1 files changed, 319 insertions, 0 deletions

diff --git a/site/public/index.html b/site/public/index.html
new file mode 100644
index 0000000..8986841
--- /dev/null
+++ b/site/public/index.html
@@ -0,0 +1,319 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Gradecoin</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <style>
+    :root {
+        /* Primary theme color */
+        --primary-color: #F8D12F;
+        /* Primary theme text color */
+        --primary-text-color: #1E2329;
+        /* Primary theme link color */
+        --primary-link-color: #2F57F7;
+        /* Secondary color: the background body color */
+        --secondary-color: #FAFAFA;
+        --secondary-text-color: #303030;
+        /* Highlight text color of table of content */
+        --toc-highlight-text-color: #d46e13;
+    }
+</style>
+
+    <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
+    <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
+    <link rel="stylesheet" href="/normalize.css">
+    <link rel="stylesheet" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;juice.css">
+    
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" />
+
+</head>
+
+<body>
+    
+
+    <header class="pos-absolute" style="background-color: transparent">
+        
+
+<a href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;">
+    <div class="logo">
+        <img src="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;gradecoin.png" alt="logo">
+        Gradecoin
+    </div>
+</a>
+
+<nav>
+    
+    <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;register-docs&#x2F;">Register</a>
+    
+    <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;jwt&#x2F;">JWT</a>
+    
+    <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;transaction-docs&#x2F;">Transactions</a>
+    
+    <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;block-docs&#x2F;">Blocks</a>
+    
+    
+        
+        <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;github.com&#x2F;zhuowei&#x2F;nft_ptr#why">why?</a>
+        
+    
+</nav>
+
+    </header>
+
+    <div class="hero">
+        
+<section class="text-center">
+    <h1 class="heading-text animate__animated animate__jackInTheBox" style="font-size: 50px">
+        Mine your own grades
+    </h1>
+    <h3 class="title-text">
+        <b>Gradecoin</b> is the latest cutting edge blockchain technology agile grading framework that drives organic engagement and other buzzwords, with big data mining search engine optimization
+    </h3>
+    <div>
+    </div>
+</section>
+<img class="hero-image" style="width: 40%" src="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;gradecoin.png">
+
+<div class="explore-more text"
+     onclick="document.getElementById('features').scrollIntoView({behavior: 'smooth'})">
+    ⇩ Learn How ⇩
+</div>
+<style>
+
+.hero section {
+    padding: 0 5rem;
+}
+
+@media screen and (max-width: 768px) {
+    .hero section {
+        padding: 0 2rem;
+    }
+
+    .hero-image {
+        display: none
+    }
+
+}
+footer {
+    color: #8b8b8b;
+}
+</style>
+
+    </div>
+
+    
+
+    <main>
+        
+        
+        
+        
+        
+        <div class="toc">
+            <div class="toc-sticky">
+                
+                <div class="toc-item">
+                    <a class="subtext" href="https://gradecoin.xyz/#welcome-to-gradecoin">Welcome to Gradecoin!</a>
+                </div>
+                
+                
+                <div class="toc-item">
+                    <a class="subtext" href="https://gradecoin.xyz/#coinbase">Coinbase</a>
+                </div>
+                
+                
+                <div class="toc-item">
+                    <a class="subtext" href="https://gradecoin.xyz/#public-key-signatures">Public Key Signatures</a>
+                </div>
+                
+                
+                <div class="toc-item">
+                    <a class="subtext" href="https://gradecoin.xyz/#services">Services</a>
+                </div>
+                
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#register"><small>- &#x2F;register</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#transaction"><small>- &#x2F;transaction</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#block"><small>- &#x2F;block</small></a>
+                </div>
+                
+                
+                
+                <div class="toc-item">
+                    <a class="subtext" href="https://gradecoin.xyz/#questions">Questions</a>
+                </div>
+                
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#this-all-sound-complicated"><small>- This all sound complicated!</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#i-found-a-bug"><small>- I found a bug!</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#i-hacked-the-server"><small>- I hacked the server!</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#submission"><small>- Submission?</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#can-my-friends-play"><small>- Can my friends play?</small></a>
+                </div>
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="https://gradecoin.xyz/#how-and-or-why"><small>- How and or Why?</small></a>
+                </div>
+                
+                
+                
+            </div>
+        </div>
+        
+        
+
+        <div class="content text">
+            
+            <div id="features" class="heading-text">Overview</div>
+            <h1 id="welcome-to-gradecoin">Welcome to Gradecoin!</h1>
+<p>Blockchains are incredibly simple yet can appear very complicated, we will see how they work and practice programming <em>production</em> cryptography code.</p>
+<p>This server is the sandbox for the PA1, it's currently running the Gradecoin application. Gradecoin is the faux currency we will use to simulate a blockchain network. At the end of the simulation, the amount of Gradecoin you hold will be your PA1 grade.</p>
+<p><strong>A quick summary</strong>: authenticate yourself to the system using public key encryption.
