Ekuqaleni kuka-2017, saqala ukudala umthunywa kwi-blockchain [igama kunye nekhonkco kwiprofayili] ngokuxoxa ngeenzuzo ngaphezu kwezithunywa ze-P2P zakudala.
Ihambile 2.5 unyaka, kwaye sakwazi ukuqinisekisa ingcamango yethu: izicelo zomthunywa ngoku ziyafumaneka kwi-iOS, iWeb PWA, iWindows, iGNU / Linux, iMac OS kunye ne-Android.
Namhlanje siza kukuxelela indlela umthunywa we-blockchain osebenza ngayo kunye nendlela izicelo zabaxhasi zingasebenza ngayo kunye ne-API yayo.
Besifuna i-blockchain isombulule imiba yokhuseleko kunye nemfihlo yabathunywa be-P2P yakudala:
- Ukucofa okukodwa ukwenza i-akhawunti - akukho fowuni okanye ii-imeyile, akukho ukufikelela kwiincwadi zeedilesi okanye i-geolocations.
- Abangeneleli abanakuze baseke unxibelelwano oluthe ngqo; lonke unxibelelwano lwenzeka ngenkqubo esasaziweyo yeenodi. Iidilesi ze-IP zabasebenzisi azifikeleleki omnye komnye.
- Yonke imiyalezo inoguqulelo oluntsonkothileyo End-to-End curve25519xsalsa20poly1305. Kubonakala ngathi oku akuyi kumangalisa nabani na, kodwa ikhowudi yethu yomthombo ivuliwe.
- Uhlaselo lwe-MITM alubandakanywanga - umyalezo ngamnye yintengiselwano kwaye usayinwe ngu-Ed25519 EdDSA.
- Umyalezo uphela kwibhloko yawo. Ukungqinelana kunye
timestampAwukwazi ukulungisa iibhloko, kwaye ngoko ke umyalelo wemiyalezo. - "Khange ndiyithethe loo nto" ayizukusebenza ngemiyalezo kwi-blockchain.
- Akukho sakhiwo sisembindini esijonga "ubunyani" bomyalezo. Oku kwenziwa ngenkqubo esasazwayo yeenodi ezisekelwe kwimvumelwano, kwaye iphethwe ngabasebenzisi.
- Ukungenzeki kovavanyo-iiakhawunti azinakuvinjwa kwaye imiyalezo ayinakususwa.
- I-Blockchain 2FA yenye enye indawo kwisihogo se-2FA ngeSMS,
- Ukukwazi ukufumana zonke iincoko zakho nakwesiphi na isixhobo nangaliphi na ixesha kuthetha ukuba akufuneki ugcine iincoko ekuhlaleni kwaphela.
- Ukuqinisekiswa kokuhanjiswa komyalezo. Hayi kwisixhobo somsebenzisi, kodwa kwinethiwekhi. Ngokusisiseko, esi sisiqinisekiso sokukwazi kommkeli ukufunda umyalezo wakho. Olu luphawu oluluncedo lokuthumela izaziso ezibalulekileyo.
Iinzuzo zeBlockchain zikwabandakanya ukudibanisa ngokusondeleyo kunye ne-cryptocurrencies Ethereum, i-Dogecoin, i-Lisk, i-Dash, i-Bitcoin (le isaqhuba) kunye nokukwazi ukuthumela amathokheni kwiingxoxo. Senze ne-crypto exchanger eyakhelweyo.
Kwaye emva koko - yonke into isebenza njani.
Umyalezo yitransekshini
Wonke umntu sele ejwayele ukuba ukuthengiselana kwi-blockchain transfer tokens (iingqekembe) ukusuka komnye umsebenzisi ukuya komnye. NjengeBitcoin. Senze uhlobo olukhethekileyo lwentengiselwano yokuhambisa imiyalezo.
Ukuthumela umyalezo kumthunywa kwi-blockchain, kufuneka uhambe ngamanyathelo amaninzi:
- Fihla umyalezo obhaliweyo
- Faka i-ciphertext kwitransekshini
- Sayina intengiselwano
- Thumela intengiselwano kuyo nayiphi na indawo yenethiwekhi
- Inkqubo esasazwayo yeenodi imisela "ubunyani" bomyalezo
- Ukuba yonke into ilungile, ukuthengiselana ngomyalezo kufakwe kwibhloko elandelayo
- Umamkeli uphinda afumane utshintshiselwano lomyalezo aze acime
Amanyathelo 1-3 kunye ne-7 enziwa kwindawo yendawo kumxhasi, kwaye amanyathelo 5-6 ayenziwa kumamkeli.
