Skip to main content

x21e8 service to manage RDDL network identities on TrustAnchors and workflows.

Project description

0x21e8 RDDL Interaction Service

The 0x21e8 service is usually installed and executed on RDDL compatible hardware wallets (HW-03). The service utilizes the hardware wallet and enables the HW-03 devices to interact with the RDDL network (Planetmint and liquid).

Besides the pure wallet functionality it works as the core service to launch any RDDL specific use cases:

  • storage of (un/encrypted) data (w3storage (IPFS))
  • attestation of data
  • attestation of machines
  • issuing of tokens
  • lookup of data
  • lookup of tokens
  • combination of data & tokens

The current version runs with a software-based keystore. Production based versions will use keystores based on secure elements. Initialization and configuration of the keystores is currently enabled via API.

The service exposes all features via a RESTFul API. The documentation of the API is exposed via <ip/hostname>/docs.

WARNING use this code only for demonstrational purposes. Production code must not rely on this service.

Prepare the Environment

Please run the following scripts to install 0x21e8 service ()

### For a RPI: some architectures need to get a zenroom and dependencies build from source (glibc compatibility)
bash install.sh

The script basically prepares your system to build the service and installs some requirements for this.

Very often, poetry can be used directly without any indication to build some packages from source. Then, the following instruction will be sufficient:

curl -sSL https://install.python-poetry.org | python3 -   # installs poetry
poetry install
poetry shell

Service Configuration

The service needs the following configurations:

  • RDDL network planetmint services (RESTFul)
  • RDDL network liquid services (RPC)
    • RPC URL
    • RPC port
    • RPC user
    • RPC password
  • web3storage token to store data
  • RDDL asset registration endpoint
  • RDDL CID resolver
  • RDDL Authentication service to be able to authenticate with EdDSA to RDDL services

The configuration is set via environment variables such as

  • LQD_RPC_PORT
  • LQD_RPC_USER
  • LQD_RPC_PASSWORD
  • LQD_RPC_HOST
  • PLNTMNT_ENDPOINT
  • WEB3STORAGE_TOKEN
  • RDDL_ASSET_REG_ENDPOINT
  • CID_RESOLVER
  • RDDL_AUTH

Alternatively, the variables can be defined within the .env file of the project. A example env.example file can be adjusted and copied to .env.

Service Execution

uvicorn --log-level debug --reload x21e8.main:app

Service deployment

In order to deploy the service within an production environment adjust the user and group names if needed and execute the following commands:

sudo cp 0x21e8.service /etc/systemd/system # that's the folder where main.py is located within
sudo systemctl daemon-reload
sudo systemctl enable 0x21e8.service
sudo systemctl start 0x21e8.service

Current state of Liquid Part:

The liquid transactions are created the following way:

Confidential Address Derivation

  1. A master key is generated from a mnemonic phrase
  2. This key is derived once (1) and a child key is acquired.
  3. The child key is used to derive a liquid address.
  4. .
  5. .
  6. .
  7. Through various steps a confidential address is created. This address is passed along the private key that was used to create the confidential address. This private key is not used anywhere. Apparently, the address is also not used anywhere.

Asset Issuance

  1. the issue_asset function is called which makes a rpc call in the background. The issue here is the confidential address created before is not used. where do we use the confidential address ? its not used anywhere else
  2. This part is solely handled by RPC calls. Is the trusted gw also make rpc calls ? or is it going to delegate this to some other backend service ?
  3. After we are done here, we get some kind of receipt for our transaction which will be used later on.

Asset Id Registration

  1. The asset id will be registered to our trusted domain. Is this a one time thing ? Are we going to use the same asset / token for every activity ? As far as i have understood, the asset issuer (r&c) does this only once.

Asset Id Registration on Liquid Network

  1. The asset id and the corresponding contract is registered on liquid as the final step. Is this also done only by (r&c) and done only once ?

It seems like there is a confusion around creating/issuing an asset and actually distributing it to users. The steps here resemble a one-time asset issuance rather than asset distribution (which is called asset re-issuance. Here is the official documentation : https://docs.blockstream.com/liquid/developer-guide/developer-guide-index.html#proof-of-issuance-blockstream-s-liquid-asset-registry. The trusted gateway should ask for a re-issuance of token and this service should do it. The hw should focus on generating an address (from a mnemonic), post the planetmint tx first get the id from this tx and send it along the issuance request to the service so the service can determine how much token will be issued. Maybe its not like this and the issued asset represents a NFT on Liquid Network so for every create tx from planet mint there will be another asset issued on Liquid.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

x21e8-0.9.2.tar.gz (27.3 kB view details)

Uploaded Source

Built Distribution

x21e8-0.9.2-py3-none-any.whl (33.7 kB view details)

Uploaded Python 3

File details

Details for the file x21e8-0.9.2.tar.gz.

File metadata

  • Download URL: x21e8-0.9.2.tar.gz
  • Upload date:
  • Size: 27.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.5.1 CPython/3.9.17 Linux/5.15.0-1041-azure

File hashes

Hashes for x21e8-0.9.2.tar.gz
Algorithm Hash digest
SHA256 8c772a846afa96dc13f4d0ec857248b30df4952231b309d0e9ffff8d006583ad
MD5 84a07a3b9523fdcb09d9b3aa0f61bdaf
BLAKE2b-256 1145fbb48446066355b603eb32808855c8d1e65a792d99c2d4b7779684e7d814

See more details on using hashes here.

File details

Details for the file x21e8-0.9.2-py3-none-any.whl.

File metadata

  • Download URL: x21e8-0.9.2-py3-none-any.whl
  • Upload date:
  • Size: 33.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.5.1 CPython/3.9.17 Linux/5.15.0-1041-azure

File hashes

Hashes for x21e8-0.9.2-py3-none-any.whl
Algorithm Hash digest
SHA256 f7ccab28b8ba2f58b5516c304432e290b75cabc9357621b5d3b5bacb1b87ef45
MD5 73bb64e0be2c25a9faad83b0c606941c
BLAKE2b-256 aa59200f373f60d8fac63819ac96fa1d106837d32fa39e4f63fdd0b93bce6b70

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page