wallet/readme.md

# Wallet

Example rest api for ERC20 and TRC20 wallets.
Use it for research, [contact me](https:/l12.xyz) for questions.

## Prerequsites

- Golang
- GCC

### Running local server

```bash
docker compose up
```

- Open
  [http://localhost:28080/swagger/index.html](http://localhost:28080/swagger/index.html)
  for docs and tests
- Default dev auth token is `qwertyuiop`
- Api base url is `http://localhost:28080/api/v1`
- Api token header is `Authorization`
- All necessary envs are already set for development, check out `dev.env` for
  tests.

### Private environment

There are parts of the settings that a developer should not have access to, for
example: _private master keys and passphrases_ that are used to initiate
transactions on the blockchain. During debugging, the developers and devops can
generate their own keypairs and use generic passphrases and mnemonics, however
in the production, only the public key is accessible by developers and devops.

The mnemonics, passphrases and the other critical settings should be encrypted
using the public key. The public key can be shared with developers and devops.
The private keys should be stored securely. The production environment variables
should be hidden.

Some environment variables are required to be encrypted with a public RSA key:

```bash
PRIVATE__BIP36_MNEMONIC=
PRIVATE__PASSPHRASE=
```

Use the `keypair` in order to generate private keys and
[ENVCrypt](./cmd/envcrypt.html) to encrypt private variables.

### Evironment variables

```bash
TRON_GRPC_NODE=grpc.nile.trongrid.io:50051
TRC20_USDT_CONTRACT_ADDRESS=TXLAQ63Xg1NAzckPwKHvzw7CSEmLMEqcdj
ERC20_USDT_CONTRACT_ADDRESS=0xc6fDe3FD2Cc2b173aEC24cc3f267cb3Cd78a26B7
ERC20_USDT_CONTRACT_DECIMALS=8
ETH_RPC_NODE=https://goerli.infura.io/v3/bf691c4573fd45c7b244e067cc094d8d
DB_TYPE=sqlite
DB_CONNECTION_SETTINGS=dev-database.sqlite
PRIVATE__BIP39_MNEMONIC=
PRIVATE__API_MASTER_KEY=
PRIVATE__PASSPHRASE=
PUBLIC_KEY=
PRIVATE_KEY=
```

Database:

```bash
DB_TYPE=sqlite|postgres
DB_CONNECTION_SETTINGS=# sqlite: path/to/db ; postgre: host=localhost user=gorm password=gorm dbname=custodial port=9920
```

Private variables can be encrypted using [ENVCrypt](./cmd/envcrypt.html):

```bash
PRIVATE__BIP36_MNEMONIC=BIP36 Mnemonic
PRIVATE__API_MASTER_KEY=API Key
PRIVATE__PASSPHRASE=Mnemonic password (leave empty for Metamask and other)
```

Private key:

```
PUBLIC_KEY=RSA Base64
PRIVATE_KEY=RSA Base64
```

- Normally, those variables are used on production server.
- This variables should be hidden on CI and any public settings.

### Development

```bash
go mod tidy
make develop
```

Open [:8080](http://localhost:8080/swagger/index.html)

### Dev deployment

1. Mount storage for the database file
2. Set `DB_CONNECTION_SETTINGS=/mount/storage/dev-database.sqlite`
3. Make sure that `dev.env` in the current directiory
4. Run `build/custodial --env=dev`

### Production deployment

##### Simple variant

1. Generate RSA keys

```bash
mkdir keys
keypair generate ./keys
```

2. Encrypt private variables:

- Open [ENVCrypt](./cmd/envcrypt.html)
- Set the public key from `keys/public.pem`
- Encrypt vars and set them on CI Settings

3. Setup a private keystore on your server: You need to store `keys/private.rsa`
   and `keys/public.rsa` securely.

4. Run the production server:

```bash
PUBLIC_KEY=$(cat /keystore/public.rsa) PRIVATE_KEY=$(cat /keystore/private.rsa)  build/custodial --env=production
```

The server listens on `:8080`

##### More secure variant

3. Embed private key into binary:

- Edit [pkg/locker/keys.go](./pkg/locker/keys.go) to set it as default values.
- Build binary `make build`

4. Run the production server:

```bash
build/custodial --env=production
```

The server listens on `:8080`
[init] 2024-08-31 14:46:20 +00:00			`# Wallet`

			`Example rest api for ERC20 and TRC20 wallets.`
			`Use it for research, [contact me](https:/l12.xyz) for questions.`

