Decentralized, S3-compatible object storage that shards, encrypts client-side, and distributes pieces across a global network of independent storage nodes. Most apps either use the S3-compatible gateway with the standard AWS SDK or the native Uplink library / Node.js bindings.
- 01S3-compatible drop-in for existing apps
- 02low-egress object storage
- 03client-side encrypted file storage
- 04backups and large media hosting
- 05blockchain node snapshots / archives
- pnpm add @aws-sdk/client-s3 storj-uplink-nodejs
| Variable | Scope | Description |
|---|---|---|
| STORJ_ACCESS_KEY_ID | Server | S3 access key from the Storj satellite (Access Grants → S3 credentials). Server-side only. |
| STORJ_SECRET_ACCESS_KEY | Server | S3 secret key paired with `STORJ_ACCESS_KEY_ID`. Server-side only. |
| STORJ_ENDPOINT | Server | S3 gateway endpoint, e.g. `https://gateway.storjshare.io`. |
| STORJ_BUCKET | Server | Bucket name created on the Storj satellite. |
Easiest path: treat Storj as S3. Use the AWS SDK v3 with `new S3Client({ endpoint: process.env.STORJ_ENDPOINT, region: 'auto', credentials: { accessKeyId: STORJ_ACCESS_KEY_ID, secretAccessKey: STORJ_SECRET_ACCESS_KEY }, forcePathStyle: true })` and call `PutObjectCommand` / `GetObjectCommand` exactly as you would for S3. For native end-to-end encryption with no gateway in the trust path, use `storj-uplink-nodejs` — open a project with `Uplink.parseAccess(grant)` and `project.uploadObject(bucket, key)`. Generate scoped, expiring access grants per user with the `uplink share` CLI or the access library; never hand the root API key to the browser. Use presigned S3 URLs for client uploads and treat the bucket name + key as the canonical reference (no CIDs).
- ⚑Storj is S3-API-compatible but not bit-for-bit AWS — multipart upload limits, object lock, and a few advanced ACL features differ. Always set `forcePathStyle: true` and `region: 'auto'`.
- ⚑Egress is not free — Storj's pricing is generous compared to AWS but downloads still cost per GB. Don't assume 'decentralized = free bandwidth'.
- ⚑The S3 gateway terminates encryption on Storj-operated nodes; for true end-to-end encryption you must use the native Uplink library and your own encryption passphrase.
- ⚑Access grants embed bucket scope, prefix, and expiry — once issued they cannot be revoked except by rotating the underlying API key. Issue short-lived grants for client use.
- ⚑Storj nodes are independent operators — single-node availability is not the SLA; the satellite handles erasure-coded redundancy. Do not benchmark a single node and extrapolate.
- ⚑There is no onchain settlement — STORJ token payments are batched off-chain via the satellite, so Storj is decentralized in storage but centralized in billing/coordination.