A farkon 2017, mun fara ƙirƙirar manzo akan blockchain [suna da hanyar haɗin yanar gizon suna cikin bayanin martaba] ta hanyar tattauna fa'idodin akan saƙon P2P na gargajiya.
Ya tafi 2.5 shekara, kuma mun sami damar tabbatar da ra'ayinmu: aikace-aikacen manzo yanzu suna samuwa don iOS, Web PWA, Windows, GNU/Linux, Mac OS da Android.
A yau za mu gaya muku yadda blockchain messenger ke aiki da yadda aikace-aikacen abokin ciniki za su iya aiki tare da API ɗin sa.
Muna son blockchain don magance matsalolin tsaro da sirrin saƙon P2P na yau da kullun:
- Dannawa ɗaya don ƙirƙirar asusu - babu wayoyi ko imel, babu damar yin amfani da littattafan adireshi ko wuraren ƙasa.
- Masu shiga tsakani ba sa kafa haɗin kai kai tsaye; duk sadarwa yana faruwa ta hanyar rarrabawar tsarin nodes. Adireshin IP na masu amfani ba su isa ga juna ba.
- Duk saƙonnin an rufaffen rufaffen ne na Ƙarshe-zuwa-Ƙarshe25519xsalsa20poly1305. Da alama wannan ba zai ba kowa mamaki ba, amma lambar tushen mu a buɗe take.
- An cire harin MITM - kowane saƙo ciniki ne kuma Ed25519 EdDSA ya sa hannu.
- Sakon yana ƙarewa a cikin nasa block. Daidaituwa da
timestampBa za ku iya gyara tubalan ba, don haka tsarin saƙonnin. - "Ban faɗi haka ba" ba zai yi aiki tare da saƙonni akan blockchain ba.
- Babu wani tsari na tsakiya wanda zai bincika "sahihancin" saƙo. Ana yin wannan ta hanyar rarraba tsarin nodes bisa yarjejeniya, kuma mallakar ta masu amfani ne.
- Rashin yiwuwar tantancewa - ba za a iya toshe asusu ba kuma ba za a iya share saƙonni ba.
- Blockchain 2FA shine madadin 2FA na jahannama ta hanyar SMS,
- Ikon samun duk maganganun ku daga kowace na'ura a kowane lokaci yana nufin ba lallai ne ku adana tattaunawa a cikin gida kwata-kwata ba.
- Tabbatar da isar da saƙo. Ba ga na'urar mai amfani ba, amma ga hanyar sadarwa. Mahimmanci, wannan shine tabbacin ikon mai karɓa na karanta saƙon ku. Wannan siffa ce mai amfani don aika sanarwa mai mahimmanci.
Fa'idodin Blockchain kuma sun haɗa da haɗin kai tare da cryptocurrencies Ethereum, Dogecoin, Lisk, Dash, Bitcoin (wannan har yanzu yana kan ci gaba) da ikon aika alamu a cikin taɗi. Har ma mun yi ginanniyar musayar crypto.
Kuma a sa'an nan - yadda duk yake aiki.
Saƙo shine ciniki
Kowane mutum ya riga ya saba da gaskiyar cewa ma'amaloli a cikin blockchain canja wurin alamun (tsabar kudi) daga wannan mai amfani zuwa wani. Kamar Bitcoin. Mun ƙirƙiri nau'in ciniki na musamman don aika saƙonni.
Don aika saƙo a cikin manzo akan blockchain, kuna buƙatar bi ta matakai da yawa:
- Rufe saƙon rubutu
- Saka rubutun a cikin ma'amala
- Sa hannu kan ciniki
- Aika ma'amala zuwa kowace kumburin hanyar sadarwa
- Tsarin nodes da aka rarraba yana ƙayyade "sahihancin" saƙo
- Idan komai yayi daidai, ana haɗa ma'amala tare da saƙo a cikin toshe na gaba
- Mai karɓa yana maido da ma'amalar saƙon kuma ya ɓoye bayanan
Ana yin matakai na 1-3 da 7 a gida akan abokin ciniki, kuma ana yin matakai na 5-6 akan runduna.
