github.com/hyperion-hyn/go-ethereum@v2.4.0+incompatible/docs/Privacy/Constellation/Constellation.md

github.com/hyperion-hyn/go-ethereum@v2.4.0+incompatible/docs/Privacy/Constellation/Constellation.md (about)

     1  # Constellation
     2  
     3  Constellation is a self-managing, peer-to-peer system in which each
     4  node:
     5  
     6    - Hosts a number of NaCl (Curve25519) public/private key pairs.
     7  
     8    - Automatically discovers other nodes on the network after
     9      synchronizing with as little as one other host.
    10  
    11    - Synchronizes a directory of public keys mapped to recipient hosts
    12      with other nodes on the network.
    13  
    14    - Exposes a public API which allows other nodes to send encrypted
    15      bytestrings to your node, and to synchronize, retrieving
    16      information about the nodes that your node knows about.
    17  
    18    - Exposes a private API which:
    19  
    20        - Allows you to send a bytestring to one or more  public keys,
    21          returning a content-addressable identifier. This bytestring is
    22          encrypted transparently and efficiently (at symmetric
    23          encryption speeds) before being transmitted over the wire to
    24          the correct recipient nodes (and only those nodes.) The
    25          identifier is a hash digest of the encrypted payload that
    26          every receipient node receives. Each recipient node also
    27          receives a small blob encrypted for their public key which
    28          contains the Master Key for the encrypted payload.
    29  
    30        - Allows you to receive a decrypted bytestring
    31          based on an identifier. Payloads which your node has sent or
    32          received can be decrypted and retrieved in this way.
    33  
    34        - Exposes methods for deletion, resynchronization, and other
    35          management functions.
    36  
    37    - Supports a number of storage backends including LevelDB,
    38      BerkeleyDB, SQLite, and Directory/Maildir-style file storage
    39      suitable for use with any FUSE adapter, e.g. for AWS S3.
    40  
    41    - Uses mutually-authenticated TLS with modern settings and various trust
    42      models including hybrid CA/tofu (default), tofu (think OpenSSH), and
    43      whitelist (only some set of public keys can connect.)
    44  
    45    - Supports access controls like an IP whitelist.
    46  
    47  Conceptually, one can think of Constellation as an amalgamation of a
    48  distributed key server, PGP encryption (using modern cryptography,)
    49  and Mail Transfer Agents (MTAs.)
    50  
    51  Constellation's current primary application is to implement the
    52  "privacy engine" of Quorum, a fork of Ethereum with support for
    53  private transactions that function exactly as described in this
    54  README. Private transactions in Quorum contain only a flag indicating
    55  that they're private and the content-addressable identifier described
    56  here.
    57  
    58  Constellation can be run stand-alone as a daemon via
    59  `constellation-node`, or imported as a Haskell library, which allows
    60  you to implement custom storage and encryption logic.