🔥 Storacha – Super Hot Decentralized Storage on IPFS and Filecoin with UCAN

Web3 talks a lot about user ownership, decentralization, and privacy But most apps still rely on API keys, centralized auth servers, and custodial recovery systems. Storacha + UCAN changes that completely.

UCAN lets you delegate permissions instead of accounts. Storacha uses this to build passwordless, non-custodial, user-owned storage.

• No API keys.
• No centralized auth server.
• No platform lock-in.

Storacha is decentralized storage, but a hot new take. Storacha transforms web3.storage into a community-driven, decentralized hot storage network.

Storacha Key Concepts (Simple Definitions)

1. Spaces: Your Storage = Your Identity

In Storacha, your storage lives inside a Space.

• A Space is identified by a DID (Decentralized Identifier)
• It represents your namespace
• Files, blobs, and data belong to this Space—not an app

Think of it like this:

Google Drive account → Centralized identity
Storacha Space → Cryptographic identity (DID)


You own it. You control who can access it.

2. Agents: Permission Holders (Not Accounts)

An Agent is a local session (browser, backend, CLI, mobile app) that holds delegated permissions.

• Agents do NOT own data
• They only act within delegated capabilities
• Permissions can expire or be revoked

Example agents:

• A frontend web app
• A backend service
• A user’s browser session
• A mobile app instance

3. Capabilities: Fine-Grained Permissions

UCAN doesn’t give “full access”.

Instead, it grants capabilities like:

• space/blob/add → upload blobs
• space/blob/read → read data
• filecoin/offer → make storage deals
• space/admin → manage space

Each delegation is:

• Scoped (what can be done)
• Optional time-limited
• Cryptographically verifiable

4. Delegation Chains: How Authority Flows

Permissions flow through delegation chains, not logins.

Example:

Space (DID)
↓ delegates
Backend Agent
↓ delegates
User
↓ delegates
Frontend App


Every step:

• Is signed
• Is verifiable
• Has a cryptographic audit trail

No central authority required.

Don’t miss to checkout Storacha Portfolio – All Project Implementations

This repository contains my complete Storacha learning journey with implementations for all projects.

The Magic Feature: Email Recovery for Storacha

This is where Storacha truly shines.

The Problem with Web3 Recovery

• Lose your key → lose your data
• Custodial recovery → breaks decentralization

Storacha’s Solution

Your Space delegates recovery permissions to your email using UCAN.

How it works:

1. Your Space grants a delegation to your email identity
2. You lose access (device lost, keys gone)
3. You verify your email
4. You reclaim delegated permissions

✅ No one holds your keys
✅ No centralized recovery service
✅ No custodian

Recovery is permission-based, not account-based.

Developer Superpowers with UCAN + Storacha

This system unlocks entirely new application architectures.

1. Users Own Their Data

Apps don’t own storage.
Users do.

Apps receive temporary, scoped access only.

2. Permission-Based App Design

You can delegate:

• Read-only access
• Upload-only access
• Admin access
• Time-limited access (expiring tokens)

No API key rotation.
No OAuth servers.

3. Multi-Tenant Apps Without Managing Storage

Instead of:

• Managing buckets
• Handling user uploads
• Running proxy servers

You simply:

• Delegate permissions
• Let users interact directly with storage

Real Example: Backend Delegating Upload Permissions

Traditional Web App Flow

User → Backend → Storage


Problems:

• Backend becomes a bottleneck
• API keys exposed
• High infra costs

UCAN + Storacha Flow (Better)

Backend
└─ delegates upload permission
↓
User uploads directly to YOUR Space


Benefits:

• No backend proxy
• No exposed API keys
• Users act with your permissions, safely scoped

Security Benefits of Storacha

1. No API Keys in the Frontend

• Users receive time-limited UCAN tokens
• Tokens are scoped to specific actions
• Even if leaked → limited damage

2. No Single Point of Failure

• Auth verification happens locally
• No centralized auth server to attack
• No OAuth outage risk

3. Cryptographic Audit Trail

Every permission:

• Who delegated it
• To whom
• For what
• For how long

All verifiable.

4. Fully Revocable Access

• Delegations can be invalidated
• Expiring tokens auto-revoke
• No need to rotate secrets

The Bigger Picture: Why is the Future

UCAN + Storacha is not just storage tech.

It enables:

1. Serverless Backends for Storacha

• Frontends talk directly to storage using delegated auth.

2. Data Portability

• Users can move data between apps without migration hell.

3. Privacy-First Architecture

• No central server tracking user behavior.

4. True Web3 UX

• Passwordless
• Non-custodial
• User-owned

Getting Started Today

You can experiment right now:

1. Generate a Space

• This creates your DID

2. Create an Agent

• Browser, backend, or CLI

3. Issue a UCAN Delegation

• Define permissions and expiry

4. Delegate to Users or Apps

• Upload-only
• Read-only
• Admin

5. Inspect the Delegation Chain

• See cryptographic proof of authority

All tools are already live.

Final Thought

UCAN replaces accounts with authority.
Storacha turns storage into infrastructure owned by users—not platforms.

If you care about:

• Decentralization
• Privacy
• Developer simplicity
• Future-proof app design

UCAN + Storacha is worth learning today—not later.

🌐 Storacha on Social

To stay up to date with the latest news and developments about Storacha and the upcoming airdrop, make sure to follow and subscribe.

App

Docs

Medium

Twitter

Discord

Github