Code Monkey home page Code Monkey logo

hedera-proof-of-action-microservice's Introduction

Hedera™ Hashgraph Proof-of-Action Microservice

What is the proof-of-action microservice?

The Hedera Proof of Action (HPoA) microservice aims to make it easy for organizations to build a capability to record and subsequently prove the existence of business events using the Hedera Consensus Service.

Examples of these types of recorded events are proof of deletion of personally sensitive data for regulatory compliance, proof of usage of data for a particular purpose for record keeping, or proof of redeeming a coupon for business process automation.

How does the proof-of-action microservice work?

First, an application logs important business events (serialized business objects) into the HPoA microservice at the time they occur. The business logic specifies whether the business event should be stored in open, encrypted, or in the hashed form. The HPoA microservice stores these events in a specific HCS topic, configured for this purpose. Creation of this topic is done as part of initialization.

When the business or third party needs to prove the existence of an event – say for creating a report, for an audit, or in a court of law — it simply invokes another API with either the business object or an identifier to that object, and the HPoA microservice provides a mathematically provable record of that business object being stored on to the public ledger along with the timestamp.

Microservice architecture diagram

First, a business application creates a business object that needs to be recorded for the purposes of compliance, auditability, public verifiability, automation, or other regulatory reasons. The business logic simply calls a /record_action API with a serialized representation of that business object. The following options are available to the business logic:

Storage in the public ledger:

  • Store the object in unencrypted form
  • Store the object in an encrypted form
  • Store just the hash of the object

Storage in a database within the microservice:

  • Option to store the business object in a database within the microservice

When the business application invokes this API, the appropriate data (original object, encrypted object, or a hash) is sent to Hedera Consensus Service using the SDK. If required, the SDK handles fragmentation of messages. The microservice returns the Transaction-ID that the business logic stores for future references.

When the business application wants to prove that a particular event was memorialized on the public DLT, it invokes the prove_action API – either with the original business object, or with the Transction-ID. The HPoA microservice queries a mirror node (mirror nodes are run by Hedera as well as several third parties), and obtains the record of the transaction. It also creates an equivalent representation of the original object (encryption or hashed), and compares it with the representation obtained from the mirror node record. If the two match, it returns a successful response with the business object that was memorialized and appropriate details of the proof from the Hedera’s public ledger. In future, this proof will also contain the state proof obtained from Hedera.

Image of HPoA microservice architecture diagram

Requirements

  • Java 14
  • Docker
  • Docker-compose

Install

setup environment variables

$ cd hedera-proof-of-action-microservice
$ cp .env.sample .env
$ nano .env

Edit the following environment variables

  • HEDERA_OPERATOR_ID – The Account ID on Hedera™ that will pay for the transactions.

  • HEDERA_OPERATOR_KEY – The matching private key for the HEDERA_OPERATOR_ID.

  • HEDERA_NETWORK - The Hedera Network to use: testnet, mainnet or previewnet

  • HEDERA_TOPIC_ID – The topic ID to use for consensus. A new one will be created if not provided.

  • SECRET_KEY – The secret key to use to optionally encrypt messages to Hedera. A new one will be generated if not provided.

  • Note: You may leave secret key blank to have one generated by the system and output in the console *

$ docker-compose up

Usage

Submit an action

An action can be submitted to HCS as a hash, encrypted, or direct ( direct is the default).

An optional, client-generated, non-unique clientId can be submitted and later used to lookup actions.

POST /v1/action/
content-type: application/json

{
    "payload": "anything goes here",
    "submit": "hash"
}
202 Accepted
content-length: 49
content-type: application/json

{
    "transactionId": "[email protected]"
}

INVALID_TRANSACTION_START errors

In some instances, the clock inside the docker proof of action container drifts, resulting in an error similar to failed pre-check with the status INVALID_TRANSACTION_START

running the command below will re-synchronise the clock in the container (no need to restart it)

docker run --rm --privileged hedera-proof-of-action-microservice_poa hwclock -s

Prove an action

An action can be proven by requesting by the original payload, the returned transaction ID, or a client-generated ID.

GET /v1/action/?payload=anything%20goes%20here
GET /v1/action/[email protected]
200 OK
content-length: 235
content-type: application/json

[
    {
        "consensusTimestamp": "2020-04-24T15:28:48.595593Z",
        "runningHash": "2dc9abcfea672d0d6047504dada83e4540f3a28601af7b6e9eaaf071e570b3624d5f22d7d0caa7944e00ee6fb11f9392",
        "sequenceNumber": 19,
        "transactionId": "[email protected]"
    }
]

Contributing to this Project

We welcome participation from all developers! For instructions on how to contribute to this repo, please review the Contributing Guide.

License Information

Licensed under Apache License, Version 2.0 – see LICENSE in this repo or apache.org/licenses/LICENSE-2.0.

hedera-proof-of-action-microservice's People

Contributors

gregscullard avatar mehcode avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

bmgentile ringgi thaingo shades2 supreeth-t matthew1172

hedera-proof-of-action-microservice's Issues

Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string

Description

After running docker I get some messages about postgres starting and stopping, and then a hex string exception keeps repeating itself (i'm assuming because the server is listening).

Steps to reproduce

install docker on bare metal kali linux https://www.kali.org/docs/containers/installing-docker-on-kali/
clone repo
create new .env file with appropriate Hedera information
docker-compose up

Additional context

hedera-proof-of-action-microservice_poa_1 exited with code 1
poa_1  | Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string       
poa_1  |        at org.bouncycastle.util.encoders.Hex.decode(Unknown Source)
poa_1  |        at com.hedera.hashgraph.poa.App.main(App.java:73)
poa_1  | Caused by: java.io.IOException: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.HexEncoder.decode(Unknown Source)
poa_1  |        ... 2 more
hedera-proof-of-action-microservice_poa_1 exited with code 1

full log after docker command:

# docker-compose up
Creating network "hedera-proof-of-action-microservice_default" with the default driver
Pulling db (postgres:12)...
12: Pulling from library/postgres
5eb5b503b376: Pull complete
daa0467a6c48: Pull complete
7cf625de49ef: Pull complete
bb8afcc973b2: Pull complete
c74bf40d29ee: Pull complete
2ceaf201bb22: Pull complete
1255f255c0eb: Pull complete
12a9879c7aa1: Pull complete
f7ca80cc6dd3: Pull complete
6714db455645: Pull complete
ee4f5626bf60: Pull complete
621bb0c2ae77: Pull complete
a19e980f0a72: Pull complete
Digest: sha256:505d023f030cdea84a42d580c2a4a0e17bbb3e91c30b2aea9c02f2dfb10325ba
Status: Downloaded newer image for postgres:12
Building poa
Sending build context to Docker daemon  110.6kB
Step 1/14 : FROM adoptopenjdk:14-jdk-hotspot AS build
14-jdk-hotspot: Pulling from library/adoptopenjdk
5d3b2c2d21bb: Pull complete 
3fc2062ea667: Pull complete 
75adf526d75b: Pull complete 
9518218b2233: Pull complete 
692709f8479f: Pull complete 
Digest: sha256:05ac575cda69151dfac2d1f0a3615887ed43000c63e2a57ecc74f85b02a59017
Status: Downloaded newer image for adoptopenjdk:14-jdk-hotspot
 ---> 8d3d9c370092
Step 2/14 : COPY ./gradle /opt/hedera-proof-of-action/gradle
 ---> af172825f447
Step 3/14 : COPY ./gradlew /opt/hedera-proof-of-action/gradlew
 ---> 1a7419f7a820
Step 4/14 : RUN cd /opt/hedera-proof-of-action && ./gradlew --no-daemon
 ---> Running in 9fb921327217
Downloading https://services.gradle.org/distributions/gradle-6.3-all.zip
.............10%..............20%..............30%..............40%..............50%..............60%.............70%..............80%..............90%..............100%                                                                                                                                                                     
                                                                                                                                                                       
Welcome to Gradle 6.3!                                                                                                                                                 
                                                                                                                                                                       
Here are the highlights of this release:                                                                                                                               
 - Java 14 support                                                                                                                                                     
 - Improved error messages for unexpected failures                                                                                                                     
                                                                                                                                                                       
For more details see https://docs.gradle.org/6.3/release-notes.html                                                                                                    
                                                                                                                                                                       
To honour the JVM settings for this build a new JVM will be forked. Please consider using the daemon: https://docs.gradle.org/6.3/userguide/gradle_daemon.html.        
Daemon will be stopped at the end of the build stopping after processing                                                                                               

> Task :help

Welcome to Gradle 6.3.

To run a build, run gradlew <task> ...

To see a list of available tasks, run gradlew tasks

To see a list of command-line options, run gradlew --help

To see more detail about a task, run gradlew help --task <task>

For troubleshooting, visit https://help.gradle.org

Deprecated Gradle features were used in this build, making it incompatible with Gradle 7.0.
Use '--warning-mode all' to show the individual deprecation warnings.
See https://docs.gradle.org/6.3/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 35s
1 actionable task: 1 executed
Removing intermediate container 9fb921327217
 ---> 52299f67f454
Step 5/14 : COPY ./build.gradle /opt/hedera-proof-of-action/build.gradle
 ---> a84c5a7b8d6e
Step 6/14 : COPY ./settings.gradle /opt/hedera-proof-of-action/settings.gradle
 ---> c36b297a7ae8
Step 7/14 : RUN cd /opt/hedera-proof-of-action && ./gradlew --no-daemon compileJava
 ---> Running in 3ff195a1f95b
To honour the JVM settings for this build a new JVM will be forked. Please consider using the daemon: https://docs.gradle.org/6.3/userguide/gradle_daemon.html.
Daemon will be stopped at the end of the build stopping after processing
> Task :compileJava NO-SOURCE

Deprecated Gradle features were used in this build, making it incompatible with Gradle 7.0.
Use '--warning-mode all' to show the individual deprecation warnings.
See https://docs.gradle.org/6.3/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 18s
Removing intermediate container 3ff195a1f95b
 ---> 5fed9a359f76
Step 8/14 : COPY ./src /opt/hedera-proof-of-action/src
 ---> ce1877275cc9
Step 9/14 : RUN cd /opt/hedera-proof-of-action && ./gradlew --no-daemon build
 ---> Running in 994486e101c9
To honour the JVM settings for this build a new JVM will be forked. Please consider using the daemon: https://docs.gradle.org/6.3/userguide/gradle_daemon.html.
Daemon will be stopped at the end of the build stopping after processing
> Task :compileJava
> Task :processResources
> Task :classes
> Task :jar
> Task :startScripts
> Task :distTar
> Task :distZip
> Task :shadowJar
> Task :startShadowScripts
> Task :shadowDistTar
> Task :shadowDistZip
> Task :assemble
> Task :compileTestJava NO-SOURCE
> Task :processTestResources NO-SOURCE
> Task :testClasses UP-TO-DATE
> Task :test NO-SOURCE
> Task :check UP-TO-DATE
> Task :build

Deprecated Gradle features were used in this build, making it incompatible with Gradle 7.0.
Use '--warning-mode all' to show the individual deprecation warnings.
See https://docs.gradle.org/6.3/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 51s
10 actionable tasks: 10 executed
Removing intermediate container 994486e101c9
 ---> 1b14ac256cd2
Step 10/14 : FROM adoptopenjdk:14-jre-hotspot
14-jre-hotspot: Pulling from library/adoptopenjdk
5d3b2c2d21bb: Already exists 
3fc2062ea667: Already exists 
75adf526d75b: Already exists 
9518218b2233: Already exists 
e797c3064fb4: Pull complete 
Digest: sha256:d7fe614f79fb4cc879f5f3be2971a854d6cd6719e5fa0631385a676161342e0a
Status: Downloaded newer image for adoptopenjdk:14-jre-hotspot
 ---> 157bb71cd724
Step 11/14 : WORKDIR /srv
 ---> Running in f16d374d7387
Removing intermediate container f16d374d7387
 ---> 446b0c0645db
Step 12/14 : COPY --from=build /opt/hedera-proof-of-action/build/libs/hedera-proof-of-action.jar /srv/hedera-proof-of-action.jar
 ---> 980d2ec70d2b
Step 13/14 : CMD java "-jar" "hedera-proof-of-action.jar"
 ---> Running in 03ef2a318573
Removing intermediate container 03ef2a318573
 ---> 0f7ce352ca3f
Step 14/14 : EXPOSE 8080
 ---> Running in 9c047f0431ed
Removing intermediate container 9c047f0431ed
 ---> 3666ec96f8b7
Successfully built 3666ec96f8b7
Successfully tagged hedera-proof-of-action-microservice_poa:latest
WARNING: Image for service poa was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Creating hedera-proof-of-action-microservice_db_1 ... done
Creating hedera-proof-of-action-microservice_poa_1 ... done
Attaching to hedera-proof-of-action-microservice_db_1, hedera-proof-of-action-microservice_poa_1
db_1   | The files belonging to this database system will be owned by user "postgres".
db_1   | This user must also own the server process.
db_1   | 
db_1   | The database cluster will be initialized with locale "en_US.utf8".
db_1   | The default database encoding has accordingly been set to "UTF8".
db_1   | The default text search configuration will be set to "english".
db_1   | 
db_1   | Data page checksums are disabled.
db_1   | 
db_1   | fixing permissions on existing directory /var/lib/postgresql/data ... ok
db_1   | creating subdirectories ... ok
db_1   | selecting dynamic shared memory implementation ... posix
db_1   | selecting default max_connections ... 100
db_1   | selecting default shared_buffers ... 128MB
db_1   | selecting default time zone ... Etc/UTC
db_1   | creating configuration files ... ok
db_1   | running bootstrap script ... ok
db_1   | performing post-bootstrap initialization ... ok
db_1   | syncing data to disk ... initdb: warning: enabling "trust" authentication for local connections
db_1   | You can change this by editing pg_hba.conf or using the option -A, or
db_1   | --auth-local and --auth-host, the next time you run initdb.
db_1   | ok
db_1   | 
db_1   | 
db_1   | Success. You can now start the database server using:
db_1   | 
db_1   |     pg_ctl -D /var/lib/postgresql/data -l logfile start
db_1   | 
db_1   | waiting for server to start....2022-02-26 20:14:22.579 UTC [49] LOG:  starting PostgreSQL 12.10 (Debian 12.10-1.pgdg110+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit
db_1   | 2022-02-26 20:14:22.582 UTC [49] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db_1   | 2022-02-26 20:14:22.619 UTC [50] LOG:  database system was shut down at 2022-02-26 20:14:21 UTC
db_1   | 2022-02-26 20:14:22.627 UTC [49] LOG:  database system is ready to accept connections
db_1   |  done
db_1   | server started
poa_1  | Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.Hex.decode(Unknown Source)
poa_1  |        at com.hedera.hashgraph.poa.App.main(App.java:73)
poa_1  | Caused by: java.io.IOException: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.HexEncoder.decode(Unknown Source)
poa_1  |        ... 2 more
db_1   | CREATE DATABASE
db_1   | 
db_1   | 
db_1   | /usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*
db_1   | 
db_1   | waiting for server to shut down...2022-02-26 20:14:23.049 UTC [49] LOG:  received fast shutdown request
db_1   | .2022-02-26 20:14:23.052 UTC [49] LOG:  aborting any active transactions
db_1   | 2022-02-26 20:14:23.057 UTC [49] LOG:  background worker "logical replication launcher" (PID 56) exited with exit code 1
db_1   | 2022-02-26 20:14:23.064 UTC [51] LOG:  shutting down
db_1   | 2022-02-26 20:14:23.087 UTC [49] LOG:  database system is shut down
db_1   |  done
db_1   | server stopped
db_1   | 
db_1   | PostgreSQL init process complete; ready for start up.
db_1   | 
db_1   | 2022-02-26 20:14:23.173 UTC [1] LOG:  starting PostgreSQL 12.10 (Debian 12.10-1.pgdg110+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit
db_1   | 2022-02-26 20:14:23.173 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
db_1   | 2022-02-26 20:14:23.174 UTC [1] LOG:  listening on IPv6 address "::", port 5432
db_1   | 2022-02-26 20:14:23.179 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db_1   | 2022-02-26 20:14:23.209 UTC [77] LOG:  database system was shut down at 2022-02-26 20:14:23 UTC
db_1   | 2022-02-26 20:14:23.217 UTC [1] LOG:  database system is ready to accept connections
poa_1  | Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.Hex.decode(Unknown Source)
poa_1  |        at com.hedera.hashgraph.poa.App.main(App.java:73)
poa_1  | Caused by: java.io.IOException: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.HexEncoder.decode(Unknown Source)
poa_1  |        ... 2 more
hedera-proof-of-action-microservice_poa_1 exited with code 1
poa_1  | Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string       
poa_1  |        at org.bouncycastle.util.encoders.Hex.decode(Unknown Source)
poa_1  |        at com.hedera.hashgraph.poa.App.main(App.java:73)
poa_1  | Caused by: java.io.IOException: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.HexEncoder.decode(Unknown Source)
poa_1  |        ... 2 more
hedera-proof-of-action-microservice_poa_1 exited with code 1
poa_1  | Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: exception decoding Hex string: invalid characters encountered in Hex string       
poa_1  |        at org.bouncycastle.util.encoders.Hex.decode(Unknown Source)
poa_1  |        at com.hedera.hashgraph.poa.App.main(App.java:73)
poa_1  | Caused by: java.io.IOException: invalid characters encountered in Hex string
poa_1  |        at org.bouncycastle.util.encoders.HexEncoder.decode(Unknown Source)
poa_1  |        ... 2 more

and then the Hex string exception keeps repeating...

Hedera network

testnet

Version

v1

Operating system

Linux

Update README

Currently the readme just outlines how to setup (which is great) but it doesn't help users understand what the proof of action API is, what they're setting up, or when to use it. Can we update the description with some architecture diagrams, or other helpful materials?

ci: [2024-Q3] CI/CD Audit Story

CI/CD Quarterly Audit

  • Description: Perform quarterly CI/CD audit

Audit Criteria

  • All workflow items are using pinned actions
  • Appropriate permissions are set within the github workflows
  • Dependabot is enabled on the repository
  • The Repository is using self-hosted runners (if appropriate)
  • The repository uses the current rulesets
  • Individual branch protections are turned off
  • Individual tag protections are turned off
  • The Step-Security Hardened Security action is enabled
  • CODEOWNERS is valid and up-to-date
  • Teams are assigned to the repository
  • Individual contributors that are part of assigned teams are removed from contributors list
  • Actions are disabled if not in use within last 6 months
  • Repository settings are configured per organization standard
  • All webhooks present are needed and in use
  • If Applicable: Alert repository owners of software versions that are no longer supported
  • If Applicable: Alert repository owners when software versions are within 3 months of losing support
  • Custom properties: last-ci-review-by-team is set
  • Custom properties: last-ci-review-date is set (Use format: YYYY-MM-DD)

Repository Settings

  • Require contributors to sign off on web-based commits
  • Features: Issues
  • Features: Preserve this Repository
  • Features: Discussions
  • Features: Projects
  • Pull Requests: Allow Squash Merging
  • Pull Requests: Always suggest updating pull request branches
  • Pull Requests: Automatically delete head branches
  • Pushes: Limit how many branches and tags can be updated in a single push

Acceptance Criteria

  • All Audit Criteria have been met

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.