#Workspaces

A workspace is the security and collaboration boundary in WWKG. Each workspace has its own encryption key, set of members, and collection of branches. All data in a workspace is end-to-end encrypted — only members with the workspace key can read or write.

#Creating a workspace

This generates a new workspace with a unique ID (urn:wwkg:workspace:<uuid>), creates an encryption key, and sets you as the owner.

#Listing workspaces

#Viewing workspace details

#Switching workspaces

Set the active workspace for subsequent commands:

Check which workspace is currently active:

#Membership roles

Each workspace member has one of four roles:

#Inviting members

Invite a member by their identity:

The invited member must accept the invitation:

Or decline it:

#Managing members

List all members:

Suspend a member (temporarily revoke access without removing them):

Reactivate a suspended member:

Revoke a member permanently (the workspace encryption key is automatically regenerated so the revoked member cannot read future data):

#Access revocation

When a member is revoked, WWKG automatically generates a new encryption key for the workspace so that the removed person cannot read future data. Historical data that was written before the revocation remains accessible to anyone who was a member at the time.

You can also trigger this manually as the owner:

#The root workspace

When you initialize a node with wwkg install --node-only, a default workspace is created automatically. This is the root workspace — it holds the node’s identity information and serves as the default target for commands when no workspace is specified.

#Deleting a workspace

Only the owner can delete a workspace:

This removes the workspace and all its local data.