Descentralized Public Key Infrastructure (DPKI)

Students:

• Filipe Gomes Arante de Souza
• Lucas Rodrigues de Almeida

Execution

The follow command will run frontend, backend, blockchain and database containers:

> docker-compose up -d

To stop them, just run:

> docker-compose down

The services will be up in following ports:

• frontend: 3000
• backend: 9000
• blockchain: 7000

Access frontend interface in clicking here.

Authentication

In Blockchain actions that authentication is needed, we use openssl signature. The sign is generated from the private key and contract id.

In DNS actions that authentication is needed, we use HMAC. The HMAC Hash is generated from the domain name and shared key. The shared key is generated when domain in created.

Endpoints Documentation

PHP Helper

• Server Port: 9000

GET /certificate/new

response 200

response 200

{
    "private_key": "example_base_64_private_key",
    "public_key": "example_base_64_public_key",
    "certificate": "example_base_64_certificate"
}

GET /sign?message=example_message&private_key=example_base_64_private_key

response 200

{
    "sign": "example_base_64_sign"
}

POST /verify

body

{
    "public_key": "example_base_64_public_key",
    "message": "example_message",
    "sign": "example_base_64_sign",
}

response 200

{
    "verify": true,
}

GET /hash?message=example_message&key=example_key

response 200

{
    "hash": "example_base_64_sha_256_hash",
}

PHP DNS Server

• Server Port: 9000

GET /dns/{domain}

response 200

{
    "id": 1,
    "domain": "domain",
    "txt": "example_txt",
    "created_at": "2024-01-01T00:00:00.000000Z",
    "updated_at": "2024-01-01T00:00:00.000000Z"
}

PATCH /dns/{domain}/clear-txt

header

{
    "hash": "example_base_64_hash" // HMAC Authorization
}

response 200

{
    "id": 1,
    "domain": "domain",
    "txt": null,
    "created_at": "2024-01-01T00:00:00.000000Z",
    "updated_at": "2024-01-01T00:00:00.000000Z"
}

POST /dns

body

{
    "domain": "example_domain",
    "txt": "example_txt"
}

header

{
    "hash": "example_base_64_hash", // Required if domain already exists.
}

Go Blockchain

• Server Port: 7000

POST /mine/block

body

{
    "wallet": "example_wallet"
}

response 200

{
    "block": {
        "data": {
            "contract_execution_history": null,
            "contracts": null,
            "transactions": [
                {
                    "from": "Block Reward",
                    "to": "wallet",
                    "amount": 10,
                    "miner": ""
                }
            ]
        },
        "previous_hash": "",
        "hash": "00d69dad76a96aaeb05a9653762bbb5ad1d81431fcc8d1c8c3063e0c8627d210",
        "timestamp": "2024-08-19T20:15:14.167207882Z",
        "nonce": 313
    },
    "index": 1,
    "message": "New Block Forged"
}

POST /mine/transaction

body

{
    "wallet": "example_wallet"
}

response 404

{
    "message": "No transactions to mine"
}

response 200

{
    "message": "Transaction mined successfully"
}

POST /mine/contract

body

{
    "wallet": "example_wallet"
}

response 404

{
    "message": "No transactions to mine"
}

response 200

{
    "message": "Contract executed successfully",
    "gas": 0.1
}

GET /chain

response 200

{
    "chain": [
        {
            "data": {
                "contract_execution_history": null,
                "contracts": null,
                "transactions": [
                    {
                        "from": "Block Reward",
                        "to": "wallet",
                        "amount": 10,
                        "miner": ""
                    }
                ]
            },
            "previous_hash": "",
            "hash": "00d69dad76a96aaeb05a9653762bbb5ad1d81431fcc8d1c8c3063e0c8627d210",
            "timestamp": "2024-08-19T20:15:14.167207882Z",
            "nonce": 313
        },
        {
            "data": {
                "contract_execution_history": null,
                "contracts": null,
                "transactions": [
                    {
                        "from": "wallet",
                        "to": "b",
                        "amount": 1,
                        "miner": "teste"
                    }
                ]
            },
            "previous_hash": "00d69dad76a96aaeb05a9653762bbb5ad1d81431fcc8d1c8c3063e0c8627d210",
            "hash": "8fff5098c68b889b3e3f8a0ead2be7677c79ad19a390584e8bcbfba283192984",
            "timestamp": "2024-08-19T20:35:41.314961941Z",
            "nonce": 0
        }
    ],
    "isValid": false,
    "length": 2,
    "minedCoins": 10
}

GET /memorypool

response 200

{
    "contractexecutionpool": [
        {
            "contract_id": "example_contract_id",
            "result": "",
            "timestamp": "2024-01-01T00:00:00.218002954Z",
            "miner": ""
        }
    ],
    "transactionpool": [
        {
            "from": "example_wallet_1",
            "to": "example_wallet_2",
            "amount": 1,
            "miner": ""
        }
    ]
}

GET /info/{wallet}

response 200

{
    "balance": 8.95
}

GET /certificate/status/{certificate}

response 200

{
    "certificate": "certificate",
    "status": true
}

POST /transaction/new

body

{
    "from": "example_wallet_1",
    "to": "example_wallet_2",
    "amount": 1
}

response 201

{
    "message": "Transaction added to the pool"
}

POST /contract/execute

body

{
    "contract_id": "example_contract_id"
}

header

{
    "Authorization": "example_base_64_sign"
}

response 201

{
    "message": "Contract execution added to the pool"
}

POST /certificate/request

body

{
    "certificate": "example_base_64_certificate",
    "domain": "example_domain"
}

response 201

{
    "certificate": "example_base_64_certificate",
    "domain": "example_domain",
    "message": "Certificate successfully added to the current block, complete acme challenge to turn it valid.",
    "wallet": "example_wallet"
}

Notes

• RFC 8855 is a subdomain _acme-challenge.domain.com we'll mimic as a route /contract/execute

https://datatracker.ietf.org/doc/html/rfc8555/#section-8.4