Cryptocurrency Wallet as A Service

# Cryptocurrency Wallet as A Service A unified interface acted as wallets for customers to interact with cryptocurrency blockchains. [TOC] ## Api Document https://tinyurl.com/raha7sa4 ## Attributes 1. Secure: Properly generate/store/encrypt/decrypt private keys. 2. Multi-currency supported: Bitcoin / Ether / Tron / Tether (Erc20) / Tether (Trc20) 3. Fast and Stable: * an good average response time for every APIs. * an acceptable process time for blockchain transactions. ## Components For each client *account*, each *cryptocurrency*, the client has their own: * Balance (for checking the balance of the money) * Addresses (for receiving money) * Deposits (for checking the history of deposits) * Withdrawals (for checking the history of withdrawals, transactions fees, ...) * ... ## Capabilities In terms of Http methods: | | read | create | update | | | -------- | ------| ------ | ------ | --------- | | Balances | GET | | | | | Addresses | GET | POST | PATCH | | | Deposits | GET | POST | | Notifications | | Withdrawals | GET | POST | | Notifications | | ... | ... | ... | ... | ... | 1. As an user I can create as many *addresses* as I want to receive bitcoins. 2. As an user I can create an *address* with a prescribed *web-hook* (url) so that I will be notified when the address has received a new deposit. 3. As an user I will be notified when there comes into a new *deposit*. 4. As an user I can check out my balance for my bitcoins. 5. As an user I can withdrawal my bitcoins, and latter be notified when the transaction is confirmed. ## Developer Guide * Ensuring Uniqueness of Withdrawals: Each request is created by client-side, and the server(api) and the client must ensure uniqueness of every request under the possible network failures. (via e.g. `client_id`) * Ensuring Account Separation: Prevent an client from withdrawal more money than their balances. * Ensuring Rejection of Potential Fake Deposits for a Cryptocurrency: * For example: **Ripple Partial Payment Exploit** - https://xrpl.org/partial-payments.html#partial-payments-exploit * Ensuring Never Exposing Private Keys to Networks. * About Tests: * Unit Tests (Automated) * Integration Tests (Automated) * Scenario Tests on Testnet environment (Manual) * Scenario Tests on Mainnet environment (Manual) * Languages, Frameworks, Deployment ...: * TypeScript/Node14 * JavaScript/Node14 * MongoDB * Jest * Drone CI * Docker * GCP with Cloud Key Management, Secret Manager, Load Balancer