Uguqulelo oluntsonkothileyo lomyalezo
Umyalezo ubhalwe ngokuntsonkothileyo ngeqhosha labucala lomthumeli kunye neqhosha likawonke-wonke lomamkeli. Siya kuthatha isitshixo sikawonke-wonke kwinethiwekhi, kodwa ngenxa yale nto, i-akhawunti yommkeli kufuneka iqaliswe, oko kukuthi, ubuncinane ubuncinane bentengiselwano. Ungasebenzisa isicelo se-REST GET /api/accounts/getPublicKey?address={ADAMANT address}, kwaye xa ulayisha iingxoxo, izitshixo zoluntu ze-interlocutors ziya kuba sele zikhona.
Umthunywa ufihla imiyalezo usebenzisa i-curve25519xsalsa20poly1305 algorithm (). Ekubeni i-akhawunti iqulethe izitshixo ze-Ed25519, ukwenza ibhokisi, izitshixo kufuneka ziqale ziguqulelwe kwi-Curve25519 Diffie-Hellman.
Nanku umzekelo kwiJavaScript:
/**
* Encodes a text message for sending to ADM
* @param {string} msg message to encode
* @param {*} recipientPublicKey recipient's public key
* @param {*} privateKey our private key
* @returns {{message: string, nonce: string}}
*/
adamant.encodeMessage = function (msg, recipientPublicKey, privateKey) {
const nonce = Buffer.allocUnsafe(24)
sodium.randombytes(nonce)
if (typeof recipientPublicKey === 'string') {
recipientPublicKey = hexToBytes(recipientPublicKey)
}
const plainText = Buffer.from(msg)
const DHPublicKey = ed2curve.convertPublicKey(recipientPublicKey)
const DHSecretKey = ed2curve.convertSecretKey(privateKey)
const encrypted = nacl.box(plainText, nonce, DHPublicKey, DHSecretKey)
return {
message: bytesToHex(encrypted),
nonce: bytesToHex(nonce)
}
}Ukwenza intengiselwano ngomyalezo
Intengiselwano inolwakhiwo jikelele lulandelayo:
{
"id": "15161295239237781653",
"height": 7585271,
"blockId": "16391508373936326027",
"type": 8,
"block_timestamp": 45182260,
"timestamp": 45182254,
"senderPublicKey": "bd39cc708499ae91b937083463fce5e0668c2b37e78df28f69d132fce51d49ed",
"senderId": "U16023712506749300952",
"recipientId": "U17653312780572073341",
"recipientPublicKey": "23d27f616e304ef2046a60b762683b8dabebe0d8fc26e5ecdb1d5f3d291dbe21",
"amount": 204921300000000,
"fee": 50000000,
"signature": "3c8e551f60fedb81e52835c69e8b158eb1b8b3c89a04d3df5adc0d99017ffbcb06a7b16ad76d519f80df019c930960317a67e8d18ab1e85e575c9470000cf607",
"signatures": [],
"confirmations": 3660548,
"asset": {}
}
Kwintengiselwano yomyalezo, eyona nto ibalulekileyo asset - kufuneka ubeke umyalezo kwinto chat ngesakhiwo:
message-gcina umyalezo ofihliweyoown_message-noncetypeβ uhlobo lomyalezo
Imiyalezo yohlulwe ngokweentlobo. Enyanisweni, iparameter type ikuxelela indlela yokuqonda message. Ungathumela isicatshulwa nje, okanye ungathumela into enezinto ezinomdla ngaphakathi - umzekelo, le yindlela umthunywa enza ngayo ukudluliselwa kwe-cryptocurrency kwiingxoxo.
Ngenxa yoko, sidala intengiselwano:
{
"transaction": {
"type": 8,
"amount": 0,
"senderId": "U12499126640447739963",
"senderPublicKey": "e9cafb1e7b403c4cf247c94f73ee4cada367fcc130cb3888219a0ba0633230b6",
"asset": {
"chat": {
"message": "cb682accceef92d7cddaaddb787d1184ab5428",
"own_message": "e7d8f90ddf7d70efe359c3e4ecfb5ed3802297b248eacbd6",
"type": 1
}
},
"recipientId": "U15677078342684640219",
"timestamp": 63228087,
"signature": "ΡΡΡ Π±ΡΠ΄Π΅Ρ ΠΏΠΎΠ΄ΠΏΠΈΡΡ"
}
}Utyikityo lwentengiselwano
Ukuqinisekisa ukuba wonke umntu uqinisekile ngobunyani bomthumeli kunye nommkeli, ixesha lokuthumela kunye nomxholo womyalezo, ukuthengiselana kusayinwe. Isiginitsha yedijithali ikuvumela ukuba uqinisekise ubunyani bentengiselwano usebenzisa isitshixo sikawonke-wonke - isitshixo sabucala asifuneki kule nto.
