Tendermint is used within Nym validators to prevent double-spending of generated credentials, and zero-knowledge proof to validate cryptocurrency use cases is built into the system at present. More complex smart contract cases will require the coding of specific zero-knowledge proofs to match the application domain of the contract.
You don't need to explicitly install Tendermint, it's taken care of by Docker
go get github.com/nymtech/nym-validator cd $GOPATH/src/github.com/nymtech/nym-validator git fetch --all --tags git checkout tags/v0.13.1 make localnet-build # builds the config directories and docker images docker-compose up -d
All components should now be running (please file a bug report if not).
Go to [TODO Jędrzej please put the URL here], download the sample
nymclient, and put it somewhere in your
./nymclient -f localnetdata/localclient/config.toml.
In the preceding Quickstart, there was a speedy succession of commands to build and run Nym inside docker containers, then hit the containers with the Nym client. If you were able to run all of them without errors, you have made your first Nym request.
But what did all of this do? What are the moving parts of a Nym-based system?
make localnet-build builds out a configuration directory for a Nym testnet that runs on your local machine. Listing the directory structure gives you this layout of files and directories. Use
tree build/ to list the directory tree.
builddirectory using the
treecommand. If you don't have
treeinstalled, just poke around using
$ tree build/
The config directory contains configuration files, as well as private and public keys for multiple components.
The components are as follows:
ethereum-watcherswatch the Ethereum blockchain for interesting transactions (such as a user piping Nym ERC20 tokens into Nym).
issuersare Coconut credential issuing authorities.
nodesare Tendermint blockchain nodes.
verifiersare Nym credential verifiers validating any credentials service providers want to deposit.
providersare (dummy) external service providers.
docker-compose up -d
You can get an idea of what infrastructure you're now running by using
Truncated output of
docker ps IMAGE COMMAND PORTS NAMES 88d0b7d0b4ba "/app/provider -f /p…" 0.0.0.0:4100->4000/tcp, 0.0.0.0:5100->5000/tcp provider1 88d0b7d0b4ba "/app/provider -f /p…" 0.0.0.0:4101->4000/tcp, 0.0.0.0:5101->5000/tcp provider2 298f6b896c69 "/app/issuer -f /iss…" 0.0.0.0:4000->4000/tcp, 0.0.0.0:5000->5000/tcp issuer1 298f6b896c69 "/app/issuer -f /iss…" 0.0.0.0:4001->4000/tcp, 0.0.0.0:5001->5000/tcp issuer2 298f6b896c69 "/app/issuer -f /iss…" 0.0.0.0:4002->4000/tcp, 0.0.0.0:5002->5000/tcp issuer3 2d9126a7090b "/app/nymnode" 0.0.0.0:26659->26656/tcp, 0.0.0.0:26660->26657/tcp node1 2d9126a7090b "/app/nymnode" 0.0.0.0:26663->26656/tcp, 0.0.0.0:26664->26657/tcp node3 2d9126a7090b "/app/nymnode" 0.0.0.0:26656-26657->26656-26657/tcp node0 2d9126a7090b "/app/nymnode" 0.0.0.0:26661->26656/tcp, 0.0.0.0:26662->26657/tcp node2
So now all the infrastructure is running. How can you make a request for a credential?
Download and run the Nym sample client. Go to release page, download the sample
nymclient, and put it somewhere in your
PATH. Then run:
nymclient -f $GOPATH/src/github.com/nymtech/nymlocalnetdata/localclient/config.toml.
When the client starts running, the following actions occur:
The client has retrieved a partial credential from multiple issuing authorities. At this point, those authorities are still able to identify which client requested the credential, so they could potentially identify the client if it tries to spend the credential. To fix this, the client needs to rerandomize.
Validation of the credential being presented by the user is done by the Service Provider, and the Issuing Authorities (IAs).
In in a production system, Service Providers will be run by third parties. But in order to demonstrate the system, we've built a dummy service provider into a Docker container so that we
There is quite a bit going on in the above flow. To see what happening inside each component when
nymclient makes its request, you may want to view the logs for each different component.
To get a list of containers, run
docker ps. Then attach to whichever containers you want to see logs for, e.g:
docker attach issuer1
docker attach node0
docker attach provider1
docker attach watcher1
docker attach verifier1
To run the code, follow the standard Go installation procedure as described in https://golang.org/doc/install.
All of the required dependencies are attached in the vendor directory.
In order to run tests, simply use the following:
go test -v ./...