x/wallet

REST API WALLET for ERC20 and TRC20.

Find a file

Anton Nesterov f1bc53ce2a [init]		2024-08-31 17:00:14 +02:00
cmd	[init]	2024-08-31 17:00:14 +02:00
docs	[init]	2024-08-31 17:00:14 +02:00
keys	[init]	2024-08-31 17:00:14 +02:00
pkg	[init]	2024-08-31 17:00:14 +02:00
.air.toml	[init]	2024-08-31 17:00:14 +02:00
.gitignore	[init]	2024-08-31 17:00:14 +02:00
.gitlab-ci.yml	[init]	2024-08-31 17:00:14 +02:00
dev.env	[init]	2024-08-31 17:00:14 +02:00
docker-compose.yaml	[init]	2024-08-31 17:00:14 +02:00
Dockerfile	[init]	2024-08-31 17:00:14 +02:00
go.mod	[init]	2024-08-31 17:00:14 +02:00
go.sum	[init]	2024-08-31 17:00:14 +02:00
main.go	[init]	2024-08-31 17:00:14 +02:00
Makefile	[init]	2024-08-31 17:00:14 +02:00
readme.md	[init]	2024-08-31 17:00:14 +02:00

readme.md

Wallet

Example rest api for ERC20 and TRC20 wallets. Use it for research, contact me for questions.

Prerequsites

Golang
GCC

Running local server

docker compose up

Open http://localhost:28080/swagger/index.html for docs and tests
Default dev auth token is qwertyuiop
Api base url is http://localhost:28080/api/v1
Api token header is Authorization
All necessary envs are already set for development, check out dev.env for tests.

Private environment

There are parts of the settings that a developer should not have access to, for example: private master keys and passphrases that are used to initiate transactions on the blockchain. During debugging, the developers and devops can generate their own keypairs and use generic passphrases and mnemonics, however in the production, only the public key is accessible by developers and devops.

The mnemonics, passphrases and the other critical settings should be encrypted using the public key. The public key can be shared with developers and devops. The private keys should be stored securely. The production environment variables should be hidden.

Some environment variables are required to be encrypted with a public RSA key:

PRIVATE__BIP36_MNEMONIC=
PRIVATE__PASSPHRASE=

Use the keypair in order to generate private keys and ENVCrypt to encrypt private variables.

Evironment variables

TRON_GRPC_NODE=grpc.nile.trongrid.io:50051
TRC20_USDT_CONTRACT_ADDRESS=TXLAQ63Xg1NAzckPwKHvzw7CSEmLMEqcdj
ERC20_USDT_CONTRACT_ADDRESS=0xc6fDe3FD2Cc2b173aEC24cc3f267cb3Cd78a26B7
ERC20_USDT_CONTRACT_DECIMALS=8
ETH_RPC_NODE=https://goerli.infura.io/v3/bf691c4573fd45c7b244e067cc094d8d
DB_TYPE=sqlite
DB_CONNECTION_SETTINGS=dev-database.sqlite
PRIVATE__BIP39_MNEMONIC=
PRIVATE__API_MASTER_KEY=
PRIVATE__PASSPHRASE=
PUBLIC_KEY=
PRIVATE_KEY=

Database:

DB_TYPE=sqlite|postgres
DB_CONNECTION_SETTINGS=# sqlite: path/to/db ; postgre: host=localhost user=gorm password=gorm dbname=custodial port=9920

Private variables can be encrypted using ENVCrypt:

PRIVATE__BIP36_MNEMONIC=BIP36 Mnemonic
PRIVATE__API_MASTER_KEY=API Key
PRIVATE__PASSPHRASE=Mnemonic password (leave empty for Metamask and other)

Private key:

PUBLIC_KEY=RSA Base64
PRIVATE_KEY=RSA Base64

Normally, those variables are used on production server.
This variables should be hidden on CI and any public settings.

Development

go mod tidy
make develop

Open :8080

Dev deployment

Mount storage for the database file
Set DB_CONNECTION_SETTINGS=/mount/storage/dev-database.sqlite
Make sure that dev.env in the current directiory
Run build/custodial --env=dev

Production deployment

Simple variant

Generate RSA keys

mkdir keys
keypair generate ./keys

Encrypt private variables:

Open ENVCrypt
Set the public key from keys/public.pem
Encrypt vars and set them on CI Settings

Setup a private keystore on your server: You need to store keys/private.rsa and keys/public.rsa securely.
Run the production server:

PUBLIC_KEY=$(cat /keystore/public.rsa) PRIVATE_KEY=$(cat /keystore/private.rsa)  build/custodial --env=production

The server listens on :8080

More secure variant

Embed private key into binary:

Edit pkg/locker/keys.go to set it as default values.
Build binary make build

Run the production server:

build/custodial --env=production

The server listens on :8080