Kodwa utyikityo ngokwalo lwenziwa kusetyenziswa isitshixo sabucala:
Umzobo ubonisa ukuba siqala ngokujonga intengiselwano nge-SHA-256 kwaye emva koko siyisayine kwaye ufumane utyikityo signature, kunye ne-ID yentengiselwano yinxalenye ye-SHA-256 hash.
Ukuphunyezwa komzekelo:
1 β Yenza ibhloko yedata, kuquka nomyalezo
/**
* Calls `getBytes` based on transaction type
* @see privateTypes
* @implements {ByteBuffer}
* @param {transaction} trs
* @param {boolean} skipSignature
* @param {boolean} skipSecondSignature
* @return {!Array} Contents as an ArrayBuffer.
* @throws {error} If buffer fails.
*/
adamant.getBytes = function (transaction) {
...
switch (transaction.type) {
case constants.Transactions.SEND:
break
case constants.Transactions.CHAT_MESSAGE:
assetBytes = this.chatGetBytes(transaction)
assetSize = assetBytes.length
break
β¦
default:
alert('Not supported yet')
}
var bb = new ByteBuffer(1 + 4 + 32 + 8 + 8 + 64 + 64 + assetSize, true)
bb.writeByte(transaction.type)
bb.writeInt(transaction.timestamp)
...
bb.flip()
var arrayBuffer = new Uint8Array(bb.toArrayBuffer())
var buffer = []
for (var i = 0; i < arrayBuffer.length; i++) {
buffer[i] = arrayBuffer[i]
}
return Buffer.from(buffer)
}
2 - Bala i-SHA-256 ukusuka kwibhloko yedatha
/**
* Creates hash based on transaction bytes.
* @implements {getBytes}
* @implements {crypto.createHash}
* @param {transaction} trs
* @return {hash} sha256 crypto hash
*/
adamant.getHash = function (trs) {
return crypto.createHash('sha256').update(this.getBytes(trs)).digest()
}3 β Sayina itransekshini
adamant.transactionSign = function (trs, keypair) {
var hash = this.getHash(trs)
return this.sign(hash, keypair).toString('hex')
}
/**
* Creates a signature based on a hash and a keypair.
* @implements {sodium}
* @param {hash} hash
* @param {keypair} keypair
* @return {signature} signature
*/
adamant.sign = function (hash, keypair) {
return sodium.crypto_sign_detached(hash, Buffer.from(keypair.privateKey, 'hex'))
}Ukuthumela intengiselwano ngomyalezo kwindawo yenethiwekhi
Ekubeni inethiwekhi idecentralized, nayiphi na i-nodes ene-API evulekile iya kwenza. Ukwenza isicelo se-POST ukuya ekupheleni api/transactions:
curl 'api/transactions' -X POST
-d 'TX_DATA'Ukuphendula siya kufumana i-ID yentengiselwano yohlobo
{
"success": true,
"nodeTimestamp": 63228852,
"transactionId": "6146865104403680934"
}Ukuqinisekiswa kwentengiselwano
Inkqubo esasazwayo yee-nodes, esekelwe kwimvumelwano, inquma "ubunyani" bomyalezo wokuthengiselana. Kuvela kubani kwaye kubani, nini, nokuba umyalezo watshintshwa ngomnye, nokuba ixesha lokuthumela liboniswe ngokuchanekileyo. Le nto ibaluleke kakhulu inzuzo ye-blockchain - akukho sakhiwo esisembindini esinoxanduva lokuqinisekisa, kwaye ukulandelelana kwemiyalezo kunye nomxholo wabo awukwazi ukukhohlisa.
Okokuqala, enye i-node ihlola ukuchaneka, ize ithumele kwabanye - ukuba uninzi luthi yonke into ilungile, ukuthengiselana kuya kufakwa kwibhloko elandelayo yekhonkco - oku kuvumelana.
Inxalenye yekhowudi ye-node enoxanduva lokujonga inokujongwa kwi-GitHub - ΠΈ . Ewe, i-node isebenza kwi-Node.js.
Kubandakanya intengiselwano enomyalezo kwibhloko
Ukuba isivumelwano sifikelelwe, ukuthengiselana ngomyalezo wethu kuya kufakwa kwibhloko elandelayo kunye nezinye iintengiselwano ezisebenzayo.
