Skip to content

tonypius/cert-issuer

 
 

Repository files navigation

Build Status

cert-issuer

The cert-issuer project issues blockchain certificates by creating a transaction from the issuing institution to the recipient on the Bitcoin blockchain that includes the hash of the certificate itself.

Quick start using Docker

This uses bitcoind in regtest mode. This route makes many simplifications to allow a quick start, and is intended for experimenting only.

  1. First ensure you have Docker installed. See our Docker installation help.

  2. Clone the repo and change to the directory

    git clone https://github.com/blockchain-certificates/cert-issuer.git && cd cert-issuer
    
  3. From a command line in cert-issuer dir, build your docker container:

    docker build -t bc/cert-issuer:1.0 .
    
  4. Read before running!

    • Once you launch the docker container, you will make some changes using your personal issuing information. This flow mirrors what you would if you were issuing real certificates.

    • To avoid losing your work, you should create snapshots of your docker container. You can do this by running:

      docker ps -l
      docker commit <container for your bc/cert-issuer> my_cert_issuer
      
  5. When you're ready to run:

    docker run -it bc/cert-issuer:1.0 bash
    

Create issuing and revocation addresses

Important: this is a simplification to avoid using a USB, which needs to be inserted and removed during the standard certficate issuing process. Do not use these addresses or private keys for anything other than experimenting.

Ensure your docker image is running and bitcoind process is started

  1. Create an 'issuing address' and save the output as follows:

    issuer=`bitcoin-cli getnewaddress`
    sed -i.bak "s/<issuing-address>/$issuer/g" /etc/cert-issuer/conf.ini
    bitcoin-cli dumpprivkey $issuer > /etc/cert-issuer/pk_issuer.txt
    
  2. Create a 'revocation address' and save the output as follows. Note that we don't need to save this corresponding private key for testing issuing certificates:

    revocation=`bitcoin-cli getnewaddress`
    sed -i.bak "s/<revocation-address>/$revocation/g" /etc/cert-issuer/conf.ini
    
  3. Don't forget to save snapshots so you don't lose your work (see step 3 of client setup)

Issuing certificates

  1. Add your certificate to /etc/cert-issuer/data/unsigned_certificates/.

    # To use a sample unsigned certificate as follows:
    cp <cert-issuer-home>/examples/data-testnet/unsigned_certificates/6c6bd2ec-d0d6-41a9-bec8-57bb904c62a8.json /etc/cert-issuer/data/unsigned_certificates/
    
    # If you created your own unsigned certificate using cert-tools (assuming you placed it under data/unsigned_certificates):
    cp <cert-issuer-home>/data/unsigned_certificates/<your-cert-guid>.json /etc/cert-issuer/data/unsigned_certificates/
    
  2. Make sure you have enough BTC in your issuing address.

    a. You're using bitcoind in regtest mode, so you can print money. This should give you 50 (fake) BTC:

    bitcoin-cli generate 101
    bitcoin-cli getbalance
    

    b. Send the money to your issuing address -- note that bitcoin-cli's standard denomination is bitcoins not satoshis! (In our app, the standard unit is satoshis.) This command sends 5 bitcoins to the address

    bitcoin-cli sendtoaddress $issuer 5
    
  3. Issue the certificates on the blockchain

    cert-issuer -c /etc/cert-issuer/conf.ini
    
  4. Your Blockchain certificates are located in /etc/cert-issuer/data/blockchain_certificates. Copy these to your local machine, and add them to cert-viewer's cert_data folder to see your certificates in the Certificate Viewer.

docker ps  // shows the docker containerId
docker cp <containerId>:/etc/cert-issuer/data/blockchain_certificates <localPath>/cert-viewer/cert_data

Unit tests

This project uses tox to validate against several python environments.

  1. Ensure you have an python environment. Recommendations

  2. Run tests

    ./run_tests.sh
    

Issuing options

The quick start instructions use a test mode for issuing certificates. Most of the steps apply for issuing certificates on the real Bitcoin blockchain. Read Certificate Issuing Options for an overview of issuing options.

Advanced Docs

Examples

The files in examples/data-testnet and examples/data-mainnet contain results of previous runs.

Ignorable errors

If you see errors like this in the output, but the script succeeds anyway, then it's an ignorable error.

See richardkiss/pycoin#194

raise ScriptError("getitem out of range")
pycoin.tx.script.ScriptError: getitem out of range

Checking transaction status

You can validate your transaction before sending by looking it up by rawtx at blockchain.info. Example:

curl 'https://blockchain.info/rawtx/45a9306dfe99820eb346bb17ae0b64173ac11cac2d0e4227c7a7cacbcc0bad31?cors=true'

Contact

Contact info@blockcerts.org with questions

About

Issues digital certificates using the Bitcoin blockchain

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 97.9%
  • Shell 2.1%