@welshare/sdk
    Preparing search index...

    Function uploadAndEncryptFile

    • Encrypt and upload a file to Welshare storage.

      This function handles the complete upload flow:

      1. Requests a presigned S3 URL from the Welshare API
      2. Generates a new AES-256-GCM key and encrypts the file
      3. Uploads the encrypted data to S3
      4. Stores the file metadata (including encryption key) on Nillion

      Parameters

      • keypair: SessionKeypair

        The user's session keypair for authentication

      • file: File

        The File object to upload

      • options: UploadAndEncryptFileOptions

        Upload options including reference and applicationId

      • environment: WelshareApiEnvironment | "production" | "staging" | "preview" | "development"

        The Welshare API environment (name or config object)

      Returns Promise<UploadAndEncryptFileResult>

      Promise containing insertedUid, url, encryptionKey, and any errors

      import { WelshareApi, resolveEnvironment } from "@welshare/sdk";

      const result = await WelshareApi.uploadAndEncryptFile(
        keypair,
        file,
        {
          reference: `questionnaire/${questionnaireId}/photo`,
          applicationId: "my-app-id",
        },
        "production"
      );

      console.log("File uploaded:", result.insertedUid);
      console.log("File URL:", result.url);

      // Use in a FHIR QuestionnaireResponse attachment
      const attachment = {
        id: result.insertedUid,
        contentType: file.type,
        size: file.size,
        title: file.name,
        url: result.url,
      };

      Side effects:

      • Makes HTTP requests to the Welshare API for S3 presigned URLs
      • Uploads encrypted file data to S3 storage
      • Creates a new document in the Nillion binary files collection
      • Grants the application read access to the file metadata

      Security notes:

      • A new random AES-256-GCM key is generated for each file
      • Files are encrypted client-side before leaving the user's environment
      • Encryption keys are threshold-encrypted and distributed across Nillion nodes
      • No single server can recover the encryption key

    Settings

    Member Visibility