deca

module
v0.0.0-...-f15c824 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2024 License: Apache-2.0

README

DeCA Logo

DeCA: Decentralized PKI Framework

DeCA is a decentralized Public Key Infrastructure (PKI) framework fully compatible with the X.509 standard. It performs all essential PKI functions, including registering, confirming, revoking, and verifying TLS certificates, while leveraging decentralized technologies to enhance security and resilience.

Key Features

  • Full Compatibility: DeCA integrates seamlessly with the existing X.509 PKI standard, ensuring smooth interoperability by storing, issuing, and verifying certificates in X.509 format.
  • Decentralized Storage: Utilizes IPFS and FVM for tamper-proof, decentralized storage of certificates, protecting against third-party attacks and rogue certificates.
  • High Security: Eliminates single points of failure by decentralizing the CA pool, enhancing the overall security of the PKI system.

Background

Traditional PKI systems rely heavily on centralized Certificate Authorities (CAs), which pose significant security risks as single points of failure. Historical breaches and the spread of rogue certificates highlight the vulnerabilities of centralized CAs.

DeCA addresses these issues by decentralizing the CA pool while maintaining compatibility with the established X.509 PKI standard, ensuring robust and secure real-world integration.

System Architecture

The DeCA framework utilizes IPFS and FVM technologies to provide a decentralized PKI system. Key components include:

  • Data Synchronization: Ensures efficient and low-latency synchronization of basic data among decentralized CA groups.
  • Decentralized Storage: Certificates are stored in a tamper-proof, decentralized manner, leveraging IPFS and FVM to prevent third-party attacks.

DeCA System Architecture

Getting Started

Installation

To install DeCA, use the following commands:

$ go get github.com/FlowShield/deca
$ make
$ bin/ca tls -c configs/config.toml

SDK Installation

To install the DeCA SDK, use:

$ go get github.com/FlowShield/deca

Usage

The classic use case of the DeCA SDK involves clients and servers utilizing certificates issued by the CA Center for encrypted communication. For detailed usage, refer to our SDK Examples.

License

This project is licensed under the Apache License 2.0. See the LICENSE file for details.

Contributing

We welcome contributions from the community! Please refer to our CONTRIBUTING guidelines for more information.

Directories

Path Synopsis
api
config
dao
dao/certificate
ginx
initx
middleware
router
schema
service
pkg
attrmgr
errors
logger
logger/hook
logger/hook/redis
memorycacher
storage
storage/ipfs
storage/web3-storage
util
util/json
util/structure
util/trace
util/uuid

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.