Flotorizer: An experiment on Blockchain for noobs.

Davi Ortega
9 min readDec 22, 2017

--

Let me preface this post by letting you know that I am not a developer, the only class related to programming that I ever took was 15 years ago, in Pascal — that’s right, Pascal. I am a scientist and I learned how to program Python with friends, colleagues, the internet (thanks StackOverflow). My programming self-education was mostly oriented by challenges related to bioinformatics and scripting tools to analyze atomic trajectories of molecular dynamics simulations.

All that to say that you don’t need to know much about blockchain to make an app like Flotorizer. Why not? Because Alexandria API is a thing.

The beginnings

I started to learn Node.js about two years ago — not full time, I am a scientist remember? — because bioinformatics applications are much more fun (and useful) if they are interactive, and on the web so you can brag about it by sharing a link. I went to one of those NodeTogether seminar given by ashley williams and learned enough to really get me going with Node.js. (Thanks ashley).

I also have a very good friend, Luke Ulrich, who knows a lot of javascript and were working on a project with me… anyways… two years in and I am embarrassed to say that I am still fumbling around with concepts such as promises and callbacks — fun huh?

Anyways, when I started to check out the then florincoin ecosystem, I barely knew what a blockchain was, but I knew that this tx_comment feature was very interesting. Wait… can I just write whatever I want on the blockchain of an ongoing cryptocurrency? How do I do that?

My curiosity took me to Alexandria, where I registered and felt tempted to upload an album that I had recorded with some friends back in Tennessee, it did not work the first few times but it finally went through. In the process, I met Devon Read, the CEO of Alexandria himself and my first contact in the FLO community. I met him because I entered on their chat channel and started asking questions.

At this point, I only had a vague idea of how cryptocurrencies worked: I need to have an address… but where is the address stored? What is wallet? What is paper wallet? What happens to this address that I just made but will never use?

Anyhow… after reading some blogs and wikis I later realized that Alexandria made me a wallet when I registered (thank you Alexandria) and also gave me an address. Cool, now I have a wallet, an address, how can I write on the blockchain?

To write in the FLO blockchain you just need to make a transaction. — Joseph Fiscella, lead dev of FLO project

Wait what? That’s it? No smart contract, no mess of OP_RETURN from bitcoin, no need to download the daemons?

No. All I needed to learn was how to make a transaction.

My first transaction in cryptocurrency

Ok… so I made another address (by the click of a button in the Alexandria wallet), and now I just needed to make a transaction, and BAM.

I am not sure which one was my very first transaction of all, but this is my first transaction with comment: b80cd

My first transaction programmatically

It was more or less at this time that I discovered the Alexandria API and noticed what they call “Client Library”. Browsing the examples I found very interesting that I could send a transaction using “FloVault” (I had no idea what that was, but hey… there is so much to learn at once, gotta take it slow).

Look how simple they made it look! If you want to make a transaction, you just have to sign in to your wallet:

and…

BAM! Transaction magic will happen!!!

Ohhhh cool! Now I can write a few lines of javascript real quick to do that. I already have a wallet from Alexandria and… wait… this is a “client library” and I don’t want to expose the credentials of my wallet in the code (the your_identifier and your_password part of the declaration of the wallet).

Fine, I am sure I can write a Node command line application (server-side) that can do that in a heart beat. But it wasn’t so easy…

I was so amazed by the simplicity of making a transaction programmatically that I failed to read the highlighted note in the Alexandria API documentation, that says:

and because I did not read it I got back in the Alexandria chat and ask: “Where can I find the SimpleWallet.js file?” They told me to download the new one, SimpleWlletFlorincoin.js, which I did, copied the file to my computer and tried to simply login to my wallet…

I don’t remember now if I succeeded to do that or not, but I know for sure that I could not make a transaction. Errors after errors and I thought I only needed to load the dependencies using require from node.js and done, but…

What happened next was a battle trying to halfway understand what was called what and finding out the dependencies needed, but after a few hours I had a working combo of code that worked on server side… and they said it couldn’t be done.

You don’t need to hassle that yourself, just copy: SimpleDeps.js and SimpleWalletFlorincoin.js from the Flotorizer github and you are good to go.

This was a hack, the FLO team is working to release a npm package that will be able to do all that with even less hassle.

Now I finally could execute my first transaction programmatically. Here is the code (or something like that):

then I just had to run: node firstTransaction.js and right there I have written on the FLO Blockchain. Amazing, isn’t it?

The birth of Flotorizer

Months earlier, in my collaboration with the California Pirate Party, I was thinking a lot about digital signatures, encryption and whatnot but all related to pursuit the development of a voting system for liquid democracy. During that time I was interested in sha algorithms and how cool was that idea.

Well… it occurred to me that I could put the sha-512 signature of a file in the FLO blockchain. At that moment, I realized that I could prove that a file with a specific content existed at least at the time of the transaction.

