diff options
author | Yigit Sever | 2021-04-15 13:35:06 +0300 |
---|---|---|
committer | Yigit Sever | 2021-04-15 13:35:06 +0300 |
commit | 77b99f7d3a8747f562f2b8f1e8df551aafea1b28 (patch) | |
tree | 8c02f0fc3e463439f5d05653a3f1052caa2138ed /site/content | |
parent | cd6839a3c6596f5e4197c6696b95efbf0c76d2ca (diff) | |
download | gradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.tar.gz gradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.tar.bz2 gradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.zip |
Remove lorems and inpsumses
Diffstat (limited to 'site/content')
-rw-r--r-- | site/content/block_docs.md | 27 | ||||
-rw-r--r-- | site/content/register_docs.md | 51 | ||||
-rw-r--r-- | site/content/transaction_docs.md | 23 |
3 files changed, 66 insertions, 35 deletions
diff --git a/site/content/block_docs.md b/site/content/block_docs.md index 26803bd..4227f26 100644 --- a/site/content/block_docs.md +++ b/site/content/block_docs.md | |||
@@ -4,8 +4,27 @@ description = "Block Documentation" | |||
4 | weight = 2 | 4 | weight = 2 |
5 | +++ | 5 | +++ |
6 | 6 | ||
7 | Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod | 7 | A block that was proposed to commit Transactions in `transaction_list` to the |
8 | tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At | 8 | ledger with a nonce that made `hash` valid; 6 zeroes at the left hand side of the |
9 | vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd | 9 | hash (24 bytes). |
10 | ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. | ||
11 | 10 | ||
11 | We are _mining_ using [blake2s](https://www.blake2.net/) algorithm, which produces 256 bit hashes. Hash/second is roughly 20x10^3 on my machine, a new block can be mined in around 4-6 minutes. | ||
12 | |||
13 | # Requests | ||
14 | |||
15 | ## GET | ||
16 | A HTTP `GET` request to [/block](/block) endpoint will return the latest mined block. | ||
17 | |||
18 | ## POST | ||
19 | |||
20 | A HTTP `POST` request with Authorization using JWT will allow you to propose your own blocks. | ||
21 | |||
22 | # Fields | ||
23 | ``` | ||
24 | transaction_list: [array of Fingerprints] | ||
25 | nonce: unsigned 32-bit integer | ||
26 | timestamp: ISO 8601 <date>T<time> | ||
27 | hash: String | ||
28 | ``` | ||
29 | |||
30 | [ISO 8601 Reference](https://en.wikipedia.org/wiki/ISO_8601#Combined_date_and_time_representations) | ||
diff --git a/site/content/register_docs.md b/site/content/register_docs.md index 45571fb..83aef7f 100644 --- a/site/content/register_docs.md +++ b/site/content/register_docs.md | |||
@@ -5,38 +5,35 @@ weight = 3 | |||
5 | +++ | 5 | +++ |
6 | 6 | ||
7 | POST request to /register endpoint | 7 | POST request to /register endpoint |
8 | Lets a [`User`] (=student) to authenticate themselves to the system | ||
9 | This `request` can be rejected if the payload is malformed (=not authenticated properly) or if | ||
10 | the [`AuthRequest.user_id`] of the `request` is not in the list of users that can hold a Gradecoin account | ||
11 | 8 | ||
12 | # Authentication Process | 9 | Lets a user to authenticate themselves to the system. |
13 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on moodle. | 10 | Only people who are enrolled to the class can open Gradecoin accounts. |
14 | - Gradecoin's Private Key (`gradecoin_private_key`) is loaded here | 11 | This is enforced with your Student ID and a one time password you will receive. |
15 | 12 | ||
16 | - Student picks a short temporary key (`k_temp`) | 13 | # Authentication Process |
17 | - Creates a JSON object (`auth_plaintext`) with their `metu_id` and `public key` in base64 (PEM) format (`S_PK`): | 14 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. |
15 | - You pick a short temporary key (`k_temp`) | ||
16 | - Create a JSON object (`auth_plaintext`) with your `metu_id` and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) | ||
17 | ```json | ||
18 | { | 18 | { |
19 | student_id: "e12345", | 19 | "student_id": "e12345", |
20 | passwd: "15 char secret" | 20 | "passwd": "15 char secret", |
21 | public_key: "---BEGIN PUBLIC KEY..." | 21 | "public_key": "---BEGIN PUBLIC KEY..." |
22 | } | 22 | } |
23 | ``` | ||
24 | |||
25 | - Pick a random IV. | ||
26 | - Encrypt the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext`. Encode this with base64. | ||
27 | - The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme | ||
28 | using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base 64. | ||
29 | - The payload JSON object (`auth_request`) can be serialized now: | ||
23 | 30 | ||
24 | - Encrypts the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext` TODO should this be base64'd? | 31 | ```json |
25 | - The temporary key student has picked `k_temp` is encrypted using RSA with OAEP padding scheme | ||
26 | using sha256 with `gradecoin_public_key` (TODO base64? same as above), giving us `key_ciphertext` | ||
27 | - The payload JSON object (`auth_request`) can be JSON serialized now: | ||
28 | { | 32 | { |
29 | c: "auth_ciphertext" | 33 | "c": "auth_ciphertext", |
30 | key: "key_ciphertext" | 34 | "iv": "hexadecimal", |
35 | "key": "key_ciphertext" | ||
31 | } | 36 | } |
37 | ``` | ||
32 | 38 | ||
33 | ## Gradecoin Side | 39 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. |
34 | |||
35 | - Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with `gradecoin_private_key` as the key and auth_request.key `key` as the ciphertext, receiving `temp_key` (this is the temporary key chosen by stu | ||
36 | - With `temp_key`, we can AES 128 Cbc Pkcs7 decrypt the `auth_request.c`, giving us | ||
37 | auth_plaintext | ||
38 | - The `auth_plaintext` String can be deserialized to [`AuthRequest`] | ||
39 | - We then verify the payload and calculate the User fingerprint | ||
40 | - Finally, create the new [`User`] object, insert to users HashMap `<fingerprint, User>` | ||
41 | |||
42 | |||
diff --git a/site/content/transaction_docs.md b/site/content/transaction_docs.md index 6607fe9..0526f4e 100644 --- a/site/content/transaction_docs.md +++ b/site/content/transaction_docs.md | |||
@@ -4,8 +4,23 @@ description = "Transaction documentation" | |||
4 | weight = 2 | 4 | weight = 2 |
5 | +++ | 5 | +++ |
6 | 6 | ||
7 | Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod | 7 | A transaction request between `source` and `target` to move `amount` Gradecoin. |
8 | tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At | ||
9 | vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd | ||
10 | ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. | ||
11 | 8 | ||
9 | # Requests | ||
10 | |||
11 | ## GET | ||
12 | A HTTP `GET` request to [/transaction](/transaction) endpoint will return the current list of pending transactions. | ||
13 | |||
14 | ## POST | ||
15 | |||
16 | A HTTP `POST` request with Authorization using JWT to [/transaction](/transactions) will allow you to propose your own transactions. | ||
17 | |||
18 | |||
19 | # Fields | ||
20 | ``` | ||
21 | by: Fingerprint | ||
22 | source: Fingerprint | ||
23 | target: Fingerprint | ||
24 | amount: unsigned 16 bit integer | ||
25 | timestamp: ISO 8601 <date>T<time> | ||
26 | ``` | ||