Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/prasoonsoni/safe-chain-backend

Secure, Decentralized Access to Your Data 🔐
https://github.com/prasoonsoni/safe-chain-backend

bcryptjs expressjs ipfs ipfs-api jsonwebtoken mongodb mongoose nodejs portfolio

Last synced: 9 days ago
JSON representation

Secure, Decentralized Access to Your Data 🔐

Host: GitHub
URL: https://github.com/prasoonsoni/safe-chain-backend
Owner: prasoonsoni
License: mit
Created: 2022-08-05T17:09:01.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2022-11-04T04:58:19.000Z (about 2 years ago)
Last Synced: 2024-11-02T19:03:11.383Z (13 days ago)
Topics: bcryptjs, expressjs, ipfs, ipfs-api, jsonwebtoken, mongodb, mongoose, nodejs, portfolio
Language: JavaScript
Homepage: https://www.safechain.prasoon.codes/
Size: 705 KB
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

Logo

Safe Chain 🔐

The first Decentralized Password Manager

Explore the docs »

•
Report Bug
•
Request Feature
•

## 💡 Inspiration
When we are using a traditional password managers or any other vault app, we are storing our data on a particular location it can be either local storage or private storage, which have some extreme problems. One of the problem is that all of the data is centralized, which means that whoever have the control over storage have the access to change or hack the data. The controller can do whatever he wants to do with the data such as change the data, sell the data, delete the data or prevent your access. This makes our data vulnerable to attacks, exploitation and loss.
The major disadvantage of a password manager is that you’re keeping all your eggs in one basket. If a hacker manages to get inside your vault, he would access all of your accounts.

## 📌 About the Product
- A personal data management software that is prepared in a manner that makes it impervious to any attacks. Essentially, your details after creating an account are stored on a decentralized blockchain that even we cannot access. This data is then further encrypted, and can only be decrypted via a unique key that is provided to you upon registration.
- As the world moves forward and more and more concerns regarding 'private' data come up, the need for decentralizing control over stored data becomes a global priority. Thus, this project is our humble contribution towards taking the control of data away from large corporations towards smaller, well-connected communities and individuals.

## 🤔 What it does ?
- Our **base idea** is to provide users with a utility software that acts a **password wallet cum manager** that uses the current developments in **decentralized storage architecture** to provide them with a platform that saves all their passwords in a manner that makes them impenetrable.
- We use the **cutting-edge IPFS system** to store our user's passwords after encrypting the data via the **AES algorithm**. We require only a single field for registration on our software, a **master password**, and return a **unique 'secret' key** that the user must protect at all costs.
- With the combination that of the password and the key, that is given to our users, we create a simple **hack-proof** system that protects all the data of our users at a nominal cost. This same system can have **immense future prospects**.

## ⚒️ How we built it ?
- **Front-End**: We used ReactJS and Chakra UI to create a simple, elegant and minimalist user interface that meets our design requirements and maximises efficiency.
- **Back-End**: We used several JS 'npm' packages, as well as NodeJS as a runtime environment to create an effective and effortless back-end module.
- **Storage**: We used the decentralized IPFS framework via pre-built node packages to create custom APIs that cater to our software.
- **Security**: Most importantly, we use the modern AES algorithm, along with BcryptJS and JSON Web Token to ensure complete security.

## 🧑‍💻 How it works ?
![1](https://user-images.githubusercontent.com/75159757/183277734-a1640bc8-64c4-4d60-8b28-566ad1510a53.png)
![2](https://user-images.githubusercontent.com/75159757/183286644-717cf1e1-8074-4abe-85b9-f733afe24314.png)
![3](https://user-images.githubusercontent.com/75159757/183286897-3b6d68aa-c38c-45a7-8064-b1b7434d2905.png)

## 💪 Challenges we ran into
- Ensuring that at no place did we store or use our **user's secret key**.
- Coming up with a sound **business plan** for a project that can very well be in the publc service domain.
- Overcoming various errors as we learned how to use the **IPFS system** for the first time.
- Overcoming various **CORS** errors by trial and error when trying to integrate the **back-end API** with the front-end architecture.