Rufin saƙo
An rufaffen saƙon tare da keɓaɓɓen maɓallin mai aikawa da maɓallin jama'a na mai karɓa. Za mu ɗauki maɓallin jama'a daga hanyar sadarwar, amma don wannan, dole ne a fara fara asusun mai karɓa, wato, samun aƙalla ma'amala ɗaya. Kuna iya amfani da buƙatar REST GET /api/accounts/getPublicKey?address={ADAMANT address}, kuma lokacin loda taɗi, maɓallan jama'a na masu shiga za su riga sun kasance.
Manzo yana ɓoye saƙonni ta amfani da curve25519xsalsa20poly1305 algorithm (). Tunda asusun ya ƙunshi maɓallan Ed25519, don samar da akwati, dole ne a fara canza maɓallan zuwa Curve25519 Diffie-Hellman.
Ga misali a JavaScript:
/**
* Encodes a text message for sending to ADM
* @param {string} msg message to encode
* @param {*} recipientPublicKey recipient's public key
* @param {*} privateKey our private key
* @returns {{message: string, nonce: string}}
*/
adamant.encodeMessage = function (msg, recipientPublicKey, privateKey) {
const nonce = Buffer.allocUnsafe(24)
sodium.randombytes(nonce)
if (typeof recipientPublicKey === 'string') {
recipientPublicKey = hexToBytes(recipientPublicKey)
}
const plainText = Buffer.from(msg)
const DHPublicKey = ed2curve.convertPublicKey(recipientPublicKey)
const DHSecretKey = ed2curve.convertSecretKey(privateKey)
const encrypted = nacl.box(plainText, nonce, DHPublicKey, DHSecretKey)
return {
message: bytesToHex(encrypted),
nonce: bytesToHex(nonce)
}
}Ƙirƙirar ma'amala tare da saƙo
Kasuwancin yana da tsarin gaba ɗaya mai zuwa:
{
"id": "15161295239237781653",
"height": 7585271,
"blockId": "16391508373936326027",
"type": 8,
"block_timestamp": 45182260,
"timestamp": 45182254,
"senderPublicKey": "bd39cc708499ae91b937083463fce5e0668c2b37e78df28f69d132fce51d49ed",
"senderId": "U16023712506749300952",
"recipientId": "U17653312780572073341",
"recipientPublicKey": "23d27f616e304ef2046a60b762683b8dabebe0d8fc26e5ecdb1d5f3d291dbe21",
"amount": 204921300000000,
"fee": 50000000,
"signature": "3c8e551f60fedb81e52835c69e8b158eb1b8b3c89a04d3df5adc0d99017ffbcb06a7b16ad76d519f80df019c930960317a67e8d18ab1e85e575c9470000cf607",
"signatures": [],
"confirmations": 3660548,
"asset": {}
}
Don ma'amalar saƙo, abu mafi mahimmanci shine asset - kana buƙatar sanya sako a cikin abun chat tare da tsari:
message- ajiye rufaffen saƙonown_message- babutype- nau'in sakon
Ana kuma raba saƙonni zuwa nau'ikan. Ainihin, siga type ya gaya muku yadda za ku fahimta message. Kuna iya aika rubutu kawai, ko kuma za ku iya aika wani abu tare da abubuwa masu ban sha'awa a ciki - alal misali, wannan shine yadda manzo ke yin musayar cryptocurrency a cikin hira.
A sakamakon haka, mun ƙirƙira ciniki:
{
"transaction": {
"type": 8,
"amount": 0,
"senderId": "U12499126640447739963",
"senderPublicKey": "e9cafb1e7b403c4cf247c94f73ee4cada367fcc130cb3888219a0ba0633230b6",
"asset": {
"chat": {
"message": "cb682accceef92d7cddaaddb787d1184ab5428",
"own_message": "e7d8f90ddf7d70efe359c3e4ecfb5ed3802297b248eacbd6",
"type": 1
}
},
"recipientId": "U15677078342684640219",
"timestamp": 63228087,
"signature": "тут будет подпись"
}
}Sa hannun ciniki
Don tabbatar da cewa kowa yana da tabbaci game da sahihancin mai aikawa da mai karɓa, lokacin aikawa da abun ciki na saƙon, an sanya hannu kan ciniki. Sa hannu na dijital yana ba ku damar tabbatar da sahihancin ma'amala ta amfani da maɓallin jama'a - maɓalli na sirri ba a buƙatar wannan.