Iibhloko zinolandelelwano olungqongqo, kwaye ibhloko nganye elandelayo yenziwe ngokusekelwe kwi-hashes yeebhloko zangaphambili.
Ingongoma kukuba umyalezo wethu ubandakanyiwe kolu landelelwano kwaye awukwazi "ukulungiswa kwakhona". Ukuba imiyalezo emininzi iwela kwibhloko, iodolo yazo iya kumiselwa ngu timestamp imiyalezo.
Ukufunda imiyalezo
Isicelo somthunywa sifumana ukuthengiselana kwi-blockchain ethunyelwa kumamkeli. Kule nto senze isiphelo api/chatrooms.
Zonke iintengiselwano ziyafumaneka kuye wonke umntu - ungafumana imiyalezo efihliweyo. Kodwa ngumamkeli kuphela onokwenza uguqulelo lwekhowudi esebenzisa isitshixo sakhe sabucala kunye nesitshixo sikawonke-wonke somthumeli:
**
* Decodes the incoming message
* @param {any} msg encoded message
* @param {string} senderPublicKey sender public key
* @param {string} privateKey our private key
* @param {any} nonce nonce
* @returns {string}
*/
adamant.decodeMessage = function (msg, senderPublicKey, privateKey, nonce) {
if (typeof msg === 'string') {
msg = hexToBytes(msg)
}
if (typeof nonce === 'string') {
nonce = hexToBytes(nonce)
}
if (typeof senderPublicKey === 'string') {
senderPublicKey = hexToBytes(senderPublicKey)
}
if (typeof privateKey === 'string') {
privateKey = hexToBytes(privateKey)
}
const DHPublicKey = ed2curve.convertPublicKey(senderPublicKey)
const DHSecretKey = ed2curve.convertSecretKey(privateKey)
const decrypted = nacl.box.open(msg, nonce, DHPublicKey, DHSecretKey)
return decrypted ? decode(decrypted) : ''
}Kwaye yintoni enye?
Ekubeni imiyalezo ihanjiswa ngolu hlobo malunga nemizuzwana emi-5 - eli lixesha ibhloko entsha yenethiwekhi ibonakala - size nomxhasi we-client-to-node kunye ne-node-to-node socket uxhumano. Xa i-node ifumana intengiselwano entsha, ijonga ukunyaniseka kwayo kwaye iyithumele kwezinye iindawo. Intengiselwano iyafumaneka kubathengi bezithunywa nangaphambi kokuba kwenzeke ukuvumelana kunye nokubandakanywa kwibhloko. Ngale ndlela siyakuthumela imiyalezo ngoko nangoko, njengabathunywa abaqhelekileyo ngoko nangoko.
Ukugcina incwadi yedilesi, senze i-KVS - Ukugcinwa kwexabiso elingundoqo - olu lolunye uhlobo lwentengiselwano apho asset ayisiyobhokisi yeNaCl efihliweyo, kodwa . Yile ndlela umthunywa agcina ngayo enye idatha.
Ukuhanjiswa kwefayile/imifanekiso kunye neencoko zeqela kusafuna umsebenzi omninzi. Ewe, kwifomathi ye-blunder-and-blunder le nto inokuthi "ifakwe" ngokukhawuleza, kodwa sifuna ukugcina umgangatho ofanayo wobumfihlo.
Ewe, kusekho umsebenzi ekufuneka wenziwe - ngokufanelekileyo, ubumfihlo bokwenyani buthatha ukuba abasebenzisi abayi kuqhagamshela kwiindawo zenethiwekhi yoluntu, kodwa baya kuphakamisa ezabo. Yeyiphi ipesenti yabasebenzisi ocinga ukuba yenza oku? Kunjalo, 0. Siye sakwazi ukuwusombulula ngokuyinxenye lo mbandela ngenguqulelo yeTor yomthunywa.
Siye sangqina ukuba umthunywa kwi-blockchain unokuba khona. Ngaphambili, kwakukho inzame enye kuphela ngo-2012 - , ethe yasilela ngenxa yamaxesha okuhanjiswa kwemiyalezo emide, umthwalo we-CPU, kunye nokungabikho kwezicelo eziphathwayo.
Kwaye ukuthandabuza kubangelwa kukuba izithunywa kwi-blockchain ziphambi kwexesha labo - abantu abakulungele ukuthatha uxanduva kwi-akhawunti yabo, ulwazi lomntu siqu alukabikho, kwaye iteknoloji ayivumeli isantya esiphezulu kwi-blockchain. Ezinye iianalogu zetekhnoloji zeprojekthi yethu ziya kuvela ngokulandelayo. Uya kubona.
umthombo: www.habr.com