aboutsummaryrefslogtreecommitdiffstats
path: root/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'README.md')
-rw-r--r--README.md34
1 files changed, 21 insertions, 13 deletions
diff --git a/README.md b/README.md
index 664336c..ff951b1 100644
--- a/README.md
+++ b/README.md
@@ -16,29 +16,37 @@ $ curl --location --request POST 'localhost:8080/transaction' --header 'Content-
16# how? 16# how?
17 17
18## authentication 18## authentication
19Students generate their own `keypairs` and authenticate with their METU Student IDs. 19> Uses /register endpoint
20Some JWT scheme, coming up. 20- Student creates their own 2048 bit RSA `keypair`
21 21- Downloads Gradecoin's Public Key from Moodle
22Authenticated students propose transactions, between them and another node (=public keys) or between the grader (=bank) and themselves. 22- Encrypts their JSON wrapped Public Key and Student ID using Gradecoin's Public Key
23- Their public key is now in our database and can be used to sign their JWT's during requests
23 24
24## transactions 25## transactions
25Transactions are `signed` using the proposers private key. 26> Uses /transaction endpoint
26(This whole public/private key + signing process will require some crypto dependency, **todo**) 27- offer **a transaction** - POST request
27 28 - The request header should have Bearer [JWT.Token signed with Student Public Key]
28## blocks 29 - The request header should be signed by the Public Key of the `by` field in the transaction
29Blocks are proposed using `N` transactions, this can be an exact number (=20) or if the last block is *some time* old then small blocks can be proposed. 30- fetch the list of pending transactions - GET request
30Block proposal: `Block` + some `nonce` is hashed using a *simple* hash function, resulting hash should have some property that will require some computation time (~1 minute? 10 minutes?) to find (=guessing) Proof-of-work scheme. 31 - All the pending transactions are returned in a JSON body
32 - ❓ Does this need to be authenticated as well?
33
34## blocks - [INCOMPLETE]
35> Uses /block endpoint
36- Blocks are proposed using `N` transactions - POST request
37 - ❓ This can be an exact number (=20) or if the last block is *some time* old then small blocks can be proposed.
38
39- Block proposal: `Block` + some `nonce` is hashed using a *simple* hash function, resulting hash should have some property that will require some computation time (~1 minute? 10 minutes?) to find (=guessing) Proof-of-work scheme.
31First proposed valid block is accepted, if assertions hold. 40First proposed valid block is accepted, if assertions hold.
32(No consensus, we are the sole authority, there's no blockchain here, only a glorified database and busywork) 41(No consensus, we are the sole authority, there's no blockchain here, only a glorified database and busywork)
42- Pending transactions get cleared out after a new block is accepted
43 - ❓ All or only the used ones?
33 44
34## payment 45## payment
35First transaction in the block is called *Coinbase*, the block reward is paid to the *output* (Bitcoin notation, different) of this transaction. 46First transaction in the block is called *Coinbase*, the block reward is paid to the *output* (Bitcoin notation, different) of this transaction.
36If we do this then the rest of the transactions are just make believe playing. 47If we do this then the rest of the transactions are just make believe playing.
37So banker + block reward approach seems better. 48So banker + block reward approach seems better.
38 49
39## then
40After the new block, stale transactions are cleared?
41
42# Big Thank List 50# Big Thank List
43- https://github.com/blurbyte/restful-rust 51- https://github.com/blurbyte/restful-rust
44- https://github.com/zupzup/warp-postgres-example 52- https://github.com/zupzup/warp-postgres-example