Amma sa hannun kanta ana yin ta ta amfani da maɓalli na sirri:
Jadawalin ya nuna cewa mun fara hash ɗin ciniki tare da SHA-256 sannan mu sanya hannu kuma sami sa hannu signature, kuma ID ɗin ma'amala wani ɓangare ne na SHA-256 hash.
Misali aiwatarwa:
1 - Samar da toshe bayanai, gami da saƙo
/**
* Calls `getBytes` based on transaction type
* @see privateTypes
* @implements {ByteBuffer}
* @param {transaction} trs
* @param {boolean} skipSignature
* @param {boolean} skipSecondSignature
* @return {!Array} Contents as an ArrayBuffer.
* @throws {error} If buffer fails.
*/
adamant.getBytes = function (transaction) {
...
switch (transaction.type) {
case constants.Transactions.SEND:
break
case constants.Transactions.CHAT_MESSAGE:
assetBytes = this.chatGetBytes(transaction)
assetSize = assetBytes.length
break
…
default:
alert('Not supported yet')
}
var bb = new ByteBuffer(1 + 4 + 32 + 8 + 8 + 64 + 64 + assetSize, true)
bb.writeByte(transaction.type)
bb.writeInt(transaction.timestamp)
...
bb.flip()
var arrayBuffer = new Uint8Array(bb.toArrayBuffer())
var buffer = []
for (var i = 0; i < arrayBuffer.length; i++) {
buffer[i] = arrayBuffer[i]
}
return Buffer.from(buffer)
}
2 - ƙidaya SHA-256 daga toshe bayanai
/**
* Creates hash based on transaction bytes.
* @implements {getBytes}
* @implements {crypto.createHash}
* @param {transaction} trs
* @return {hash} sha256 crypto hash
*/
adamant.getHash = function (trs) {
return crypto.createHash('sha256').update(this.getBytes(trs)).digest()
}3 - Shiga cikin ciniki
adamant.transactionSign = function (trs, keypair) {
var hash = this.getHash(trs)
return this.sign(hash, keypair).toString('hex')
}
/**
* Creates a signature based on a hash and a keypair.
* @implements {sodium}
* @param {hash} hash
* @param {keypair} keypair
* @return {signature} signature
*/
adamant.sign = function (hash, keypair) {
return sodium.crypto_sign_detached(hash, Buffer.from(keypair.privateKey, 'hex'))
}Aika ma'amala tare da saƙo zuwa kumburin cibiyar sadarwa
Tun da cibiyar sadarwar ta rabu, kowane daga cikin nodes tare da buɗaɗɗen API zai yi. Yin buƙatar POST zuwa ƙarshen ƙarshen api/transactions:
curl 'api/transactions' -X POST
-d 'TX_DATA'A cikin martani za mu sami ID na ma'amala na nau'in
{
"success": true,
"nodeTimestamp": 63228852,
"transactionId": "6146865104403680934"
}Tabbatar da Ma'amala
Tsarin rarraba na nodes, bisa ga yarjejeniya, yana ƙayyade "sahihancin" saƙon ma'amala. Daga wane ne kuma ga wane, lokacin, ko an maye gurbin saƙon da wani, da kuma ko lokacin aikawa ya nuna daidai. Wannan muhimmiyar fa'ida ce ta blockchain - babu wani tsari na tsakiya wanda ke da alhakin tabbatarwa, kuma ba za a iya karya jerin saƙon da abubuwan da ke cikin su ba.
Na farko, kumburi ɗaya yana bincika daidaito, sannan aika shi zuwa ga wasu - idan yawancin sun ce komai yana cikin tsari, za a haɗa ma'amala a cikin toshe na gaba na sarkar - wannan yarjejeniya ce.
Ana iya duba ɓangaren lambar node wanda ke da alhakin dubawa akan GitHub - и . Ee, kumburin yana gudana akan Node.js.
Ciki har da ma'amala tare da saƙo a cikin toshe
Idan an cimma yarjejeniya, za a haɗa ma'amala tare da saƙonmu a cikin toshe na gaba tare da sauran ma'amaloli masu inganci.
