CRUD

AI-Generated Content

This comprehensive explanation has been generated from 32 GitHub source documents. All source documents are searchable here.

Last updated: October 7, 2025

This content is meant to be consumed by AI agents via MCP. Click here to get the MCP configuration.
Note: In rare cases it may contain LLM hallucinations.
For authoritative documentation, please consult the official GLEIF vLEI trainings and the ToIP Glossary.

Short Definition

CRUD (Create, Read, Update, Delete) is the traditional client-server database update policy where a centralized server has authority to create, read, update, and delete records on behalf of clients, contrasted with KERI's decentralized RUN (Read, Update, Nullify) model.

No related concepts available

Comprehensive Explanation

CRUD

Definition

CRUD stands for Create, Read, Update, Delete and represents the traditional operational model for data management in centralized client-server architectures. In CRUD systems, a centralized server maintains authoritative control over data lifecycle operations, creating records on behalf of clients, allowing read access, enabling updates to existing records, and permanently deleting data when requested.

Context in KERI/ACDC

KERI explicitly rejects the CRUD model in favor of RUN (Read, Update, Nullify) to support its decentralized, end-verifiable architecture. This paradigm shift is fundamental to KERI's security model and represents a core philosophical difference from traditional identity systems.

Why KERI Avoids CRUD

The CRUD model creates several problems for decentralized identity systems:

Centralized Authority: CRUD assumes a server has authority to create and delete records, which contradicts KERI's principle that controllers are the sole source of authority over their AIDs
Deletion Breaks Verifiability: The Delete operation removes data from history, making it impossible to maintain the complete append-only event logs (KELs) that KERI requires for duplicity detection
Server-Side Creation: The Create operation implies servers generate data, whereas KERI requires that all data originates from who cryptographically sign their own events

Implementation Notes

Architectural Implications

When building KERI-based systems, developers must fundamentally rethink data management:

Database Design

Design databases as log stores rather than mutable record stores
Implement append-only data structures
Use nullification flags or status fields instead of deletion
Maintain complete audit trails for all state changes

API Design

Expose Read and Update endpoints, not Create or Delete
Ensure all updates include monotonic indicators (sequence numbers, timestamps)
Implement BADA policies for accepting updates
Validate that updates originate from authorized controllers

Migration from CRUD Systems

Transitioning from CRUD to RUN requires:

Audit existing deletion logic - replace with nullification
Identify server-side creation - move to controller-originated events
Preserve historical data - ensure no data loss during migration
Implement monotonic ordering - add sequence numbers and timestamps

Loading vLEI.wiki

CRUD

Short Definition

Comprehensive Explanation

CRUD

Definition

Context in KERI/ACDC

Why KERI Avoids CRUD

Implementation Notes

Architectural Implications

Database Design

API Design

Migration from CRUD Systems

The RUN Alternative

OOBI Context: "Running Off the CRUD"

Security Implications

Loading vLEI.wiki

Short Definition

Related Concepts

Comprehensive Explanation

CRUD

Definition

Context in KERI/ACDC

Why KERI Avoids CRUD

Implementation Notes

Architectural Implications

Database Design

API Design

Migration from CRUD Systems

The RUN Alternative

OOBI Context: "Running Off the CRUD"

Security Implications

Related Terms