immuproof

command module

v0.0.11 Latest Latest Go to latest Published: Apr 22, 2022 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/codenotary/immuproof

Links

Open Source Insights

README ¶

Immuproof

CAS Validation Service.

When immuproof is launched it fetches a fresh status from immudb the immutable database CAS is build on and it verifies the integrity compared to an older one stored locally. The validation service checks if the previous state is "included" in the new state of immudb. A REST service is also provided to allow the user to query the status of the validation as well as a Web UI to visualize data.

Public CAS validator URLs

Here you can find the public CAS validators:

Codenotary

Golang version

Currently supported Go version is 1.17

Build

go build -o immuproof main.go

Usage

Local environment

immuproof serve --api-key {your CAS api key} --port 3324 --no-tls

CAS environment

immuproof serve --api-key {your CAS api key} --port 443 --host cas.codenotary.com

Usage with docker

docker pull codenotary/immuproof:latest
docker run -p 8091:8091 codenotary/immuproof serve --api-key {your api key} --port 443 --host cas.codenotary.com --audit-interval 1h --state-history-size 72

In order to keep the audit history and immudb status file it's recommended to run the service with a mounted volume inside the docker container using following flags:

--audit-state-folder={mountpoint inside container}
--state-history-file={mountpoint inside container/filename}

or environment variables:

IMMUPROOF_AUDIT_STATE_FOLDER={mountpoint inside container}
IMMUPROOF_STATE_HISTORY_FILE={mountpoint inside container/filename}

HTTPS

Following commands can be used to generate a self-signed certificate for the local server.

openssl ecparam -genkey -name secp384r1 -out server.key
openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650

Launch immuproof with the generated certificate:

immuproof serve --api-key {your CAS api key} --port 443 --host cas.codenotary.com --audit-interval 1s --state-history-size 72 --web-cert-file server.crt --web-key-file server.key

Environment variables

  IMMUPROOF_API_KEY=
  IMMUPROOF_PORT=
  IMMUPROOF_HOST=
  IMMUPROOF_SKIP_TLS_VERIFY=
  IMMUPROOF_NO_TLS=
  IMMUPROOF_CERT=
  IMMUPROOF_HOST=
  IMMUPROOF_AUDIT_INTERVAL=
  IMMUPROOF_AUDIT_STATE_FOLDER=
  IMMUPROOF_STATE_HISTORY_SIZE=
  IMMUPROOF_STATE_HISTORY_FILE=
  IMMUPROOF_WEB_PORT=
  IMMUPROOF_WEB_ADDRESS=
  IMMUPROOF_WEB_KEY_FILE=
  IMMUPROOF_WEB_CERT_FILE=
  IMMUPROOF_WEB_TITLE_TEXT=
  IMMUPROOF_WEB_HOSTED_BY_LOGO_URL=
  IMMUPROOF_WEB_HOSTED_BY_LOGO_LINK=
  IMMUPROOF_WEB_HOSTED_BY_TEXT=

Others serve options

Audit a ledger and launch an HTTP rest server to show audit results.

Eg:
# Collect 3 days of status checks (1 per hour) from CAS server
  immuproof serve --api-key {your CAS api-key} --port 443 --host cas.codenotary.com --audit-interval 1h --state-history-size 72

Usage:
  immuproof serve [flags]

Flags:
  --audit-interval duration          interval between audit runs (default 1h0m0s)
  --audit-state-folder string        folder to store immudb immutable state (default "HOME/.local/state/immuproof")
  -h, --help                         help for serve
  --state-history-file string        absolute file path to store history of immutable states. (JSON format) (default "HOME/.local/state/immuproof/state-history.json")
  --state-history-size int           max size of the history of immutable states. (default 90)
  --web-address string               rest server address (default "localhost")
  --web-cert-file string             certificate file absolute path
  --web-hosted-by-logo-link string   link for hosted by logo
  --web-hosted-by-logo-url string    URL to hosted by logo
  --web-hosted-by-text string        displayed subtitle for hosted by logo (default "Hosted by:")
  --web-key-file string              key file absolute path
  --web-port string                  rest server port (default "8091")
  --web-title-text string            displayed title text (default "COMMUNITY ATTESTATION SERVICE VALIDATOR")

Global Flags:
  --api-key strings   CAS api-keys. Can be specified multiple times. First key is used for signing. For each key provided related ledger is audit. If no key is provided, no audit is performed
  --cert string       local or absolute path to a certificate file needed to set up tls connection to a CAS server
  --config string     config file (default is /root/.config/immuproof/.immuproof.yaml) (default "HOME/.config/immuproof")
  -a, --host string       CAS server host address (default "localhost")
  --no-tls            allow insecure connections when connecting to a CAS server
  -p, --port int          CAS server port number (default 443)
  --skip-tls-verify   disables tls certificate verification when connecting to a CAS server

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
audit
cmd
cnc
cnctest
meta
rest
status

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL