oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aitbc/docs/wallet_daemon.md
oib cdaf1122c3 ``` 
chore: update genesis timestamp, fix import paths, clean compiled JS files, and adjust mock path

- Update devnet genesis timestamp to 1766400877
- Add Receipt model for zk-proof generation with receiptId, miner, coordinator fields
- Fix import paths from settings to config across service modules (access_control, audit_logging, encryption, hsm_key_manager, key_management, zk_proofs)
- Remove compiled JavaScript files from explorer-web components and lib directories
- Update mock data base path
2025-12-22 15:51:19 +01:00

2.7 KiB
Raw Permalink Blame History

Wallet Daemon Task Breakdown

Status (2025-12-22)

  • Stage 1: DEPLOYED - Wallet Daemon successfully deployed in production at https://aitbc.bubuit.net/wallet/
    • FastAPI application running in Incus container on port 8002
    • Encrypted keystore with Argon2id + XChaCha20-Poly1305 implemented
    • REST and JSON-RPC APIs operational
    • Mock ledger with SQLite backend functional
    • Receipt verification using aitbc_sdk integrated
    • nginx proxy configured at /wallet/ route

Stage 1 (MVP) - COMPLETED

  • Project Setup

    • Initialize FastAPI application under apps/wallet-daemon/src/app/ with main.py, settings.py, api_rest.py, api_jsonrpc.py.
    • Create crypto and keystore modules implementing Argon2id key derivation and XChaCha20-Poly1305 encryption.
    • Add dependencies: FastAPI, uvicorn, argon2-cffi, pynacl, aitbc-sdk, aitbc-crypto, pydantic-settings.

  • Keystore & Security

    • Implement encrypted wallet file format storing metadata, salt, nonce, ciphertext.
    • Provide REST endpoints to create/import wallets, unlock/lock, derive accounts.
    • Enforce unlock TTL and in-memory zeroization of sensitive data.

  • REST & JSON-RPC APIs

    • Implement REST routes: wallet lifecycle, account derivation, signing (message/tx/receipt), mock ledger endpoints.
    • Mirror functionality via JSON-RPC under /rpc.
    • Authentication token header enforcement and rate limits on signing operations.

  • Mock Ledger

    • Implement SQLite-backed ledger with balances and transfers for local testing.
    • Provide REST endpoints to query balances and submit transfers.

  • Documentation & Examples

    • Update deployment documentation with systemd service and nginx proxy configuration.
    • Document production endpoints and API access via https://aitbc.bubuit.net/wallet/

  • Receipts

    • Integrate ReceiptVerifierService consuming CoordinatorReceiptClient to fetch and validate receipts (miner + coordinator signatures).

Production Deployment Details

  • Container: Incus container 'aitbc' at /opt/wallet-daemon/
  • Service: systemd service wallet-daemon.service enabled and running
  • Port: 8002 (internal), proxied via nginx at /wallet/
  • Dependencies: Virtual environment with all required packages installed
  • Access: https://aitbc.bubuit.net/wallet/docs for API documentation

Stage 2+ - IN PROGRESS

  • Add ChainAdapter interface targeting real blockchain node RPC.
    • 🔄 Implement mock adapter first, followed by AITBC node adapter.
  • Support hardware-backed signing (YubiKey/PKCS#11) and multi-curve support gating.
  • Introduce webhook retry/backoff logic and structured logging with request IDs.