From 8fb653d74dcbf37d00a2301e2a3ad27c200c5ac1 Mon Sep 17 00:00:00 2001 From: Yigit Sever Date: Mon, 22 May 2023 15:50:26 +0300 Subject: Update password character and broken link And fix a few typos --- content/_index.md | 18 +++++++++--------- content/block_docs.md | 2 +- content/misc_docs.md | 7 +++---- content/register_docs.md | 6 +++--- content/transaction_docs.md | 4 ++-- 5 files changed, 18 insertions(+), 19 deletions(-) diff --git a/content/_index.md b/content/_index.md index 733fcbd..0023e9e 100644 --- a/content/_index.md +++ b/content/_index.md @@ -7,7 +7,7 @@ sort_by = "weight" Blockchains are incredibly simple, but they can seem very complicated. We will see how they work and practice programming _production grade_ cryptography code. -This server is the sandbox for PA1 and it is currently running the Gradecoin application. +This server is the sandbox for PA1, and it is currently running the Gradecoin application. Gradecoin is the faux currency we will use to simulate a blockchain network. **At the end of the simulation, the amount of Gradecoin you hold will be your PA1 grade.** @@ -27,7 +27,7 @@ Then you can earn block rewards by proposing blocks, create some Gradecoins by g The first transactions of a block is called the `coinbase`. They are the **author** of the block proposal and if the block is accepted then they get compensated for their efforts with some Gradecoin. # Public Key Signatures -Gradecoin uses 2048 bit RSA keypairs. +Gradecoin uses 2048-bit RSA key pairs. # Services Please respect the system and others. @@ -35,7 +35,7 @@ Keep your request rate below a reasonable limit. Programming a bot is absolutely fine as long as it's not aggressively sending requests. ## /register -- Create your own 2048 bit RSA `keypair` +- Create your own 2048-bit RSA `keypair` - Download `Gradecoin`'s public key from [ODTUClass](https://odtuclass.metu.edu.tr/my/) - Encrypt your [JSON](https://www.json.org/json-en.html) wrapped `Public Key`, `Student ID` and one time `passwd` using Gradecoin's public key - Your public key is now in the database. You can use your private key to sign your JWTs during requests @@ -56,7 +56,7 @@ Programming a bot is absolutely fine as long as it's not aggressively sending re - Fetch the last accepted `Block` with a GET request - For more information, check our [block](@/block_docs.md) page -> `Authorization`: The request header should have Bearer JWT.Token signed with student's private key +> `Authorization`: The request header should have `Bearer JWT.Token` signed with student's private key ## /user - Looking for people to conduct business with? Everyone is listed on this page! @@ -74,9 +74,9 @@ I've trained them personally using state-of-the-art neural networks running on t # Questions ## This all sound complicated! - I've drawn inspiration from [actual Bitcoin transactions](https://explorer.bitcoin.com/btc) and [warp](https://github.com/seanmonstar/warp/blob/master/examples/todos.rs). The system has only 3 interfaces. It's simple once you read everything over a couple of times. -- Don't know where to start? Gradecoin uses RESTful API; simple `curl` commands or even your browser will work! [This website can help as well](https://curl.trillworks.com/). +- Don't know where to start? Gradecoin uses RESTful API; simple `curl` commands or even your browser will work! [This website can help as well](https://sqqihao.github.io/trillworks.html). - Check out [JWT Debugger](https://jwt.io) and the corresponding [RFC](https://tools.ietf.org/html/rfc7519). -- Remember that you are absolutely encouraged to grab off-the-shelf implementations for every cryptography primitive you will use. You can start by finding a code snippet to generate a RSA keypair? +- Remember that you are absolutely encouraged to grab off-the-shelf implementations for every cryptography primitive you will use. You can start by finding a code snippet to generate an RSA key pair? - Check out [misc](@/misc_docs.md) for everything else you might be curious about. ## How do you actually earn Gradecoin? @@ -89,12 +89,12 @@ I've trained them personally using state-of-the-art neural networks running on t Thank you! Please [let me know](mailto:yigit@ceng.metu.edu.tr) so we can solve it. ## I hacked the server! -That wasn't supposed to happen :( I did not place any intentional vulnerabilities to the system so if you cracked something, it was not intended. Please don't abuse it and let me know so I can patch it. +That wasn't supposed to happen 😢. I did not place any intentional vulnerabilities to the system so if you cracked something, it was not intended. Please don't abuse it and let me know, so I can patch it. ## I want to contribute! -Thank you! The code for Gradecoin and this site are open source so you can take a look and let me know if you have any improvements, corrections, typos to point out or whatever. +Thank you! The code for Gradecoin and this site are open source, so you can take a look and let me know if you have any improvements, corrections, typos to point out or whatever. Both documentation (this site) and code contributions are appreciated. -[My git server](https://git.yigitsever.com/) will be somewhat ahead of the [GitHub](https://github.com/yigitsever/gradecoin) repository but I will sync them at every major milestone. +[My git server](https://git.yigitsever.com/) will be somewhat ahead of the [GitHub](https://github.com/yigitsever/gradecoin) repository, but I will sync them at every major milestone. ## Submission? At the end of the _simulation_, your Gradecoin balance will be your grade. I will also expect your client for submission, programmed in either; diff --git a/content/block_docs.md b/content/block_docs.md index 807403c..dccd23b 100644 --- a/content/block_docs.md +++ b/content/block_docs.md @@ -12,7 +12,7 @@ We use Blocks to commit proposed [Transactions](@/transaction_docs.md) to the le In order to create a