From ed53fbc9097370feeda1c5507878933643a9bcc5 Mon Sep 17 00:00:00 2001
From: Yigit Sever
Date: Sat, 10 Apr 2021 14:16:41 +0300
Subject: Trying to auth

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 664336c..33da21f 100644
--- a/README.md
+++ b/README.md
@@ -16,12 +16,12 @@ $ curl --location --request POST 'localhost:8080/transaction' --header 'Content-
 # how?
 
 ## authentication
-Students generate their own `keypairs` and authenticate with their METU Student IDs.
-Some JWT scheme, coming up.
-
-Authenticated students propose transactions, between them and another node (=public keys) or between the grader (=bank) and themselves.
+- Student generates a 2048 bit RSA Public Key (PK) / Private Key (PR) pair (available in python, c++, rust, gpg)
+- They then encrypt their PKs and Student IDs with Gradecoin's PK (will be published)
+- They use their PR as the signing key for JWTs
 
 ## transactions
+Students propose transactions, between them and another node (=public keys) or between the grader (=bank) and themselves.
 Transactions are `signed` using the proposers private key.
 (This whole public/private key + signing process will require some crypto dependency, **todo**)
 
-- 
cgit v1.2.3-70-g09d2