This commit is contained in:
hueso
2026-01-09 01:23:50 -03:00
parent 8043e2b4ca
commit a56c2009d9
3 changed files with 1999 additions and 369 deletions

138
README.md
View File

@@ -1,63 +1,99 @@
# network-core-sdk-mtls-example
# P2Pix zkTLS ITP prover
## About Primus Network-Core-SDK
## Variáveis de ambiente necessárias no arquivo `.env`:
When integrating data verification solutions into your **backend** server, you can utilize the [**Primus Network Core SDK**](https://docs.primuslabs.xyz/primus-network/build-with-primus/for-backend/simpleexample).
- `BB_CLIENT_ID`, `BB_CLIENT_SECRET`, e `DEV_APP_KEY`: Fornecidas pelo Banco do Brasil
The Network-Core-SDK allows you to verify data through API endpoint responses. An authorized token or other credential is required to request private data if the data source server requires permissioned access. Note that in the backend integration situation, the developer usually proves their off-chain data in their built application, and the Primus extension is **not** required. Typical scenarios include proof of reserves, in which a configured web page periodically proves that the stablecoin issuer holds sufficient collateral across off-chain platforms.
- `PRIVATE_KEY`:
Chave privada Ethereum (em formato hexadecimal com prefixo '0x')
que vai assinar as liberações de pagamento)
For more details about Primus zkTLS, please refer to:
1. zkTLS technology link: https://docs.primuslabs.xyz/data-verification/tech-intro
2. Primus Network: https://docs.primuslabs.xyz/primus-network/understand-primus-network
# Endpoints
## Install
```bash
npm install
## POST /register
### Registra um participante.
Chamado pelo vendedor antes de fazer `deposit` no smart contract.
#### Parametros requeridos:
- `chainID`
- `tipoDocumento`
- `numeroDocumento`
- `numeroConta`
- `tipoConta`
- `codigoIspb`
``` exemplo
curl --request POST \
--url http://localhost:5000/register \
--header 'content-type: application/json' \
--data '{
"chainID": "1337",
"tipoDocumento": 1,
"numeroDocumento": 12345678900,
"numeroConta": 1234567890123456,
"numeroAgencia": 123,
"tipoConta": 1,
"codigoIspb": 0
}'
```
#### Retorna em formato JSON:
- `numeroParticipante` (usado no `deposit` do SC como `pixTarget`)
## POST /request
### Solicitação de Pagamento
Chamado pelo comprador após o `lock` no smart contract.
#### Parametros requeridos:
- `amount`
- `pixTarget`
```
curl -X POST http://localhost:5000/request \
-H "Content-Type: application/json" \
-d '{
"amount": 100.00,
"pixTarget": 123
}'
```
#### Retorna em formato JSON:
- `numeroSolicitacao`: usado para chamar `/release` depois
- `textoQrCode`: usado para gerar o QR PIX
## GET /release/{numeroSolicitacao}
### Liberação de Pagamento
Chamado pelo comprador após pagar o Pix
``` exemplo
curl http://localhost:5000/release/123
```
#### Retorna em formato JSON:
- `chainid`-`pixTarget`
- `amount`: valor em wei
- `pixTimestamp`
- `signature`: assinatura ethereum compatível
# mTLS
##### `key.pem`: chave privada e certificado da empresa
Descriptografar o e-CNPJ em formato PKCS#12 e converter em formato PEM (☢️ contém chave privada):
```
umask 077; # tirar permissão de leitura global
openssl pkcs12 -in <arquivo>.p12 -legacy -clcerts -noenc -out key.pem
```
## Configure
Copy `.env.example` to `.env` in the project root:
```bash
cp .env.example .env
##### `bb.pem`: certificado do BB
Descarregar o certificado de https://apoio.developers.bb.com.br/referency/post/646799afa2e2b90012c5ede8 e converter em formato PEM:
```
openssl x509 -in raiz_v3.der -inform DER -outform PEM -out bb.pem
```
Then set your `PRIVATE_KEY`:
```sh
PRIVATE_KEY=0xYOUR_PRIVATE_KEY
### Envio de certificado
Para criar a cadeia de certificados pra enviar pro BB usar:
```
and
`CLIENT_KEY` and `CLIENT_CRT` for mTLS:
```sh
CLIENT_KEY=/path/to/your/client/key
CLIENT_CRT=/path/to/your/client/cert
openssl pkcs12 -in <arquivo>.p12 -nokeys -legacy -out cert.pem
```
enviar o `cert.pem` no formulário do portal developers como "cadeia completa".
* `CLIENT_KEY`: the client private key file, in PEM format (e.g. `-----BEGIN PRIVATE KEY-----...`).
* `CLIENT_CRT`: the client certificate file, in PEM format (e.g. `-----BEGIN CERTIFICATE-----...`).
<br/>
**Security note**: keep the client key private and stored securely; never commit it or share it publicly.
## Customize
Edit these sections in `index.js`:
- `address`: your wallet address
- `requests`: request params for your mTLS endpoint
- `responseResolves`: JSON parse paths for the response fields you want to attest
- `chainId` and `baseSepoliaRpcUrl`: switch to Base mainnet if needed
## Run
```bash
node index.js
```
You should see logs for:
- submit task result
- attest result
- task result
## Notes
- Keep your `.env` out of version control.
- The example uses a public RPC; for reliability, use your own provider endpoint.
# Observações
- Para ambiente de desenvolvimento use `DEBUG=true`
- Em produção, o servidor usa Waitress como servidor WSGI
- Para mais informações, consulte a documentação oficial: https://developers.bb.com.br/

2221
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@@ -10,7 +10,14 @@
"license": "ISC",
"dependencies": {
"@primuslabs/network-core-sdk": "^0.1.5",
"axios": "^1.13.2",
"axios-debug-log": "^1.0.0",
"bs58": "^6.0.0",
"cors": "^2.8.5",
"dotenv": "^17.2.3",
"ethers": "^5.7.2"
"ethers": "^5.8.0",
"express": "^5.2.1",
"simple-oauth2": "^5.1.0",
"web3-utils": "^4.3.3"
}
}