valid block, the proposer must find a suitable `nonce` value that makes the `hash` of the block valid. The properties a valid hash should have will be explained in subsequent sections. -We are _mining_ using [blake2s](https://www.blake2.net/) algorithm, which produces 256 bit hashes. +We are _mining_ using [blake2s](https://www.blake2.net/) algorithm, which produces 256-bit hashes. Hash/second is roughly {{ exp(num="20x10", exponent="3") }} on my machine, a new block can be mined in around 4-6 minutes. # Requests diff --git a/content/misc_docs.md b/content/misc_docs.md index a318251..6cfb260 100644 --- a/content/misc_docs.md +++ b/content/misc_docs.md @@ -7,10 +7,10 @@ weight = 10 # Fingerprint ## Definition -A fingerprint is a 256 bit 64 character hexadecimal user identifier for users. Fingerprints are used in defining users in [transactions](@/transaction_docs.md) and [blocks](@/block_docs.md). +Fingerprints are 256-bit, 64 character hexadecimal user identifiers. Fingerprints are used in defining users in [transactions](@/transaction_docs.md) and [blocks](@/block_docs.md). ## Fingerprint Generation -A user's finger print is generated via applying SHA256 sum of the user's public RSA key. +A user's fingerprint is generated via applying SHA256 sum of the user's public RSA key. # Config The [/config](/config) endpoint will return the current parameters that Gradecoin uses. @@ -19,7 +19,7 @@ The [/config](/config) endpoint will return the current parameters that Gradecoi - `url_prefix`: URL prefix for the network. All API commands will be served under this prefix. - For example, if url_prefix is `example`, register at `gradecoin.xyz/example/register`. - It can be empty, in which case the endpoints are accessed directly from `/`. Example: `gradecoin.xyz/register`. -- `preapproved_users`: The name of the CSV file that contains the list of users who can register. This doesn't concern you as an end-user. +- `preapproved_users`: The name of the CSV file that contains the list of users who can register. Only relevant for the admins. - `block_transaction_count`: A valid block should have at least this many transactions. - `hash_zeros`: Determines the number of zero hexadecimal characters a correct hash should start with. - `register_bonus`: Initial registration bonus. This will determine your balance after registration. @@ -32,6 +32,5 @@ The [/config](/config) endpoint will return the current parameters that Gradecoi - Each key will be the fingerprint of a bot. - Each value will be another JSON object. Currently, it only contains one self-explanatory field: `starting_balance`. - # Version The [/version](/version) endpoint will return the current version that's currently live on this server. diff --git a/content/register_docs.md b/content/register_docs.md index 9f5596e..f5bd11d 100644 --- a/content/register_docs.md +++ b/content/register_docs.md @@ -4,19 +4,19 @@ description = "Register Documentation" weight = 3 +++ -Here you can authenticate yourself with the system with **your own RSA keypair**. +Here you can authenticate yourself with the system with **your own RSA key pair**. Only people who are enrolled to the class can open Gradecoin accounts, with some exceptions for people who asked nicely. This is enforced with your Student ID (e123456) and a one time password you received with your complementary *Welcome to Gradecoin* email. # Authentication Process > The cryptographic outputs you are sending over the network are all Base64 Encoded -- Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it it to your client. +- Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it to your client. - Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and the `public key` you have created before in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) ```json { "student_id": "e123456", - "passwd": "15 char secret", + "passwd": "32 char secret", "public_key": "---BEGIN PUBLIC KEY..." } ``` diff --git a/content/transaction_docs.md b/content/transaction_docs.md index 3b4c2a1..3c556b4 100644 --- a/content/transaction_docs.md +++ b/content/transaction_docs.md @@ -29,7 +29,7 @@ Since there are many ways to convert an object to JSON, we enforce the following - The order of fields should be exactly as shown above. - All keys and string values must be enclosed with quotation marks (`"`). -Here's an example demostrating how your JSON string should look like: +Here's an example on how your JSON string should look like: ```json {"source":"bar","target":"baz","amount":2,"timestamp":"2021-04-18T21:49:00"} ``` @@ -39,7 +39,7 @@ Here's an example demostrating how your JSON string should look like: - You cannot create multiple transactions with the same `source`/`target` pair. - Transactions generate traffic which is something we desperately need in Gradecoin, so for every transaction you send, some Gradecoin will be generated out of thin air and will appear on your account. - The amount of Gradecoin that will be generated is given by `tx_traffic_reward` field of [`/config`](/config). - - For example, if `tx_traffic_reward` is 1 and you send 2 coins, only 1 coin will be deduced from your account since you will be given 1 coin for generating traffic. The target will receive 2 coins. + - For example, if `tx_traffic_reward` is 1, and you send 2 coins, only 1 coin will be deduced from your account since you will be given 1 coin for generating traffic. The target will receive 2 coins. - On the other hand, transactions have to be processed which requires valuable CPU power. So, an amount named `tx_gas_fee` of [`/config`](/config) is deducted from the user on every transaction proposal to cover the cost. - Don't worry if your transaction goes unaccepted! Transactions do not disappear until they are committed into the ledger with a block. - Every transaction has a unique ID generated using the `source`, `target` and `timestamp` fields. -- cgit v1.2.3-70-g09d2