top of page

Sandbox Technical Guide

This page provides technical details about the "Authenticity Verification" sandbox that has been released in "alpha mode" for early adopters and testers. 

This sandbox covers the "Authenticity Verification" domain for use-cases such as verification of educational documents, event tickets, medical documents etc. Figure 1.1 below provides a diagrammatic view of a covered use-case.

Fig 1.1 - Shows the flow for the "Educational documents" authenticity verification use-case.

Please note that this sandbox instance has been released purely for review as well as learning purposes and does not provide any resiliency or deep level of security. As such no sensitive, confidential or production data should be written to it.

  • Data storage & recovery – All data will be deleted and will be lost the moment sandbox instance is stopped or terminate.

 

  • Type of blockchain – This sandbox is built using "Hyperledger Fabric" private blockchain that offers enterprise grade security, scalability & resiliency when deployed with the recommended architecture. This blockchain solution has been used purely for sandbox purposely. In production, Web3fi plans to offer choice of multiple blockchains (e.g. native Ethereum, Polygon, Hyperledger Fabric) for its customers to choose from.

 

  • Feature-set – The feature-set offered through this sandbox are limited for obvious reasons. Additional functionality and feature-set will be offered with production instance when released (expected Q2, 2023).

  • Controls for the sandbox - You can control the sandbox instance through the control-panel provided in the sandbox dashboard (Web3fi website > Sign-in > Main dashboard > Sandbox (side panel)> sandbox control-panel). Once a new sandbox instance has been instantiated through the control-panel, please give it 7-8 mins for the instance to be fully up and configured before making calls to the APIs.

 

  • Access to the sandbox – Currently only way to access the sandbox is through the APIs that have been exposed. Upcoming section provides the details about respective APIs and the parameters that need to be passed to get relevant responses. An auth-token will be required to call these APIs. This token is available through platform's dashboard control panel "Get auth-token" button (right most button). Tokens are valid for a 24 hour period.

 

  • Performance of sandbox – As this is a sandbox, main focus has been put on making relevant functionality available. Hence it could take 10-15 seconds for the API call responses to return.

  • Components of the sandbox

 

a. Block-chain nodes and reviewers – The sandbox instance comes with multiple nodes pre-built to review and write transactions into blocks​

b. Smart-contract – Smart-contract with relevant functions and automation has already been tested and enabled on the block-chain. In the sandbox, this smart-contract cannot be modified by testers. However, this functionality will be made available in production instance

 

c. Certificate Authority – Sandbox comes with two separate CAs, one for each entity, mimicking real-world scenario

d. Entities & wallets – Two entities “minter” part of "org1" and “recipient” part of "org2" have already been registered for the sandbox with respective wallets. Minter is the only entity that can mint the tokens (one at a time) and can choose to transfer these tokens to the recipient. Of course, as these tokens are transferred from minter to recipient, relevant token balance reflects in respective wallets. In the sandbox, no additional entities can be registered as this functionality has been disabled and will be available in production instance. Also in the sandbox, only one token can be minted as a time. In production, this limitation will be removed.

Rest of the section provides information on the REST APIs exposed by the sandbox.​​​​​​​​​​​ More APIs will be added to this sandbox by end of April, 2023, so be sure to check them out.

Fig 1.2 - Shows the APIs currently available in the sandbox in-context of "Educational documents" authenticity verification use-case

auth1.png

REST API information:

 

​1)

Resource: mint_token/mint_new_token                  

Description: API used to mint new tokens (e.g. register educational certificates or event tickets) by the "minter" entity

Method type: POST

URL: https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/mint_new_token

Auth-token required: yes

Parameters to be passed:           

a) ‘token_uri’ : “url where artifact is stored”

b) ‘token_number’ : new token number

Example call:

curl -i -X POST -H "Content-Type:application/json" -H "authorization: put-token-here" -d "{\"token_uri\": \"http://example.com/001.jpg\",  \"token_number\": 1}" https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/mint_new_token

2)

Resource: mint_token/transfer_token_ownership_by_minter

Description: API used to transfer ownership of existing tokens to "recipient" entity by "minter" entity

Method type: PUT

URL: https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/transfer_token_ownership_by_ minter 

Auth-token required: yes

Parameters to be passed:           

a) ‘token_number’ : existing token number

Example call:

curl -i -X PUT -H "Content-Type:application/json" -H "authorization: put-token-here" -d "{\"token_number\": 1}" https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/transfer_token_ownership_by_minter

 

3)

Resource: mint_token/check_minter_token_balance

Description: API used to check token balance for “minter” entity   

Method type: GET

URL: https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_minter_token_balance

Auth-token required: yes

Parameters to be passed: none

Example call:

curl -i -X GET -H "Content-Type:application/json" -H "authorization: put-token-here" https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_minter_token_balance

 

4)

Resource: mint_token/check_token_ownership

Description: API used to check token ownership by both "minter", "recipient" or any “3rd party”

Method type: GET

URL: https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_token_ownership

Auth-token required: yes

Parameters to be passed:           

a) ‘token_number’ : existing token number

 

Example call:

curl -i -X GET -H "Content-Type:application/json" -H "authorization: put-token-here" -d "{\"token_number\": 1}" https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_token_ownership

                   

5)

Resource: mint_token/check_recipient_token_balance

Description: API used to check token balance by "recipient" entity

Method type: GET

URL: https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_recipient_token_balance

Auth-token required: yes

Parameters to be passed: none

Example call:

curl -i -X GET -H "Content-Type:application/json" -H "authorization: put-token-here" https://1f52lyy1ac.execute-api.ap-southeast-1.amazonaws.com/alpha/mint_token/check_recipient_token_balance

 

bottom of page