VerifyVASP
Search…
Enclave Installation & Execution
Setting up the environment of the enclave server provided by VerifyVASP.

System Requirements

  • Structure of the system/infrastructure
  • Enclave Server
    • CPU: Minimum 2G, 4G recommended
    • Memory: Minimum 2G, 4G recommended
    • Storage: Minimum 8G, 16G recommended (including the docker and container)

Installing Enclave Server

  • Download enclave docker image
    • Enclave docker image is in Private Registry. You can acquire access by delivering a Docker Hub Credential ID to the admin.
    • A VASP can download a Docker image by first requesting access from VV admin manager ([email protected]).
    • VASPs would require VASP’s Docker Hub credential (ID) to provide access. Once access is granted, they can follow the instruction.
    • Download
    1
    $ docker pull verifyvasp/enclave:latest
    Copied!

Enclave Server Environment Variable

Name of the Environment Variable
Default
Details
VEGA_SERVER_PORT
21117
Port no. of the enclave server.
VEGA_ENCLAVE_PUBLIC_ENDPOINT
Public endpoint URL of the enclave server accessible from VV central server. Must use HTTPS protocol.
ex) “https://api.vasp.com/enclave”
VEGA_ALLIANCE_ACCESS_KEY
accessKey part of the API-Key
VEGA_ALLIANCE_SECRET_KEY
secretKey part of the API-Key
VEGA_DATABASE_CLIENT
mysql2
A type of database.
An appropriate value for a database client is to be entered. pg, mysql, mysql2, oracledb, mssql values can be used.
VEGA_DATABASE_USERNAME
Database user name
VEGA_DATABASE_PASSWORD
Database password
VEGA_DATABASE_HOST
Address to access database
VEGA_DATABASE_PORT
3306
Port number to access database
VEGA_DATABASE_DB
verifyvasp
Database name that enclave server uses
VEGA_DATABASE_POOL_MIN
0
Minimum value of database connection pool
VEGA_DATABASE_POOL_MAX
5
Maximum value of database connection pool
VEGA_VERIFICATION_API_PATH
User verification API endpoint URL.
VEGA_VERIFICATION_ACCOUNT_API_PATH
User account (wallet address and owner name) verification API Endpoint URL.
VEGA_VERIFICATION_TRANSACTION_API_PATH
API Endpoint URL to check the status of the transaction process.
VEGA_VERIFICATION_CALLBACK_API_PATH
Callback API Endpoint URL to receive the result of asynchronous request.
VEGA_VERIFICATION_AUTHORIZATION_TOKEN
Verification token to call API with VASP backend. When the enclave server calls API with the VASP backend, verification taken is delivered to the header of VASP Authorization.
VEGA_VERIFICATION_AUTHORIZATION_KEY
Header key value to pass the authentication token when making API calls to the VASP backend. If not set, the authentication token is passed through the Authorization header.
VEGA_API_ENDPOINT
VerifyVASP central API server address. As mentioned above, one of the two environments could be used depending on the purpose. In a production environment, register through https://api.vega-protocol.com. In a staging environment, register through https://api.vega-protocol.xyz.
VEGA_LOG_LEVEL
info
You can determine the log level of the enclave server.
none, error, warn, info, debug values can be used.

