# KeyVault Blockchain Integration [TOC] ## System Architecture  ### Wallet module #### Responsibility - 管理金鑰的抽象層 - 歸類錢包(哪一條鏈、主網或測試網、簽章演算法) - 控制錢包運作流程 - 管理錢包生命週期(Create, Deactivate, Reactivate) - 使用錢包 (Get, Sign) ### Blockchain module #### Responsibility - 發送請求到各個區塊鏈服務 - 分類區塊鏈服務的功能 - build transaction - submit transaction - 取得區塊鏈的資料結構 - public key -> address - asn1 der sig -> rsv sig - 同步鏈上狀態 - balance - nonce - tx status ### KMS #### Responsibility - 計算數位簽章 - 管理 MPC 節點 ## Where to Modify and Add  ### A. General Blockchain Service #### Before - 可參照 Ethereum Service 的介面做設計 #### After - 在 Ethereum Service 內的 Transaction Builder 需重新改寫 - RPC 需針對支援的鏈種新增 ### B. Blockchain Module (KeyVault API Server 內) #### Before - 連接各個區塊鏈服務需在此決定 - 介面主要是針對 Ethereum Service 去做設計 #### After - 可選擇 Ethereum Service 或其他 Blockchain Services ### C. Wallet Module #### Before - 建置 EVM compatible 的錢包 - 控制 Ethereum 交易的流程和狀態 #### After - 建置各種區塊鏈的錢包 - 控制各種區塊鏈交易的流程和狀態 ### D. KMS #### Before - 只支援 ECDSA 演算法簽章 #### After - 支援各種區塊鏈金鑰簽章 (e.g. EdDSA) ### E. KeyVault Database #### Before - 支援 Ethereum 錢包和交易的資料結構 #### After - 支援各種區塊鏈錢包和交易的資料結構 ### F. Blockchain Synchronizer #### Before - 同步 Ethereum 交易的狀態 #### After - 同步各種區塊鏈的狀態 ## Data Model: From Upstream to Downstream ### Ethereum Service #### API - 執行交易 - 讀取狀態 - 處理 Ethereum 特定的資料結構 ### KeyVault API Server - Task ```go type ApprovalTask struct { TaskId string `json:"taskId" db:"task_id"` Payload TaskPayload `json:"payload" db:"payload"` Status TaskStatus `json:"status" db:"status"` CreatedAt util.Timestamp `json:"-" db:"created_at"` UpdatedAt util.Timestamp `json:"-" db:"updated_at"` } ``` - Task Payload ```go type TaskPayload struct { Type TaskType `json:"type" db:"type"` Action TaskAction `json:"action" db:"action"` Content TaskContent `json:"content" db:"content"` } ``` - Wallet ```go type Wallet struct { WalletId string `json:"walletId" db:"wallet_id"` Blockchain blockchain.BlockchainType `json:"blockchain" db:"blockchain"` Network blockchain.Network `json:"network" db:"network"` KeyID null.String `json:"keyId" db:"key_id"` PublicKey null.String `json:"publicKey" db:"public_key"` Address null.String `json:"address" db:"address"` Status WalletStatus `json:"status" db:"status"` Assets []WalletAsset `json:"assets" db:"-"` CreatedAt util.Timestamp `db:"created_at"` DeactivatedAt util.Timestamp `db:"deactivated_at"` ReactivatedAt util.Timestamp `db:"reactivated_at"` } ``` ### KMS - Key ```go type CreateKeyProducePayload struct { WalletId string `form:"text" json:"walletId"` CryptographyPrimitive string `form:"text" json:"cryptographyPrimitive"` Curve string `form:"text" json:"curve"` } ``` - Sign ```go type MessageSignProducePayload struct { SignatureId string `json:"signatureId"` WalletId string `json:"walletId"` MessageType MessageType `json:"messageType"` Message string `json:"message"` } ``` ## From a wallet creation to submit a transaction ### Wallet Creation ```plantuml @startuml participant "KMS" as KMS participant "Wallet Module" as WM participant "Blockchain Module" as BM participant "Ethereum Service" as ES WM ->> KMS: create key (cryptography primitive, curve) KMS ->> WM: key info (public key) WM ->> WM: create wallet, but deactivated WM ->> BM: get address (blockchain, network, public key) BM ->> ES ES ->> BM BM ->> WM: (address) == approval flow == WM ->> WM: activate wallet ``` ### Submit Transaction ```plantuml @startuml participant "KMS" as KMS participant "Wallet Module" as WM participant "Blockchain Module" as BM participant "Ethereum Service" as ES WM ->> BM: check tx(blockchain, network, address) BM ->> ES ES ->> BM BM ->> WM: (valid or invalid) == approval flow == WM ->> BM: build unsigned tx(blockchain, network, tx infos) BM ->> ES ES ->> BM BM ->> WM: (unsigned tx) WM ->> KMS: sign (keyId, message) KMS ->> WM: (signature) WM ->> BM: get blockchain specific signature format BM ->> ES ES ->> BM BM ->> WM: (r,s,v) WM ->> BM: submit tx BM ->> ES ES ->> BM BM->> WM: (tx hash) ```