Share access with someone
Encrypted blobs are private to your wallet by default. To let another wallet decrypt one, you add them as a viewer on that specific blob — recorded on-chain, revocable any time.
The sharing model
Two roles:
The wallet that uploaded the blob. Can read, share, revoke, extend storage, and delete. You can't transfer ownership.
Wallets you've granted decrypt access to. They can fetch + decrypt the blob, but can't share it further or modify the viewer list.
Viewers are per-blob, not BlobStore-wide. Adding alice to blob_42 doesn't give her access to blob_99 — those are separate viewer lists.
Three ways to share
1. At upload time — "Initial viewers"
In the upload wizard's Config step, there's an Initial viewers field. Paste comma-separated Sui addresses to grant decrypt access at upload time. The viewer list lands on-chain in the same transaction as the blob's metadata — atomic, one signature.
The viewer doesn't have to do anything on their end; the access is automatic the next time they open the dapp.
2. From the Sharing page
After upload, go to Sharing in the sidebar to manage viewer lists across all your blobs.
The page shows a searchable list of your encrypted blobs. Click one to open its viewer panel.
Paste a Sui address, click "Add." A transaction prompt appears for
add_blob_share. Approve.
Click the × next to any address. Another transaction prompt for
remove_blob_share. Approve.
Both operations are individual on-chain transactions. Adding 5 viewers means 5 transactions. (Batch sharing is on the roadmap.)
3. The viewer revokes themselves
A viewer can remove their own access without your involvement. They go to
their Shared with Me page in the dapp, click your blob, and click
Remove access. The transaction comes from their wallet, hits your
BlobStore's revoke_self function, and they're off the list.
This is useful for the case where someone you shared with no longer needs access and wants to clean up their dapp's "Shared with Me" view.
What sharing actually does
Sharing is a SEAL-level grant, not a Walrus-level grant. Walrus storage remains permissionless — anyone can fetch the ciphertext. What sharing unlocks is the decryption side:
So "sharing access" technically means "adding your address to the on-chain allowlist that the SEAL key servers check before releasing key shares."
Sharing public (unencrypted) blobs
Public blobs don't need a viewer list — anyone with the Walrus blob id can fetch them. To "share" a public blob, copy its blob id from the Files tab and send the URL:
The Files tab has a copy button next to each blob id for exactly this.
Limits
| Per-blob viewer limit | 50 addresses |
| Why | Contract-side VecSet keeps the on-chain footprint bounded |
| Workaround | If you need more, contact the team about Enterprise |
Privacy considerations
| What's visible on-chain | |
|---|---|
| Who owns blob_42 | Your wallet address (always public) |
| Who can decrypt blob_42 | Every viewer wallet address (always public) |
| Was alice ever a viewer? | Yes — remove_blob_share removes her from the live set but the historical Sui transaction is permanent |
If "alice was once a viewer" needs to be unobservable, sharing on-chain isn't the right tool. Out-of-band sharing (send alice the file's decryption key over Signal) sidesteps this — but you lose the audit trail and the wallet-revocable model.