Tubalan suna da tsari mai tsauri, kuma kowane toshe na gaba an kafa shi bisa hashes na tubalan da suka gabata.
Ma'anar ita ce saƙonmu ma yana cikin wannan jerin kuma ba za a iya "sake tsarawa". Idan saƙonni da yawa sun faɗi cikin toshe, za a ƙayyade odar su ta hanyar timestamp saƙonni.
Sakonnin karantawa
Aikace-aikacen manzo yana dawo da ma'amaloli daga blockchain waɗanda aka aika ga mai karɓa. Don wannan mun sanya ƙarshen ƙarshen api/chatrooms.
Duk ma'amaloli suna samuwa ga kowa da kowa - zaka iya karɓar saƙon da aka ɓoye. Amma mai karɓa ne kaɗai zai iya ɓata bayanan ta amfani da maɓalli na sirri da maɓallin jama'a na mai aikawa:
**
* Decodes the incoming message
* @param {any} msg encoded message
* @param {string} senderPublicKey sender public key
* @param {string} privateKey our private key
* @param {any} nonce nonce
* @returns {string}
*/
adamant.decodeMessage = function (msg, senderPublicKey, privateKey, nonce) {
if (typeof msg === 'string') {
msg = hexToBytes(msg)
}
if (typeof nonce === 'string') {
nonce = hexToBytes(nonce)
}
if (typeof senderPublicKey === 'string') {
senderPublicKey = hexToBytes(senderPublicKey)
}
if (typeof privateKey === 'string') {
privateKey = hexToBytes(privateKey)
}
const DHPublicKey = ed2curve.convertPublicKey(senderPublicKey)
const DHSecretKey = ed2curve.convertSecretKey(privateKey)
const decrypted = nacl.box.open(msg, nonce, DHPublicKey, DHSecretKey)
return decrypted ? decode(decrypted) : ''
}Me kuma?
Tun da ana isar da saƙonni ta wannan hanyar cikin kusan daƙiƙa 5 - wannan shine lokacin da sabon toshe hanyar sadarwa ya bayyana - mun zo tare da haɗin haɗin abokin ciniki-zuwa-ƙulli da kumburin kumburin kumburi. Lokacin da kumburi ya sami sabon ma'amala, yana bincika ingancin sa kuma ya tura shi zuwa wasu nodes. Ana samun ma'amala ga abokan cinikin manzo tun ma kafin yarjejeniya ta faru da haɗawa cikin toshe. Ta wannan hanyar za mu isar da saƙon nan take, kamar saƙon take na yau da kullun.
Don adana littafin adireshi, mun sanya KVS - Ma'ajiyar Maɓalli - Wannan wata nau'in ciniki ce. asset ba NaCl-akwatin ne aka rufaffen ba, amma . Haka manzo yake adana wasu bayanai.
Canja wurin fayiloli/hotuna da tattaunawar rukuni har yanzu suna buƙatar aiki mai yawa. Tabbas, a cikin tsarin blunder-da-blunder wannan ana iya "zuba" cikin sauri, amma muna son kiyaye matakin sirri iri ɗaya.
Ee, har yanzu akwai sauran aiki da za a yi - a zahiri, sirrin sirri yana ɗauka cewa masu amfani ba za su haɗa su da nodes ɗin cibiyar sadarwar jama'a ba, amma za su ɗaga nasu. Kashi nawa na masu amfani kuke tunanin yin wannan? Haka ne, 0. Mun sami damar warware wannan bangare ta hanyar sigar Tor ta manzon.
Mun tabbatar da cewa manzo akan blockchain na iya wanzuwa. A baya can, akwai kawai ƙoƙari guda ɗaya a cikin 2012 - , wanda ya gaza saboda dogon lokacin isar da saƙo, nauyin CPU, da rashin aikace-aikacen wayar hannu.
Kuma shakku shine saboda gaskiyar cewa manzanni a kan blockchain suna gaba da lokacinsu - mutane ba su da shiri don ɗaukar alhakin asusun su, mallakar bayanan sirri ba tukuna ba ne, kuma fasaha ba ta ba da izinin yin sauri a kan blockchain ba. Ƙarin analogues na fasaha na aikin mu zai bayyana a gaba. Za ku gani.
source: www.habr.com