			`## Prerequsites`

			`- Golang`
			`- GCC`

			`### Running local server`

			```bash
			`docker compose up`
			```

			`- Open`
			`[http://localhost:28080/swagger/index.html](http://localhost:28080/swagger/index.html)`
			`for docs and tests`
			- Default dev auth token is `qwertyuiop`
			- Api base url is `http://localhost:28080/api/v1`
			- Api token header is `Authorization`
			- All necessary envs are already set for development, check out `dev.env` for
			`tests.`

			`### Private environment`

			`There are parts of the settings that a developer should not have access to, for`
			`example: _private master keys and passphrases_ that are used to initiate`
			`transactions on the blockchain. During debugging, the developers and devops can`
			`generate their own keypairs and use generic passphrases and mnemonics, however`
			`in the production, only the public key is accessible by developers and devops.`

			`The mnemonics, passphrases and the other critical settings should be encrypted`
			`using the public key. The public key can be shared with developers and devops.`
			`The private keys should be stored securely. The production environment variables`
			`should be hidden.`

			`Some environment variables are required to be encrypted with a public RSA key:`

			```bash
			`PRIVATE__BIP36_MNEMONIC=`
			`PRIVATE__PASSPHRASE=`
			```

			Use the `keypair` in order to generate private keys and
			`[ENVCrypt](./cmd/envcrypt.html) to encrypt private variables.`

			`### Evironment variables`

			```bash
			`TRON_GRPC_NODE=grpc.nile.trongrid.io:50051`
			`TRC20_USDT_CONTRACT_ADDRESS=TXLAQ63Xg1NAzckPwKHvzw7CSEmLMEqcdj`
			`ERC20_USDT_CONTRACT_ADDRESS=0xc6fDe3FD2Cc2b173aEC24cc3f267cb3Cd78a26B7`
			`ERC20_USDT_CONTRACT_DECIMALS=8`
			`ETH_RPC_NODE=https://goerli.infura.io/v3/bf691c4573fd45c7b244e067cc094d8d`
			`DB_TYPE=sqlite`
			`DB_CONNECTION_SETTINGS=dev-database.sqlite`
			`PRIVATE__BIP39_MNEMONIC=`
			`PRIVATE__API_MASTER_KEY=`
			`PRIVATE__PASSPHRASE=`
			`PUBLIC_KEY=`
			`PRIVATE_KEY=`
			```

			`Database:`

			```bash
			`DB_TYPE=sqlite\|postgres`
			`DB_CONNECTION_SETTINGS=# sqlite: path/to/db ; postgre: host=localhost user=gorm password=gorm dbname=custodial port=9920`
			```

			`Private variables can be encrypted using [ENVCrypt](./cmd/envcrypt.html):`

			```bash
			`PRIVATE__BIP36_MNEMONIC=BIP36 Mnemonic`
			`PRIVATE__API_MASTER_KEY=API Key`
			`PRIVATE__PASSPHRASE=Mnemonic password (leave empty for Metamask and other)`
			```

			`Private key:`

			```
			`PUBLIC_KEY=RSA Base64`
			`PRIVATE_KEY=RSA Base64`
			```

			`- Normally, those variables are used on production server.`
			`- This variables should be hidden on CI and any public settings.`

			`### Development`

			```bash
			`go mod tidy`
			`make develop`
			```

			`Open [:8080](http://localhost:8080/swagger/index.html)`

			`### Dev deployment`

			`1. Mount storage for the database file`
			2. Set `DB_CONNECTION_SETTINGS=/mount/storage/dev-database.sqlite`
			3. Make sure that `dev.env` in the current directiory
			4. Run `build/custodial --env=dev`

			`### Production deployment`

			`##### Simple variant`

			`1. Generate RSA keys`

			```bash
			`mkdir keys`
			`keypair generate ./keys`
			```

			`2. Encrypt private variables:`

			`- Open [ENVCrypt](./cmd/envcrypt.html)`
			- Set the public key from `keys/public.pem`
			`- Encrypt vars and set them on CI Settings`

			3. Setup a private keystore on your server: You need to store `keys/private.rsa`
			and `keys/public.rsa` securely.

			`4. Run the production server:`

			```bash
			`PUBLIC_KEY=$(cat /keystore/public.rsa) PRIVATE_KEY=$(cat /keystore/private.rsa) build/custodial --env=production`
			```

			The server listens on `:8080`

			`##### More secure variant`

			`3. Embed private key into binary:`

			`- Edit [pkg/locker/keys.go](./pkg/locker/keys.go) to set it as default values.`
			- Build binary `make build`

			`4. Run the production server:`

			```bash
			`build/custodial --env=production`
			```

			The server listens on `:8080`