aboutsummaryrefslogtreecommitdiffstats
path: root/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'README.md')
-rw-r--r--README.md36
1 files changed, 2 insertions, 34 deletions
diff --git a/README.md b/README.md
index da95cce..daa0b0a 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,8 @@
2 2
3This will sit behind nginx reverse proxy so running at 127.0.0.1:8080 or not using https is not a problem. 3This will sit behind nginx reverse proxy so running at 127.0.0.1:8080 or not using https is not a problem.
4 4
5It's currently live over at https://gradecoin.xyz.
6
5``` 7```
6# Test the project 8# Test the project
7$ cargo test 9$ cargo test
@@ -10,40 +12,6 @@ $ cargo test
10$ cargo doc --open 12$ cargo doc --open
11``` 13```
12 14
13# how?
14## authentication
15> Uses /register endpoint
16- Student creates their own 2048 bit RSA `keypair`
17- Downloads Gradecoin's Public Key from Moodle
18- Encrypts their JSON wrapped Public Key and Student ID using Gradecoin's Public Key
19- Sends that to the /register endpoint with a POST request
20- Their public key is now in our database and can be used to sign their JWT's during requests
21
22## transactions
23> Uses /transaction endpoint
24- offer **a transaction** - POST request
25 - The request header should have Bearer [JWT.Token signed with Student Public Key]
26 - The request header should be signed by the Public Key of the `by` field in the transaction
27- fetch the list of pending transactions - GET request
28 - All the pending transactions are returned in a JSON body
29 - ❓ Does this need to be authenticated as well?
30
31## blocks - [INCOMPLETE]
32> Uses /block endpoint
33- Blocks are proposed using `N` transactions - POST request
34 - ❓ This can be an exact number (=20) or if the last block is *some time* old then small blocks can be proposed.
35
36- Block proposal: `Block` + some `nonce` is hashed using a *simple* hash function, resulting hash should have some property that will require some computation time (~1 minute? 10 minutes?) to find (=guessing) Proof-of-work scheme.
37First proposed valid block is accepted, if assertions hold.
38(No consensus, we are the sole authority, there's no blockchain here, only a glorified database and busywork)
39- Pending transactions get cleared out after a new block is accepted
40 - ❓ All or only the used ones?
41
42## payment
43First transaction in the block is called *Coinbase*, the block reward is paid to the *output* (Bitcoin notation, different) of this transaction.
44If we do this then the rest of the transactions are just make believe playing.
45So banker + block reward approach seems better.
46
47# Big Thank List 15# Big Thank List
48- https://github.com/blurbyte/restful-rust 16- https://github.com/blurbyte/restful-rust
49- https://github.com/zupzup/warp-postgres-example 17- https://github.com/zupzup/warp-postgres-example