Trust & Permissions
Opening a project you didn't make yourself? DNA asks before letting its nodes touch your files, your network, or your hardware.
A .dna project is more than shapes and colours — it can contain nodes that read and write files, reach out over the network, or load audio plugins. That's powerful when you build it yourself, but a project sent to you by someone else is, until you say otherwise, just a file from the internet. DNA treats it that way: powerful nodes stay switched off until you decide the project is safe to run.
What happens when you open a project
Projects you saved yourself, and the built-in examples, are trusted automatically — everything just works.
A project that arrived from outside (downloaded, emailed, or shared) opens in a restricted state. The graph still loads and you can look around, but any node that wants to reach beyond the canvas refuses to cook and shows a "trust required" notice instead. You'll see a banner inviting you to trust the project.
Click Trust this project and DNA shows you exactly what the project is asking for before you commit.
The trust prompt
The prompt names the project (so you know which file you're approving) and lists the abilities its nodes need. You might see any of:
Scripting — runs custom code you authored, such as an scripting node or a custom shader.
File I/O — reads and writes files on your computer.
Web Fetch — downloads data over the web.
Plugin Host — loads native audio plugins (VST, AU, CLAP).
Network Camera — connects to networked IP cameras.
NDI — sends and receives video over your local network.
OSC — sends and receives OSC messages.
WebSocket — opens outbound WebSocket connections.
Serial — talks to hardware over serial ports.
Only the abilities this particular project actually uses appear in the list. Choose Trust this project to grant them, or Cancel to leave the project restricted.
Recognise the source before you trust. If a friend or collaborator sent you the file and the listed abilities match what the piece is meant to do (a live-performance patch asking for OSC and MIDI, say), that's a good sign. A simple visual project asking for File I/O and Web Fetch with no obvious reason is worth a second look.
Why this protects you
A .dna file can be crafted to misbehave the moment it runs — quietly reading files, phoning out over the network, or loading a plugin you didn't choose. Holding those abilities back until you trust the project means simply opening a file someone shared can't harm your machine on its own. You stay in control of the moment those capabilities switch on.
DNA also keeps a few guardrails in place even after you trust a project, so a node can't, for example, write outside the project's folder or smuggle a disguised file path through a network connection. Trust unlocks the abilities a project needs — it doesn't hand over the whole machine.
Audio and other native plugins are held to the same standard. They load only from your own plugins folder (~/.dna/plugins/) plus the app's built-ins, and each one stays restricted until you trust it.
Changing your mind
Trust is remembered per project, so you only answer once for a given file. To review or undo a decision, open Preferences and find the trusted-projects list — remove a project there and it goes back to restricted the next time you open it. This is handy if you trusted something by mistake, or want to re-check a project before a live show.
Trusting a project grants every ability in the list at once, for that whole project. There's no halfway — so only trust files from people and places you actually recognise.