REST API WALLET for ERC20 and TRC20.
Find a file
Anton Nesterov 1382da92a3
[init]
2024-08-31 16:46:20 +02:00
.helm [init] 2024-08-31 16:46:20 +02:00
cmd [init] 2024-08-31 16:46:20 +02:00
docs [init] 2024-08-31 16:46:20 +02:00
keys [init] 2024-08-31 16:46:20 +02:00
pkg [init] 2024-08-31 16:46:20 +02:00
.air.toml [init] 2024-08-31 16:46:20 +02:00
.gitignore [init] 2024-08-31 16:46:20 +02:00
.gitlab-ci.yml [init] 2024-08-31 16:46:20 +02:00
dev.env [init] 2024-08-31 16:46:20 +02:00
docker-compose.yaml [init] 2024-08-31 16:46:20 +02:00
Dockerfile [init] 2024-08-31 16:46:20 +02:00
go.mod [init] 2024-08-31 16:46:20 +02:00
go.sum [init] 2024-08-31 16:46:20 +02:00
main.go [init] 2024-08-31 16:46:20 +02:00
Makefile [init] 2024-08-31 16:46:20 +02:00
readme.md [init] 2024-08-31 16:46:20 +02:00

Wallet

Example rest api for ERC20 and TRC20 wallets. Use it for research, contact me for questions.

Prerequsites

  • Golang
  • GCC

Running local server

docker compose up
  • Open http://localhost:28080/swagger/index.html for docs and tests
  • Default dev auth token is qwertyuiop
  • Api base url is http://localhost:28080/api/v1
  • Api token header is Authorization
  • All necessary envs are already set for development, check out dev.env for tests.

Private environment

There are parts of the settings that a developer should not have access to, for example: private master keys and passphrases that are used to initiate transactions on the blockchain. During debugging, the developers and devops can generate their own keypairs and use generic passphrases and mnemonics, however in the production, only the public key is accessible by developers and devops.

The mnemonics, passphrases and the other critical settings should be encrypted using the public key. The public key can be shared with developers and devops. The private keys should be stored securely. The production environment variables should be hidden.

Some environment variables are required to be encrypted with a public RSA key:

PRIVATE__BIP36_MNEMONIC=
PRIVATE__PASSPHRASE=

Use the keypair in order to generate private keys and ENVCrypt to encrypt private variables.

Evironment variables

TRON_GRPC_NODE=grpc.nile.trongrid.io:50051
TRC20_USDT_CONTRACT_ADDRESS=TXLAQ63Xg1NAzckPwKHvzw7CSEmLMEqcdj
ERC20_USDT_CONTRACT_ADDRESS=0xc6fDe3FD2Cc2b173aEC24cc3f267cb3Cd78a26B7
ERC20_USDT_CONTRACT_DECIMALS=8
ETH_RPC_NODE=https://goerli.infura.io/v3/bf691c4573fd45c7b244e067cc094d8d
DB_TYPE=sqlite
DB_CONNECTION_SETTINGS=dev-database.sqlite
PRIVATE__BIP39_MNEMONIC=
PRIVATE__API_MASTER_KEY=
PRIVATE__PASSPHRASE=
PUBLIC_KEY=
PRIVATE_KEY=

Database:

DB_TYPE=sqlite|postgres
DB_CONNECTION_SETTINGS=# sqlite: path/to/db ; postgre: host=localhost user=gorm password=gorm dbname=custodial port=9920

Private variables can be encrypted using ENVCrypt:

PRIVATE__BIP36_MNEMONIC=BIP36 Mnemonic
PRIVATE__API_MASTER_KEY=API Key
PRIVATE__PASSPHRASE=Mnemonic password (leave empty for Metamask and other)

Private key:

PUBLIC_KEY=RSA Base64
PRIVATE_KEY=RSA Base64
  • Normally, those variables are used on production server.
  • This variables should be hidden on CI and any public settings.

Development

go mod tidy
make develop

Open :8080

Dev deployment

  1. Mount storage for the database file
  2. Set DB_CONNECTION_SETTINGS=/mount/storage/dev-database.sqlite
  3. Make sure that dev.env in the current directiory
  4. Run build/custodial --env=dev

Production deployment

Simple variant
  1. Generate RSA keys
mkdir keys
keypair generate ./keys
  1. Encrypt private variables:
  • Open ENVCrypt
  • Set the public key from keys/public.pem
  • Encrypt vars and set them on CI Settings
  1. Setup a private keystore on your server: You need to store keys/private.rsa and keys/public.rsa securely.

  2. Run the production server:

PUBLIC_KEY=$(cat /keystore/public.rsa) PRIVATE_KEY=$(cat /keystore/private.rsa)  build/custodial --env=production

The server listens on :8080

More secure variant
  1. Embed private key into binary:
  1. Run the production server:
build/custodial --env=production

The server listens on :8080