# Wallet Example rest api for ERC20 and TRC20 wallets. Use it for research, [contact me](https:/l12.xyz) for questions. ## Prerequsites - Golang - GCC ### Running local server ```bash docker compose up ``` - Open [http://localhost:28080/swagger/index.html](http://localhost:28080/swagger/index.html) for docs and tests - Default dev auth token is `qwertyuiop` - Api base url is `http://localhost:28080/api/v1` - Api token header is `Authorization` - All necessary envs are already set for development, check out `dev.env` for tests. ### Private environment There are parts of the settings that a developer should not have access to, for example: _private master keys and passphrases_ that are used to initiate transactions on the blockchain. During debugging, the developers and devops can generate their own keypairs and use generic passphrases and mnemonics, however in the production, only the public key is accessible by developers and devops. The mnemonics, passphrases and the other critical settings should be encrypted using the public key. The public key can be shared with developers and devops. The private keys should be stored securely. The production environment variables should be hidden. Some environment variables are required to be encrypted with a public RSA key: ```bash PRIVATE__BIP36_MNEMONIC= PRIVATE__PASSPHRASE= ``` Use the `keypair` in order to generate private keys and [ENVCrypt](./cmd/envcrypt.html) to encrypt private variables. ### Evironment variables ```bash TRON_GRPC_NODE=grpc.nile.trongrid.io:50051 TRC20_USDT_CONTRACT_ADDRESS=TXLAQ63Xg1NAzckPwKHvzw7CSEmLMEqcdj ERC20_USDT_CONTRACT_ADDRESS=0xc6fDe3FD2Cc2b173aEC24cc3f267cb3Cd78a26B7 ERC20_USDT_CONTRACT_DECIMALS=8 ETH_RPC_NODE=https://goerli.infura.io/v3/bf691c4573fd45c7b244e067cc094d8d DB_TYPE=sqlite DB_CONNECTION_SETTINGS=dev-database.sqlite PRIVATE__BIP39_MNEMONIC= PRIVATE__API_MASTER_KEY= PRIVATE__PASSPHRASE= PUBLIC_KEY= PRIVATE_KEY= ``` Database: ```bash DB_TYPE=sqlite|postgres DB_CONNECTION_SETTINGS=# sqlite: path/to/db ; postgre: host=localhost user=gorm password=gorm dbname=custodial port=9920 ``` Private variables can be encrypted using [ENVCrypt](./cmd/envcrypt.html): ```bash PRIVATE__BIP36_MNEMONIC=BIP36 Mnemonic PRIVATE__API_MASTER_KEY=API Key PRIVATE__PASSPHRASE=Mnemonic password (leave empty for Metamask and other) ``` Private key: ``` PUBLIC_KEY=RSA Base64 PRIVATE_KEY=RSA Base64 ``` - Normally, those variables are used on production server. - This variables should be hidden on CI and any public settings. ### Development ```bash go mod tidy make develop ``` Open [:8080](http://localhost:8080/swagger/index.html) ### Dev deployment 1. Mount storage for the database file 2. Set `DB_CONNECTION_SETTINGS=/mount/storage/dev-database.sqlite` 3. Make sure that `dev.env` in the current directiory 4. Run `build/custodial --env=dev` ### Production deployment ##### Simple variant 1. Generate RSA keys ```bash mkdir keys keypair generate ./keys ``` 2. Encrypt private variables: - Open [ENVCrypt](./cmd/envcrypt.html) - Set the public key from `keys/public.pem` - Encrypt vars and set them on CI Settings 3. Setup a private keystore on your server: You need to store `keys/private.rsa` and `keys/public.rsa` securely. 4. Run the production server: ```bash PUBLIC_KEY=$(cat /keystore/public.rsa) PRIVATE_KEY=$(cat /keystore/private.rsa) build/custodial --env=production ``` The server listens on `:8080` ##### More secure variant 3. Embed private key into binary: - Edit [pkg/locker/keys.go](./pkg/locker/keys.go) to set it as default values. - Build binary `make build` 4. Run the production server: ```bash build/custodial --env=production ``` The server listens on `:8080`