![](https://i.imgur.com/PyNeb3o.png =400x150) # QEDIT QAT Blockchain Demo for Assioma In this document, we present the details of the QEDIT Asset Transfer (QAT) solution as per the scope defined in the pricing proposal with reference: 20210618-QAT01. This includes, a testing cloud environment where QAT has been deployed as a single node. The API keys to interact with the system and an example script to test the different modes of operation (issuance, transfer, etc.) The documentation for the API is can be found [here](https://docs.qed-in.com/docs/qed-solution-docs/en/latest/index.html). ## Access Details to QAT Demo Node We have prepared a test environment for Assioma, hosted on AWS (Frankfurt). In order to access it, you can either call the API locally, or use the Swagger GUI by following the steps below: ### Using Swagger 1. Access the swagger QAT site: http://asset-api.qed-it.com/ ![](https://i.imgur.com/KBEGNHf.png) 2. Fill the following - `server_url` : `assioma-1.qed-in.com` - `port` : `12052` 3. Click `Authorize` and add the API token authorization - ApiKeyAuth Value: `J#5424#SCLt` - Click `Authorize` and `Close` ![](https://i.imgur.com/RSna01C.png) ### Using a CLI In order to authorize the use of a specific API call, run the following command (the following is an example for the `/node/get_all_wallets` API): ``` curl -X POST "http://assioma-1.qed-in.com:12052/node/get_all_wallets" -H "accept: application/json" -H "x-auth-token: J#5424#SCLt" ``` ## Reproducing the QAT Demo to Assioma The entire demo is available to watch at [this Youtube link](https://youtu.be/STzett9JsCQ). Let's go over the main steps of the demo. The outputs presented here are the state of the network as of September 5th 2021. In order to try the API calls from the Swagger GUI, click on a specific API and then - click on `Try it out` - input the specific parameters - click on `Execute` - checkout the response body for the output ### Network & Wallets The network is defined by the private and public state of the blockchain and the different nodes in the system. The governance rules (who is an admin and who can issue assets) is part of the public state: 1. _/node/get_rules_ - Input: N/A - Output: ``` { "rules": [ { "can_issue_confidentially": false, "is_admin": true, "namespace": "", "public_key": "374ec93f4f43d9d5609864b1fdce7996c161938e3b0e78f5c38394d69a5dc2b9" }, { "can_issue_confidentially": true, "is_admin": false, "namespace": "mfg1.*", "public_key": "4c27ff25a0f88388756c1d4aaf78c17e91aa3b445133078630d1366c611b28d4" } ] } ``` In this demo we have a deployed a single node that can host many wallets that simulate different nodes. These are the current wallet ids in the node. 2. _/node/get_all_wallets_ - Input: N/A - Output: ``` { "wallet_ids": [ "admin", "mfg1", "ship1", "wh1", "test1" ] } ``` For each wallet, one can retrieve the balance of every type of asset owned by the wallet. 3. _/wallet/get_balances_ - Input: ``` { "wallet_id": mfg1 } ``` - Output: ``` { "assets": [ { "amount": 1, "asset_id": "mfg1.widget1" } ], "wallet_id": "mfg1" } ``` It is recommended to generate new addresses when dealing with different senders. 4. _/wallet/get_new_address_ - Input: ``` { "wallet_id": mfg1 } ``` - Output: ``` { "recipient_address": "q1frjma3tre4juu990kuq0nmc0aq8mhx2ynpwl43e72mzmy4gsyzaz56s9hu0vlss28e6pu0pkpj0", "wallet_id": "mfg1" } ``` ### Issuance Only the wallets allowed to issue, can do so under the namespace assigned to them in the rule. 1. _/wallet/issue_asset_ - Input: ``` { "wallet_id": "mfg1", "authorization": "PrivacyIsAwesome", "recipient_address": "q1frjma3tre4juu990kuq0nmc0aq8mhx2ynpwl43e72mzmy4gsyzaz56s9hu0vlss28e6pu0pkpj0", "amount": 4, "asset_id": "mfg1.token2", "confidential": true, "memo": "{\"recipient_name\": \"David\"}", } ``` - Output: transaction ID ### Transfer This call transfers two `mfg1.token2` assets to the wallet named `ship1`. We require confirmation from the ship1 user by adding its wallet public key. For no confirmation, remove the last object of the input. 1. _/wallet/transfer_asset_ - Input: ``` { "wallet_id": "mfg1", "authorization": "PrivacyIsAwesome", "recipient_address": "q1adm45sct45wkz3g66r4yz4zzsddp95x7dtjqykfafenp52x5hwlg4hcynnrd7vnkatzegf0e438", "asset_id": "mfg1.token2", "amount": 2, "memo": "{\"recipient_name\": \"ship1\"}", "require_confirmation_from": "6daeeeb469d7359b0469404aa0f50dd40af26bfb5a5c7ea3b8bd680cbbfcee3c" } ``` - Output: transaction ID As shown in the demo recording, the API supports further functionality such as network monitoring, billboard of attachments and documents and some auditability of wallets. ## Admin wallet details ``` { "authorization": "dgfbrR4!", "encrypted_sk": "3673c105417b8cd6fd56d47edf6b605bfaf239d3e6e3b2d7e37c773bb860bb7131d1450296df1704d77bb790739aa18d", "public_key": "374ec93f4f43d9d5609864b1fdce7996c161938e3b0e78f5c38394d69a5dc2b9", "salt": "a744cc866ef59228c5570feda9f929c8047df56c19bbacd57ca086602ece76fa", "wallet_id": "admin" } ```
Last changed by  
QEDIT Research
308

Read more

Zcash zkAssets QEDIT Grant Proposal

Further notes for proposal talk about NFT and the need for privacy not necessarily ARBORIST CALL NOTES for when NU6? shared roadmap

12/8/2021
Public Notes on ZSA Discussions

2/12/2021 - Arborist call how many assets can you fit in a single transaction / circuit probably around 10 could work there is also transaction size limit on the number of actions 2109 was the limit for Sapling outputs https://zips.z.cash/protocol/protocol.pdf#orchardbalance

12/2/2021
Zcash NU5 Final Audit Report - September 2021

![](https://i.imgur.com/PyNeb3o.png =250x100) [TOC] Overview This document presents the findings of the QEDIT team during the review of the Zcash NU5 protocol update. Specifically the review is focused on (1) the Halo 2 proving system with its latest PLONK-style arithmetization for representing constraint systems; (2) the Orchard protocol, which, even if based on Sapling, differs considerably from it; (3) the underlying primitives of Orchard, from hash functions and commitments to signature schemes; (4) the latest key structure and derivation system; (5) the underlying field and elliptic curve arithmetic and parameter generation; and (6) the actual circuit implementation that describes the Orchard Action statement. Note that we explicitly exclude any blockchain-related component not associated with orchard or its interface (consensus, network, block generation, etc.) For this review, we evaluated the specification of the protocol design for security and audited the implementation for vulnerabilities that could affect the system as a whole. This review spanned the period of ~5 months, intermitently, from April 21st until September 24th, 2021.

10/12/2021
Read more from QEDIT Research
Published on HackMD