Proof-of-concept example for a lending platform Part 2
This is a series of blogs about how to develop dApps on Ethereum.
We developed a proof-of-concept example of lending platform on blockchain.
* this is just a proof of concept example…
Last time we covered client side. If you’re interested, please check part 1.
This time we’re going to cover topics like…
- Setup Ethereum private network
- A bit about IPFS
- Sign a message on a client and decode the message on a server
Requirement
Setup Ethereum private network.
Create a couple of accounts
You need a couple of addresses (accounts) before setting up a network.
geth account new --datadir ./data
> <address #1>
geth account new --datadir ./data
> <address #2>
geth account new --datadir ./data
> <address #3>You can check files associated to the accounts you just created at ./data/keystore directory.
We use the addresses later. Please take a note.
Setup initial json file to generate genesis block
Now you can prepare a setting json file to generate a genesis block of a private network. To do so, let’s use the command line tool called puppeth.
Puppeth is installed with Geth.
You can choose 2 things, consensus algorithm and speed of mining.
For consensus algorithm we have 2 options, proof of work and proof of authority. Proof of work is the most popular consensus algorithm but require huge computation power. If I chose POW, my mac would roar. So my choice was POA. With POA we can give special power to a specific address to mine.
We don’t need consensus for prototyping and I really don’t want to waste power.
And I also chose 5 seconds for mining time (default 15secs may be too slow…)
But to tell the truth, any network works.
puppeth
+-----------------------------------------------------------+
| Welcome to puppeth, your Ethereum private network manager |
| |
| This tool lets you create a new Ethereum network down to |
| the genesis block, bootnodes, miners and ethstats servers |
| without the hassle that it would normally entail. |
| |
| Puppeth uses SSH to dial in to remote servers, and builds |
| its network components out of Docker containers using the |
| docker-compose toolset. |
+-----------------------------------------------------------+
Please specify a network name to administer (no spaces, please)
> ratel_network_demo
What would you like to do? (default = stats)
1. Show network stats
2. Configure new genesis
3. Track new remote server
4. Deploy network components
> 2
Which consensus engine to use? (default = clique)
1. Ethash - proof-of-work
2. Clique - proof-of-authority
> 2
How many seconds should blocks take? (default = 15)
> 5
Which accounts are allowed to seal? (mandatory at least one)
> 0x<address #1>
> 0x
Which accounts should be pre-funded? (advisable at least one)
> 0x<address #1>
> 0x<address #2>
> 0x
Specify your chain/network ID if you want an explicit one (default = random)
>
Anything fun to embed into the genesis block? (max 32 bytes)
>
What would you like to do? (default = stats)
1. Show network stats
2. Manage existing genesis
3. Track new remote server
4. Deploy network components
> 2
1. Modify existing fork rules
2. Export genesis configuration
> 2
Which file to save the genesis into? (default = ratel_network_demo.json)
>Create a genesis block
geth --datadir ./data init ratel_network_demo.jsonstart private network
RPC should be running at 127.0.0.1.
0.0.0.0 is only for testing purpose.
nohup geth --datadir ./data --nodiscover --networkid <Your network ID> --rpc --rpcapi db,eth,net,web3,personal,miner,admin --cache=128 --rpcport 8545 --rpcaddr 0.0.0.0 --rpccorsdomain "*" &start geth console to start mining
geth attach http://127.0.0.1:8545unlock the main account and start mining.
web3.personal.unlockAccount(web3.eth.accounts[0], <your password>, 0)
miner.start()That’s it.
Start IPFS
IPFS is a decentralized file system. As of January 2018, IPFS is the only working system which is actively used by developers. There are competitors like Ethereum’s Swarm. But non of them are ready even for prototyping this kind of applications.
Install IPFS
IPFS has good documents, please follow the install section for your environment.
Start IPFS instance on background mode
Once you installed IPFS, let’s start it.
nohup ipfs daemon --enable-pubsub-experiment &Sign message on client and get address on Server
Finally we can write node scripts to verify message from clients.
Sign a message on a client
There are 6 steps to generate signature string. I use ethereum-util node module, which is a library to do low-level ethereum things easily, to sign a message because for me ethereum-util is easy to use. But you can use other libraries of course.
As you notice, I use many libraries, some of which have overlapping features. But because Ethereum eco system is in infancy, none of tools are perfect. That’s why I use multiple tolls to develop dApps.
- get private key
- make the private key buffer
- take a sha3 hash of the buffer
- make the sha3 hash buffer
- sign the buffer with ethereumjs-util module
- generate a signature string
import EthUtil from 'ethereumjs-util'// client side
wallet.keyFromPassword( password, (err, pwDerivedKey) => {
if (err) {
console.log(err)
}// get private key
const pKey = wallet.exportPrivateKey( address, pwDerivedKey )// make the private key buffer
const pKeyx = new Buffer(pKey, 'hex');// take a sha3 hash of the buffer
const messageHash = web3.utils.sha3(message)// make the sha3 hash buffer
const messageHashx = new Buffer(messageHash.substr(2), 'hex');// sign the buffer with ethereumjs-util module
const signedMessage = EthUtil.ecsign(messageHashx, pKeyx)// generate a signature string
const signatureString = EthUtil.toRpcSig(signedMessage.v, signedMessage.r, signedMessage.s).toString('hex')})
In Ethereum development, we use buffer many times.
If you’re person like me, who have used high level languages like Python, Swift, and Javascript, it may take time to get used to buffer things.
Send the signature to server
Next step is to send the signature string, message hash, and singer address to the server.
{
signatureString: signatureString,
messageHash: messageHash,
signer: signer
}Verify the singer on client side
I use node express as http server.
There are a couple of steps in server side too but I think it’s simpler than client side.
- receive valuables from client
- create buffer of message hash
- decode signagure
- recover address
// sever side
import EthUtil from 'ethereumjs-util'// req come from express...const signatureString = req.body.signatureString
const messageHash = req.body.messageHash
const signer = req.body.signer// create buffer of message hash
const messageHashx = new Buffer(messageHash.substr(2), 'hex');// decode signature
const sigDecoded = EthUtil.fromRpcSig(signatureString)
// recover address
const recoveredPub = EthUtil.ecrecover(messageHashx, sigDecoded.v, sigDecoded.r, sigDecoded.s)
// change it to familiar format
const recoveredAddress = "0x"+EthUtil.pubToAddress(recoveredPub).toString('hex')if (recoveredAddress === signer) {
console.log("OK")
} else {
console.log("Not Okay")
}
That’s it.
Now we can sign message on client and verify the message on server.
By the way why do we have to send message to server?
Good question!
In most case client can talk to blockchain directly but there are a few scenarios we want to delegate actions to server.
- Execute a specific task which have to be done by an authorized address
- Send transaction without letting end users pay.
- When you have something you want to do on server
This is called oracle in blockchain world. There are many other cases which is also called oracle, but I use term, oracle, almost equivalent to API for blockchain.
Summary
We covered topics like setting up a private blockchain, start a IPFS server, and how to sign message and verify address.
We didn’t use the private network and IPFS this time.
Sorry about that. we will use them at the next blog.
At next blog, I will cover smart contracts and explain how we use blockchain and IPFS on server.
If you are interested in our project, please visit our website. and source code is here on github.
Thanks,
Originally published at Hydra Blog.