## ✨ Accomplishments that we're proud of
- Our **USP** that we made **innovative use** of **modern storage** and **encryption systems** that make it essentially impervious to any and all attacks.
- Combine that with the **minimalistic design** and **efficient software** development, and we have the perfect password utility tool for our times.
- We have created a system in which the data is **double encrypted** and the **master password** is never saved or transferred. The user has the ownership of it's own data.

## 📚 What we learned
- Learned how to use **IPFS**.
- Various new **ReactJS** and **NPM** packages that we used at various places in the front and back-end.
- Implementing **IPFS-API** with **NodeJS** and **ExpressJS** to store and retrieve data.

## 🛡️ Features
- Trustless
- Zero Knowledge Architecture.
- Progressive Web App that is responsive on all platforms and devices.
- Strong encryption base with AES256, JSON Web Token and bcryptJS.
- Fully open-source with code transparency.
- Simple, minimilistic UI.

## 💸 Business Model
### Our Customer Base 👤
- Our core customer base is basically **everyone using the internet today**.
- We hope to give them a **completely secure password wallet** and hopefully **inform and empower** them to **take charge of their own data**.

### Revenue Streams 💰
- We will charge a **nominal fee for registration**.
- **Minimal ads** added to the website.
- We hope to **officially partner with various governments** and offer them our services to ensure data privacy and security.

### Cost Structure 💲
- Smart and efficient **marketing** will require some investment.
- As the software grows in scale and the customer base becomes large, investment will be required for **scaling up storage**.

## 🚀 What's next for Safe Chain
- Our **project's end goal** is to educate everyone on the earth about the **value and worth of their own data** and have them **take responsible ownership** of it.
- While this technology starts as a **simple password-wallet utility software**, we hope to have **all the data** that is collected for one person be under their **own ownership**, such that whenever it is sold somewhere, they **receive a commission**.
- Moreover, we hope to **implement further web extensions** that **save all the passwords** that you create for every new account, after encrypting it, so that **no one can access that data**.

## Getting Started

To get a local copy up and running follow these simple steps.
### Prerequisites
In order to get a copy of the project you will require you to have Node.js (v14+) and the NPM package manager installed. If you don't have it, you can download the latest version of Node.js from the [official website](https://nodejs.org/en/download/) which also installs the NPM package manager by default.
### Installation
Open the terminal in the folder in which you wish to clone the repository and enter the following command:
```
git clone https://github.com/prasoonsoni/Safe-Chain-Backend.git
cd Safe-Chain
```
Install all the NPM packages:
```
npm i
```
In order to run the backend server:
```
npm i -D nodemon (One time installation)
npx nodemon index.js
```
In order to run the frontend:
```
npm run start
```

> **Note that you will have to add your own `.env` file at the root directory and add your own environment variables for the project to build.**

Following are the environment variables used for backend:
- `JWT_SECRET_KEY` - SecretKey for Json Web Token
- `MONGO_URI` - MongoDB URI for your database

## Contributing

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**.

1. Fork the Project
2. Create your Feature Branch (`git checkout -b feature/YourAmazingFeature`)
3. Commit your Changes (`git commit -m 'Add some YourAmazingFeature'`)
4. Push to the Branch (`git push origin feature/YourAmazingFeature`)
5. Open a Pull Request

## 👾 Contributors
### Prasoon Soni
[`E-Mail`](mailto:[email protected])
[`LinkedIn`](https://www.linkedin.com/in/prasoonsoni/)

### Alok Mathur
[`E-Mail`](mailto:[email protected])
[`LinkedIn`](https://www.linkedin.com/in/alok-mathur-5aab4534/)

### Rishi Kaushal
[`E-Mail`](mailto:[email protected])
[`LinkedIn`](https://www.linkedin.com/in/rishi-kaushal-133246212/)