README.md 2.02 KB
Newer Older
Loïck Bonniot's avatar
Loïck Bonniot committed
1 2 3 4
DFSS
====
> Distributed Fair Signing System

5 6 7 8 9 10 11 12 13 14 15 16 17
Prerequisites
-------------

DFSS can run on the following platforms:

- Linux (amd64, i386 and arm)
- MacOS (amd64 and i386)
- Windows (amd64 and i386)

A running mongoDB database is required for the Platform module.

Installation (UNIX)
-------------------
Loïck Bonniot's avatar
Loïck Bonniot committed
18 19 20 21 22 23 24 25 26

This archive contains all the needed DFSS modules to run a distributed multiparty signature.
You just have to untar the archive and run the following binaries:

```bash
./dfssc help # Client
./dfssp help # Platform
./dfssd help # Demonstrator
```
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78

Here is a basic tutorial to setup a new DFSS environment.

### Setup platform

The first thing to do is to create the *root certificate of authentication* for the platform.
You can configure several parameters for that (check the `help` command of `dfssp`).

For instance, if we are running the plaform on the `example.com` host:

```bash
./dfssp -cn example.com -country FR -rootValidity 3650 init
```

You can then start the platform. Here we are considering a mongoDB database running on the same host.
Firstly, we have to configure several environment variables to set smtp server configuration (mails):

```bash
export DFSS_MAIL_SENDER="mailer@example.com"
export DFSS_MAIL_HOST="smtp.example.com"
export DFSS_MAIL_PORT="587"
export DFSS_MAIL_USERNAME="mailer"
export DFSS_MAIL_PASSWORD="password"
```

Then:

```bash
./dfssp start
```

### Setup clients

Each client needs the `dfssp_rootCA.pem` file in order to connect to the platform in a secure way.
Clients can then register on the platform with the following command:

```bash
./dfssc -ca path/to/dfssp_rootCA.pem -host example.com register
```

A mail will be sent to the user containing a unique token. Use this token to authenticate onto the platform:

```bash
./dfssc -ca path/to/dfssp_rootCA.pem -host example.com auth
```

When this is done, the client will have a certificate and a private key in the current directory.
It's then possible to send new contracts to the platform:

```bash
./dfssc -ca path/to/dfssp_rootCA.pem -host example.com new
```