @@ These are the `UserSession.putFile`, `UserSession.getFile`, and `lookupProfile`
     }
     ```
 
+    The default behavior for  `putFile()` is to encrypt data when storing it, making it unreadable by everyone except the logged in user. In this example  `putFile()` call is not encrypting the status because our app is meant to share statuses publicly. 
+
 9. Save the `Profile.js` file.
 
    After the application compiles successfully, your application should appears as follows:
@@ -458,6 +460,7 @@ Update `Profile.js` again.
         })
     }
     ```
+   By default, `getFile()` this method decrypts data; because the default `putFile()` encrypts it. In this case, the app shares statuses publicly. So, there is no need to decrypt.
 
 5. Call `fetchData()` from the `componentDidMount()` method. 
 
@@ -770,8 +773,6 @@ process URL paths that contain the `.` (dot) character for example,
 Congratulations, you are all done! We hope you've enjoyed learning a bit more
 about Blockstack. 
 
-A few things to note, you'll notice that in our `putFile()` and `getFile()` calls, we chose not to encrypt/decrypt because our app is meant to share statuses publicly. By default, `putFile()` and `getFile()` will encrypt all data stored, making it unreadable by everyone except the logged in user.
-
 ## Resources
 
 [Complete source code](https://github.com/yknl/publik)
diff --git a/_browser/todo-list.md b/_browser/todo-list.md
index 96a9043f..e4356d4f 100644
--- a/_browser/todo-list.md
+++ b/_browser/todo-list.md
@@ -310,7 +310,6 @@ watch: {
       handler: function (todos) {
         const UserSession = this.UserSession
 
-        // encryption is now enabled by default
         return UserSession.putFile(STORAGE_FILE, JSON.stringify(todos))
       },
       deep: true
@@ -320,14 +319,14 @@ watch: {
 
 The `todos` JSON object is passed in and the
 [`blockstack.UserSession.putFile()`](https://blockstack.github.io/blockstack.js/#putfile)
-method to store it in a Gaia Hub.
+method to store it in a Gaia Hub. By default, `putFile()` encrypts data when it stores it.
 
 The code needs to read the Todo items from the storage with the [`blockstack.UserSession.getFile()`](https://blockstack.github.io/blockstack.js/#getfile) method which returns a promise:
 
 ```js
 fetchData () {
       const UserSession = this.UserSession
-      UserSession.getFile(STORAGE_FILE) // decryption is enabled by default
+      UserSession.getFile(STORAGE_FILE) 
         .then((todosText) => {
           var todos = JSON.parse(todosText || '[]')
           todos.forEach(function (todo, index) {
@@ -339,7 +338,7 @@ fetchData () {
 },
 ```
 
-The `todos` data is retrieved from the promise.
+The `todos` data is retrieved from the promise. By default, the `getFile()` decrypts data for you. For more information on the available options, see the <a href="https://blockstack.github.io/blockstack.js/interfaces/getfileoptions.html" taraget="_blank"><code>GetFileOptions</code></a> interface.
 
 
 ## Summary
diff --git a/_core/attic/gaia.md b/_core/attic/gaia.md
index b63e0536..086a86a5 100644
--- a/_core/attic/gaia.md
+++ b/_core/attic/gaia.md
@@ -34,7 +34,7 @@ collection of data that is backed by one or more existing storage systems.
 When a user logs into an application, the application will create or connect to
 the datastore that holds the user's data.  Once connected, it can proceed to
 interact with its data via POSIX-like functions: `mkdir`, `listdir`, `rmdir`,
-`getFile`, `putFile`, `deleteFile`, and `stat`.
+`getFile()`, `putFile()`, `deleteFile`, and `stat`.
 
 A datastore has exactly one writer: the user that creates it.  However, all data
 within a datastore is world-readable by default, so other users can see the
diff --git a/_data/glossary.csv b/_data/glossary.csv
index b4805444..3601874e 100644
--- a/_data/glossary.csv
+++ b/_data/glossary.csv
@@ -33,7 +33,7 @@ identity management (IDM),"Identity management, also known as identity and acces
 know your customer (KYC),"Or KYC, is a popular term used in the banking or financial field. KYC is a process where financial institutions, insurers and other companies obtain information about the identity and address of the customers as part of risk management."
 KYC,See know your customer
 light clients,Clients that can independently validate the existence of transactions by downloading only block headers and not the entire blockchain.
-Magic Recovery Code,"<p>An long encrypted string, for example:</p> <p> <code>36mWivFdy0YPH2z31EflpQz/Y0UMrOrJ++lH=0EI7c3mop2JuRBm5WXxSTazJsUjOA...</code></p> <p>Do not share the QR code that accompanied your code either. This is a QR code:</p> <img src=""/org/images/qr-code.png""/>"
+Magic Recovery Code,"<p>An long encrypted string, for example:</p> <p> <code>36mWivFdy0YPH2z31EflpQz/Y0UMrOrJ++lH=0EI7c3mop2JuRBm5WXxSTazJsUjOA...</code></p> <p>Do not share the QR code that accompanied your recovery code either. This is a QR code:</p> <img src=""/org/images/qr-code.png""/>"
 mesh network,"A local network topology in which the infrastructure nodes (i.e. bridges, switches, and other infrastructure devices) connect directly, dynamically and non-hierarchically to as many other nodes as possible and cooperate with one another to efficiently route data from/to clients."
 mining,Mining generally refers to the process of performing certain functions for a network such as adding new records to a blockchain in exchange for mining rewards; it may also refer to other mechanisms whereby rewards (usually in the form of cryptocurrency) are provided for performing other tasks helpful to the network.
 mining power,"A miner’s (or group of miners’) mining power is equal to the probability it will be selected to write a new block to the blockchain. Depending on the mechanism for mining, this is usually related to the overall share of computing power or cryptoassets the miner or miners possess relative to all miners for that blockchain."
diff --git a/_develop/zero_to_dapp_3.md b/_develop/zero_to_dapp_3.md
index d19ccd0c..8132689e 100644
--- a/_develop/zero_to_dapp_3.md
+++ b/_develop/zero_to_dapp_3.md
@@ -155,7 +155,7 @@ Most of the imports in this file are locally coded React components. For example
 The `loadMe()` code uses the Blockstack's `UserSession.getFile()` method to get
 the specified file from the applications data store. If the users' data store on
 Gaia does not have the data, which is the case for new users, the Gaia hub
-responds with HTTP `404` code and the `getFile` promise resolves to null. If you
+responds with HTTP `404` code and the `getFile()` promise resolves to null. If you
 are using a Chrome Developer Tools with the DApp, you'll see these errors in a
 browser's developer **Console**.
 
@@ -177,8 +177,7 @@ saveMe(me) {
 
 The Blockstack <a href="https://blockstack.github.io/blockstack.js/#putfile"
 target="\_blank"><code>putFile()</code></a> stores the data provided in the
-user's DApp data store. You can view the URL for the data store from a user's
-profile.
+user's DApp data store. By default, `putFile()` stores data in an encrypted format which means only user that stored it can view it. You can view the URL for the data store from a user's profile. Because this application wants other users to view the persona and territory, the data is not encrypted, so the `encrypt` option is set to `false`.
 
 If you tested your Animal Kingdom, you can see this on your profile. To see your
 profile, go to the <a href="https://explorer.blockstack.org">Blockstack
diff --git a/_develop/zero_to_dapp_3_win.md b/_develop/zero_to_dapp_3_win.md
index 3227c386..ea6eb507 100644
--- a/_develop/zero_to_dapp_3_win.md
+++ b/_develop/zero_to_dapp_3_win.md
@@ -155,7 +155,7 @@ Most of the imports in this file are locally coded React components. For example
 The `loadMe()` code uses the Blockstack's `UserSession.getFile()` method to get
 the specified file from the applications data store. If the users' data store on
 Gaia does not have the data, which is the case for new users, the Gaia hub
-responds with HTTP `404` code and the `getFile` promise resolves to null. If you
+responds with HTTP `404` code and the `getFile()` promise resolves to null. If you
 are using a Chrome Developer Tools with the DApp, you'll see these errors in a
 browser's developer **Console**.
 
@@ -177,8 +177,7 @@ saveMe(me) {
 
 The Blockstack <a href="https://blockstack.github.io/blockstack.js/#putfile"
 target="\_blank"><code>putFile()</code></a> stores the data provided in the
-user's DApp data store. You can view the URL for the data store from a user's
-profile.
+user's DApp data store. By default, `putFile()` stores data in an encrypted format which means only user that stored it can view it. You can view the URL for the data store from a user's profile. Because this application wants other users to view the persona and territory, the data is not encrypted, so the `encrypt` option is set to `false`.
 
 If you tested your Animal Kingdom, you can see this on your profile. To see your
 profile, go to the <a href="https://explorer.blockstack.org">Blockstack
diff --git a/_includes/keyphrase.md b/_includes/keyphrase.md
index 74c578c4..636799b5 100644
--- a/_includes/keyphrase.md
+++ b/_includes/keyphrase.md
@@ -32,7 +32,7 @@ Use the following table to answer questions about keys/phrases/values you can sh
    <tr valign="top">
       <td>Magic Recovery Code</td>
       <td><p>PROTECT</p></td>
-      <td><p>An long encrypted string, for example:</p> <p> <code>36mWivFdy0YPH2z31EflpQz/Y0UMrOrJ++lH=0EI7c3mop2JuRBm5WXxSTazJsUjOA...</code></p> <p>Do not share the QR code that accompanied your code either. This is a QR code:</p> <img src="/org/images/qr-code.png"/>
+      <td><p>An long encrypted string, for example:</p> <p> <code>36mWivFdy0YPH2z31EflpQz/Y0UMrOrJ++lH=0EI7c3mop2JuRBm5WXxSTazJsUjOA...</code></p> <p>Do not share the QR code that accompanied your recovery code either. This is a QR code:</p> <img src="/org/images/qr-code.png"/>
       </td>
    </tr>
    <tr valign="top">
diff --git a/_storage/write-to-read.md b/_storage/write-to-read.md
index f0f65829..011aa4aa 100644
--- a/_storage/write-to-read.md
+++ b/_storage/write-to-read.md
@@ -12,7 +12,7 @@ Once a user authenticates and a DApp obtains authentication, the application int
 
 Gaia is built on a driver model that supports many storage services. So, with
 very few lines of code, you can interact with providers on Amazon S3, Dropbox,
-and so forth.  The simple `getFile` and `putFile` interfaces are kept simple
+and so forth.  The simple `getFile()` and `putFile()` interfaces are kept simple
 because Blockstack assumes and wants to encourage a community of
 open-source-data-management libraries.
 
@@ -23,6 +23,8 @@ be able to read from the `https://myreads.com/foo/bar` URL. Note that, while the
 prefix in the write-to url (for example,`myhub.service.org/store`) and the read-from URL
 (`https://myreads.com`) are different, the `foo/bar` suffixes are the same.
 
+By default, `putFile()` encrypts information while `getFile()` decrypts it by default. Data stored in an encrypted format  means only user that stored it can view it. For applications that want other users to view data, the  `encrypt` option is set to `false`. And, corresponding, the `decrypt` option on `getFile()`
+
 Consistent, identical suffixes allow an application to know _exactly_ where a
 written file can be read from, given the read prefix. The Gaia service defines a `hub_info` endpoint to obtain that read prefix: