oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aitbc/docs/wallet_daemon.md
oib cdaf1122c3 ``` 
chore: update genesis timestamp, fix import paths, clean compiled JS files, and adjust mock path

- Update devnet genesis timestamp to 1766400877
- Add Receipt model for zk-proof generation with receiptId, miner, coordinator fields
- Fix import paths from settings to config across service modules (access_control, audit_logging, encryption, hsm_key_manager, key_management, zk_proofs)
- Remove compiled JavaScript files from explorer-web components and lib directories
- Update mock data base path
2025-12-22 15:51:19 +01:00

54 lines
2.7 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Wallet Daemon Task Breakdown
## Status (2025-12-22)
- **Stage 1**: ✅ **DEPLOYED** - Wallet Daemon successfully deployed in production at https://aitbc.bubuit.net/wallet/
- FastAPI application running in Incus container on port 8002
- Encrypted keystore with Argon2id + XChaCha20-Poly1305 implemented
- REST and JSON-RPC APIs operational
- Mock ledger with SQLite backend functional
- Receipt verification using aitbc_sdk integrated
- nginx proxy configured at /wallet/ route
## Stage 1 (MVP) - COMPLETED
- **Project Setup**
- ✅ Initialize FastAPI application under `apps/wallet-daemon/src/app/` with `main.py`, `settings.py`, `api_rest.py`, `api_jsonrpc.py`.
- ✅ Create crypto and keystore modules implementing Argon2id key derivation and XChaCha20-Poly1305 encryption.
- ✅ Add dependencies: FastAPI, uvicorn, argon2-cffi, pynacl, aitbc-sdk, aitbc-crypto, pydantic-settings.
- **Keystore & Security**
- ✅ Implement encrypted wallet file format storing metadata, salt, nonce, ciphertext.
- ✅ Provide REST endpoints to create/import wallets, unlock/lock, derive accounts.
- ✅ Enforce unlock TTL and in-memory zeroization of sensitive data.
- **REST & JSON-RPC APIs**
- ✅ Implement REST routes: wallet lifecycle, account derivation, signing (message/tx/receipt), mock ledger endpoints.
- ✅ Mirror functionality via JSON-RPC under `/rpc`.
- ✅ Authentication token header enforcement and rate limits on signing operations.
- **Mock Ledger**
- ✅ Implement SQLite-backed ledger with balances and transfers for local testing.
- ✅ Provide REST endpoints to query balances and submit transfers.
- **Documentation & Examples**
- ✅ Update deployment documentation with systemd service and nginx proxy configuration.
- ✅ Document production endpoints and API access via https://aitbc.bubuit.net/wallet/
- **Receipts**
- ✅ Integrate `ReceiptVerifierService` consuming `CoordinatorReceiptClient` to fetch and validate receipts (miner + coordinator signatures).
## Production Deployment Details
- **Container**: Incus container 'aitbc' at `/opt/wallet-daemon/`
- **Service**: systemd service `wallet-daemon.service` enabled and running
- **Port**: 8002 (internal), proxied via nginx at `/wallet/`
- **Dependencies**: Virtual environment with all required packages installed
- **Access**: https://aitbc.bubuit.net/wallet/docs for API documentation
## Stage 2+ - IN PROGRESS
- Add ChainAdapter interface targeting real blockchain node RPC.
- 🔄 Implement mock adapter first, followed by AITBC node adapter.
- Support hardware-backed signing (YubiKey/PKCS#11) and multi-curve support gating.
- Introduce webhook retry/backoff logic and structured logging with request IDs.
Reference in New Issue View Git Blame Copy Permalink