How to Run Enclave

How to Run by Writing an Environment Value on a File

  • Run by writing an environment value on a file. (e.g. prd_env)
1
;Enclave Server
2
VEGA_SERVER_PORT=21117
3
VEGA_ENCLAVE_PUBLIC_ENDPOINT=<Enclave Server endpoint URL>
4
5
;API Keys
6
VEGA_ALLIANCE_ACCESS_KEY=<issued accessKey>
7
VEGA_ALLIANCE_SECRET_KEY=<issued secretKey>
8
9
;DB Client
10
VEGA_DATABASE_CLIENT=mysql2
11
VEGA_DATABASE_USERNAME=vasp
12
VEGA_DATABASE_PASSWORD=1234
13
VEGA_DATABASE_HOST=<database endpoint URL>
14
VEGA_DATABASE_PORT=3306
15
VEGA_DATABASE_DB=vega
16
VEGA_DATABASE_POOL_MIN=0
17
VEGA_DATABASE_POOL_MAX=5
18
19
;VASP API
20
VEGA_VERIFICATION_API_PATH=<VerifyUser API endpoint URL>
21
VEGA_VERIFICATION_ACCOUNT_API_PATH=<VerifyAccount API endpoint URL>
22
VEGA_VERIFICATION_TRANSACTION_API_PATH=<Transaction processing state querying API endpoint URL>
23
VEGA_VERIFICATION_CALLBACK_API_PATH=<Callback API endpoint URL>
24
VEGA_VERIFICATION_AUTHORIZATION_TOKEN=<Auth Token>
25
VEGA_VERIFICATION_AUTHORIZATION_KEY=<Auth Token Header Key>
26
27
;VerifyVASP Central Server URL
28
VEGA_API_ENDPOINT=https://api.vega-protocol.xyz
29
30
;Log level
31
VEGA_LOG_LEVEL=info
32
33
;DB Encryption Key
34
VEGA_DECRYPT_API_ENDPOINT=<HSM URL>
35
VEGA_ENCRYPTION_KEY_BASE64=<Public Key on base64>
36
37
;Caching
38
VEGA_PUBLIC_KEY_TTL=1800000
Copied!
  • Run
1
$ docker run -d -p 21117:21117 --env-file=<Name of the Environment Variable File> --name=enclave verifyvasp/enclave:latest
Copied!

How to Run by Entering an Envrionment Value as Command

1
$ docker run -d -p 21117:21117 \\\\
2
-e VEGA_SERVER_PORT=21117 \\\\
3
-e VEGA_ENCLAVE_PUBLIC_ENDPOINT=<Enclave Server endpoint URL> \\\\
4
-e VEGA_ALLIANCE_ACCESS_KEY=<issued accessKey> \\\\
5
-e VEGA_ALLIANCE_SECRET_KEY=<issued secretKey> \\\\
6
-e VEGA_DATABASE_USERNAME=vasp \\\\
7
-e VEGA_DATABASE_PASSWORD=1234 \\\\
8
-e VEGA_DATABASE_HOST=<database endpoint URL> \\\\
9
-e VEGA_DATABASE_PORT=3306 \\\\
10
-e VEGA_DATABASE_DB=vega \\\\
11
-e VEGA_VERIFICATION_API_PATH=<VerifyUser API endpoint URL> \\\\
12
-e VEGA_VERIFICATION_ACCOUNT_API_PATH=<VerifyAccount API endpoint URL> \\\\
13
-e VEGA_VERIFICATION_TRANSACTION_API_PATH=<Transaction processing state querying API endpoint URL> \\\\
14
-e VEGA_VERIFICATION_CALLBACK_API_PATH=<Callback API endpoint URL> \\\\
15
-e VEGA_VERIFICATION_AUTHORIZATION_TOKEN=<Auth Token> \\\\
16
-e VEGA_VERIFICATION_AUTHORIZATION_KEY=<Auth Token Header Key> \\\\
17
-e VEGA_API_ENDPOINT=https://api.vega-protocol.xyz \\\\
18
-e VEGA_LOG_LEVEL=info \\\\
19
-e VEGA_PUBLIC_KEY_TTL=1800000 \\\\
20
-e VEGA_DECREYPT_API_ENDPOINT=<HSM URL> \\\\
21
-e VEGA_ENCRYPTION_KEY_BASE64=<Public Key on base64> \\\\
22
verifyvasp/enclave:latest
Copied!

Enclave Server Activation

Activate Enclave Server and Check

  • How to check if the enclave server is successfully activated
    • On the docker log, a message like “Listening port at 21117,” which means that it is listening through the port number previously set up, must be shown.
    • (However, an error log must not follow.)

Enclave Server Health Check

  • GET request via <enclave endpoint>/healthcheck.
  • In the VV central server, the health of each VASP enclave server is regularly (every 5-10 sec) checked.

Enclave Server Reactivation

  • If the Enclave docker stops, it should be reactivated.
  • Or if the logs as follows are shown in the Enclave docker log, it should be reactivated.
    • “Unhandled Rejection detect: <error message>”
    • “Uncaught Exception detect: <error message>”