+Craft <a href="https://gradecoin.xyz/transaction-docs/">Transaction</a> proposals and tag them using <a href="https://gradecoin.xyz/jwt/">JWTs</a>.
+When there are enough transactions then you can propose <a href="https://gradecoin.xyz/block-docs/">Blocks</a> in the same way.
+Blocks need to be <em>mined</em> beforehand using Proof-of-work, or brute force.</p>
+<p>Gradecoin offers 3 endpoints at <a href="/register">/register</a>, <a href="/block">/block</a> and <a href="/transaction">/transaction</a>. You can only send GET requests to /block and /transaction without authorization.
+The server is programmed in <a href="https://www.service-architecture.com/articles/web-services/representational_state_transfer_rest.html">RESTful</a> architecture, there are no <code>DELETE</code>, <code>PUT</code> or <code>UPDATE</code> operations, though.</p>
+<p>Gradecoin uses a Proof-of-work block accepting mechanism. It uses single round <a href="https://www.blake2.net/">Blake2s</a> hashing which produces 256-bit (64 hexadecimal characters) output. The <a href="https://wiki.bitcoinsv.io/index.php/Target">target</a> hash is <em>24 bits</em> or <em>6 hexadecimal characters</em> of 0. During testing, I could mine a block on average around 2-7 minutes.</p>
+<blockquote>
+<p>We're expecting you to use existing tools and implementations. Standards are hard. <a href="https://www.reddit.com/r/crypto/comments/2coqsy/dont_roll_your_own/">Don't roll your own crypto</a>. Feel free to ask questions. Collaborate.</p>
+</blockquote>
+<p>You might ask,</p>
+<blockquote>
+<p>But if nobody has any Gradecoin then how do we have transactions?</p>
+</blockquote>
+<p>There is a bank! Their public key is <code>31415926535897932384626433832795028841971693993751058209749445923</code> and they have some amount of Gradecoin preloaded. It's also the only account that you can send transactions requests <em>to</em> yourself.</p>
+<h1 id="coinbase">Coinbase</h1>
+<p>The first transactions of a block is called the <code>coinbase</code>. They are the <strong>author</strong> of the block proposal and if the block is accepted then they get compensated for their efforts with some Gradecoin.</p>
+<h1 id="public-key-signatures">Public Key Signatures</h1>
+<p>Gradecoin uses 2048 bit RSA keyspairs.</p>
+<h1 id="services">Services</h1>
+<h2 id="register">/register</h2>
+<ul>
+<li>Student creates their own 2048 bit RSA <code>keypair</code></li>
+<li>Downloads <code>Gradecoin</code>'s Public Key from <a href="https://odtuclass.metu.edu.tr/my/">Moodle</a></li>
+<li>Encrypts their JSON wrapped <code>Public Key</code>, <code>Student ID</code> and one time <code>passwd</code> using Gradecoin's Public Key</li>
+<li>Their public key is now in our database and can be used to sign their JWT's during requests</li>
+</ul>
+<h2 id="transaction">/transaction</h2>
+<ul>
+<li>You can offer a <a href="/transaction">Transaction</a> - POST request
+<ul>
+<li>The request should have <code>Authorization</code></li>
+<li>The request header should be signed by the Public Key of the <code>by</code> field in the transaction</li>
+</ul>
+</li>
+<li>fetch the list of <code>Transaction</code>s - GET request</li>
+</ul>
+<h2 id="block">/block</h2>
+<ul>
+<li>offer a [<code>schema::Block</code>] - POST request
+<ul>
+<li>The request should have <code>Authorization</code></li>
+<li>The [<code>schema::Block::transaction_list</code>] of the block should be a subset of [<code>schema::Db::pending_transactions</code>]</li>
+</ul>
+</li>
+<li>fetch the last accepted [<code>schema::Block</code>] - GET request</li>
+</ul>
+<p><code>Authorization</code>: The request header should have Bearer JWT.Token signed with Student Public Key</p>
+<h1 id="questions">Questions</h1>
+<h2 id="this-all-sound-complicated">This all sound complicated!</h2>
+<ul>
+<li>I've drawn inspiration from <a href="https://explorer.bitcoin.com/btc">actual Bitcoin transactions</a> and <a href="https://github.com/seanmonstar/warp/blob/master/examples/todos.rs">warp</a>. The simplicity of the system is how little interfaces it has.</li>
+<li>Don't know where to start? Gradecoin uses RESTful API; simple <code>curl</code> commands or even your browser will work! <a href="https://curl.trillworks.com/">This website can help as well</a>.</li>
+<li><a href="https://jwt.io">JWT Debugger</a> and the corresponding <a href="https://tools.ietf.org/html/rfc7519">RFC</a></li>
+<li>Remember that you are absolutely encouraged to grab off-the-shelf implementations for every cryptography primitive you will use. You can start by finding a code snippet to generate a RSA keypair?</li>
+</ul>
+<h2 id="i-found-a-bug">I found a bug!</h2>
+<p>Thank you! Please <a href="mailto:yigit@ceng.metu.edu.tr">let me know</a> so we can solve it.</p>
+<h2 id="i-hacked-the-server">I hacked the server!</h2>
+<p>That wasn't supposed to happen :( I did not place any intentional vulnerabilities to the system so if you cracked something, it was not intended. Please don't abuse it and let me know so I can patch it.</p>
+<h2 id="submission">Submission?</h2>
+<p>At the end of the <em>simulation</em>, your Gradecoin balance will be your grade. I will also expect a unique client programmed in either;</p>
+<ul>
+<li>c</li>
+<li>c++</li>
+<li>perl</li>
+<li>rust</li>
+<li>python</li>
+<li>random assortment of bash scripts</li>
+</ul>
+<p>If your favourite programming language is missing please let me know 🤷?</p>
+<h2 id="can-my-friends-play">Can my friends play?</h2>
+<p>Sadly, no. Student's who are enrolled to the class will receive one-time-passwords for authentication.</p>
+<h2 id="how-and-or-why">How and or Why?</h2>
+<ul>
+<li><a href="https://xkcd.com/2314/">Built</a>, <a href="https://lofi.cafe/">with</a> <a href="https://xkcd.com/2418/">Rust</a></li>
+</ul>
+
+            
+        </div>
+
+        
+        
+    </main>
+
+    
+<footer>
+Built For ⁂ CENG489 ⁂ Introduction to Computer Security
+</footer>
+
+</body>
+<script>
+    function highlightNav(heading) {
+        let pathname = location.pathname;
+        document.querySelectorAll(".toc a").forEach((item) => {
+            item.classList.remove("active");
+        });
+        document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
+    }
+
+    let currentHeading = "";
+    window.onscroll = function () {
+        let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
+        let elementArr = [];
+
+        h.forEach(item => {
+            if (item.id !== "") {
+                elementArr[item.id] = item.getBoundingClientRect().top;
+            }
+        });
+        elementArr.sort();
+        for (let key in elementArr) {
+            if (!elementArr.hasOwnProperty(key)) {
+                continue;
+            }
+            if (elementArr[key] > 0 && elementArr[key] < 300) {
+                if (currentHeading !== key) {
+                    highlightNav(key);
+                    currentHeading = key;
+                }
+                break;
+            }
+        }
+    }
+</script>
+
+</html>