It appears that the Gun functionality is quite impressive - both practical and user-friendly! However, I am having trouble grasping the distinction between a public space put, a user space put, and a frozen space put. I've tried to illustrate this with some straightforward examples:
Public Space
let gun = Gun()
gun.put('hello') // Is this a public space put that anyone can edit?
User Space
let user = gun.user()
user.create('Bob','password123',console.log)
user.auth('Bob' ,'password123',console.log)
user.get('test').put("Bob's text")
let user2 = gun.user()
user2.create('Eve','password456',console.log)
user2.auth('Eve' ,'password456',console.log)
user2.get('test').put("Eve's text")
gun.get('test').once(console.log)
// Would this result in separately indexed entries in the database?
// Is the verification integrated or left to the app developer?
Frozen Space
// Taken from the example:
var data = "hello world";
var hash = await SEA.work(data, null, null, {name: "SHA-256"});
gun.get('#').get(hash).put(data);
// Could another user potentially replace the value associated with this hash key? Is it the responsibility of the app developer to validate the returned result (and remove peers that provide incorrect information)?
If a user could select any relay server (even ones that tamper with data randomly), how much of the authentication (user space) and content identification (frozen) is handled by the GUN protocol, and how much falls on the app developer(s)?
Can someone enhance the examples provided above?
EDIT
According to the documentation:
This is beneficial because it allows you to confirm that data has not been altered even if it is stored in a public space. Additionally, when using SEA with GUN, peers are prevented from modifying the data if a specific name/key combination of '#'+hash is utilized.
It appears that the content addressing, frozen space, is inherently integrated into the system.