Pinata is an IPFS hosting service offering an easy-to-use API for pinning and managing files. IPFS, the InterPlanetary File System, is a decentralized storage solution designed for a faster, safer, and more open internet. In this documentation, we'll cover IPFS basics, Pinata's role, handling Pinata access keys (JWT), and limiting their scope.
Our service provides both on-chain and off-chain self-custody for true decentralization, in contrast to many centralized NFT creation platforms like AlgoGems, which use their own IPFS solutions and retain custody of uploaded images.
We'll also discuss how Pinata API keys are securely stored in encrypted local storage and why leaked Pinata keys are not as concerning as they might appear. By the end of this guide, you'll have a solid understanding of Pinata IPFS hosting, API key management, and the benefits of using a service that offers self-custody for on-chain and off-chain data.
The InterPlanetary File System (IPFS) is a distributed and peer-to-peer file storage protocol designed to make the web faster, safer, and more open. It works by splitting files into smaller chunks, cryptographically hashing them, and assigning a unique content identifier (CID) to each chunk. IPFS provides a decentralized and tamper-resistant way of storing and retrieving files, as well as a way to minimize storage costs by reusing common chunks across files.
Pinata is an IPFS pinning service that allows you to store files on their IPFS nodes, making it easier for you to manage your files within the IPFS ecosystem. By using Pinata's API, you can easily upload, manage, and retrieve files on their IPFS nodes without having to set up and maintain your own IPFS infrastructure.
Many NFT creation platforms operate in a centralized manner, using their own IPFS solution to maintain custody over the images and data that are uploaded to IPFS. This can limit the level of control and autonomy that users have over their own content.
In contrast, our service offers both on-chain and off-chain self-custody, allowing users to maintain full control and custody over their data, even when it's stored off-chain. This ensures a truly decentralized experience and aligns with the core principles of blockchain technology.
By using our service, you can enjoy the benefits of decentralization and retain full ownership of your digital assets and their associated data. This empowers you to leverage the potential of blockchain technology and build applications with a higher level of trust and transparency.
To interact with Pinata's API, you need to create an access key (JWT). Pinata offers scoped API keys, which provide you with more control over your API keys by allowing you to:
When creating an API key, it is important to limit its scope by only allowing file uploads. This can be done by selecting the appropriate checkbox while creating the key. In case your key is compromised, it will only allow unauthorized users to upload files, which is less impactful than granting full access to your account.