Before I even thought about the rest, I already had a name for the application: Florincoin + notary + zer = Flotorizer. I even made a transaction for it: f9a1…

I know that the most accurate would be Flotarizer, but that doesn’t sound good at all… I thought about Flotary but that was too close to Rotary so I decided to go with Flotorizer.

In my first transaction, I used the shasum command line unix application to calculate the digital signature of a file and the snippet above to insert it in the block chain: 8004…

That was the moment I realized (it was a week full of epiphanies), I not only could prove the existence of the file but… wait for it…

I didn’t even need to tell anyone what the file was about, at all!!!

See, theSHA2 family of hash function generates a unique enough string for a given input. But you cannot figure out the input just by looking at the string. Thus, I can prove that a picture existed without showing it to anyone, only by calculating the sha-512 digital signature of the picture and posting on the FLO Blockchain.

If any one contested that the picture actually existed, then all I had to do is to calculated the signature with any independent sha-512 calculator and compare the result with the record in the Blockchain. No one can delete the record and the record is public, but nobody knows what it is proving until it is contested. Cool, huh?

Lastly, I realized that other people might want to use this too. So I thought about making the app public. The cost of a Flotorization is 0.001 FLOs in fees of the transaction and with 1 FLO at less than $0.10 I thought I could fund it with less than $1.00 and make the app free… and so I did.

So I decide to pack all that into a public app. But as a sympathizer of the pirates ideals of privacy, I wanted to have an app that was Zero Knowledge. I did not want to have any knowledge of what was flotorized

The backbones of Flotorizer

This part is a bit more technical, but I promise that it is not that complicated.

I used the crypto library of Node.js with Webpack to build a code client-side that calculates the sha-512 digital signature of the file chosen by the user without having to EVER submit the file to the server.

That way, even as the creator of Flotorizer, I would never know what the file was about, even if I tried.

On the server-side, I used express.js to build literally two routes:

  • /stats : Which returns the number of flotorizations so far
  • /flotorize: a GET route that does all the magic

The client-side of the code, as soon as it finishes to calculate the digital signature, makes a GET request to/flotorize sending as parameters the sha-512 signature and the name of the file.

The server-side now attempts to make a transaction from my two addresses and puts the digital signature in the tx_comment field of the transaction:

This document has been flotorized: 1ED58159ADCF54A4753083F706089A4BC0CEAA55A8E973D431E7E056CE034FD1D5925096689E5494608DF0F246AC24D7BC89ADDB039CBCC13B8FCC47C8C245AE

By the way, I had to implement a lousy check to avoid double (or multiple) flotorizations of the same file. All because this hash 1ED5... has been flotorized probably over 100 times, haha. If the owner of the file is reading this, please let me know what the file that generates this signature is… or better yet, don’t :)

If the transaction is successful, the server-side code uses pdfkit to generate a PDF receipt with the information about the name of the file and the transaction. It also encodes the link for the transaction in the FLO block explorer on a QR-code using qr-image.

As soon as the pdf is completed, server sends the pdf file back to the user and immediately deletes it from the server’s storage. No database is required, no long term storage, nothing, as simple as it gets.

With the code running locally, all I had to to is to pass it to Heroku. To hide my credentials I use the Heroku environmental variables. Locally, I stripped the credentials from the code and use nf package to generate the environmental variables from a .env file that I sure included in my .gitignore.

And there you have it. A VERY simple code that can let you prove that a certain content in a file existed at least prior to the time of transaction.

Let me know if you have any questions or comments. I hope you too feel encouraged to adventure yourself in using this amazing infrastructure around the FLO Blockchain.

Edit: I only became a member of the core team of FLO months after I built this app.

As for the future of Flotorizer, we are developing a new, more robust, version of it. We will always offer the current service for free and in the near future we will build a paid version (paid with FLOs only) that will offer the option to save your files as well. In that version, all the information will be encrypted client-side before it is sent to our servers, keeping the full privacy for our users.

If you want to support this development, donate to:

  • FLO: F8YfuREuqCtW8MNj5LADczLoskgSDaNskn
  • LTC: LarUzkftuCjWi1sAL8An7o6wohdz4vJxTq
  • BTC: 1ArSXxcNTPbofJ1p79cg3ATd3cB5reqXGB
  • XMR: 4LBX9sXW8dR8Aa55wvZhRj6WAUD1Tej6caLVv2tdkPH54njhYKTKfVMNxAtzD4P5DmiM5FAAi7Esg7EkEU3u2a98FzRy82YMaqn1xDdZCw

If you want to donate in any other crypto currency, just let me know.

--

--

Davi Ortega
Davi Ortega

Written by Davi Ortega

Postdoc @Caltech studying the evolution of chemotaxis networks and macromolecular machineries in prokaryotes. Liquid democracy advocate. daviortega@toxme.io