Bitcurity

bitcurity

Bitcurity is a document management and proofing system prototyped for the biotech industry. It uses the bitcoin blockchain for generating irreversable proofs.

The users of the system include

  • Bitcurity Staff
  • Client Staff

Client Overview

A silicon valley biotech startup.

Timeline

Jan 2016 - Sep 2016

Platform

Web

Technical Highlights

Web App

Bitcurity is based on MVC framework with backend in ASP.NET MVC/C#/Razor pages and dynamic parts for the frontend written with core javascript, jTable, Rivets and jQuery. Bitcurity uses NBitcoin library for working with bitcoin blocks and transactions

Some of the notable features of Bitcurity prototype are:

  • Document management: Bitcurity lets you organize documents in a tree structure by client > project > folders > documents. A document can have any number of versions and every edit of a document produces a new version unless the current version is not yet proofed. Prior versions of the document are also available for download.
  • Proofing: Bitcurity uses op_return to embed a unique URL in the transaction for the document as a proof. The url contains a unique MD5 hash computed from the document content. A sample transaction is here
  • Bitcurity supports bitcoin's both testnet and main networks and the admins can switch between networks at any time to start proofing on that network. Being a prototype software, this was essential to avoid unnecessary spending real money when you can do with a fake one :)
  • Load funds: Bitcurity allows admins to "pull" funds essentially by creating a new fund address and loading the transactions from blockchain when the address is filled with funds.
  • Split funds for parallel proofing: Since proofing a document just needs 10k satoshis (as transaction fee) it's beneficial to split a larger output into several smaller outputs to aid in parallel proofing of several documents. Once Bitcurity has funds it allows you to split them into tiny units (as much tiny as you want lowest being 10k satoshis) essentially by generating new fund addresses and creating a spent transaction for them from an existing large output.

Security

Despite being of prototype nature, Bitcurity is designed with security in mind. Bitcurity uses BIP32 based encrypted keys derived from passphrase code. The secret is fed manually to generate passphrase code which is then saved in db and is used to re-generate new encrypted keys/addresses on demand. During the prototype the proofing process was kicked off manually and is fed with password. For future it was planned to have separate isolated server to automate this process. For application-level security, Bitcurity is powered by ASPSecurityKit. ASK provides activity-based, resource-aware authorization to easily and securely implement hierarchical, multi-tenanted data access.

Other Integrations

Bitcurity integrates with BlockCypher (for transaction propogation and loading of funds – for both bitcoin main and testnet), MailGun (for account related emails)