Milagro DTA is designed to be built into the workflow of any organisation that needs to trust another organisation to manage encryption keys. It provides a simple REST api “out-of-the-box” that can easily be integrated with an existing back office system, called from a front-end application or called from CURL, Postman, Swagger etc.
Milagro D-TA uses the Apache Milagrio Cryptography Library, so this must installed first
git clone https://github.com/apache/incubator-milagro-crypto-c.git cd incubator-milagro-crypto-c mkdir build cd build brew install cmake (or apt install cmake) cmake -D CMAKE_BUILD_TYPE=Release -D BUILD_SHARED_LIBS=ON -D AMCL_CHUNK=64 -D AMCL_CURVE="BLS383" AMCL_CURVE="BLS381" AMCL_CURVE="SECP256K1" -D AMCL_RSA="" -D BUILD_PYTHON=OFF -D BUILD_WCC=OFF -D BUILD_MPIN=ON -D BUILD_X509=OFF -D CMAKE_INSTALL_PREFIX=/usr/local .. sudo make install
There are two primary roles in a D-TA workflow: the Principal and the Master Fiduciary, as a quick start you can configure one D-TA to provide both roles. (Obviously for a more thorough evaluation configure two servers)
GITLAB VERSION
Install the latest version of Go
Clone the D-TA source code and build it
cd ~/go/src git clone https://gitlab.com/howardkitto/milagro-custody ./build.sh
This will put the config and data files in ~/.milagro
target/setvice init
For quick start a single server is Principal and fiduciary (as described above). Click here to find out more about the configuration options
Use an editor of your choice, I'm using nano
nano ~/.milagro/config.yaml
Give the node a name e.g. testNode by editing the following line:
nodeName: "testNode"
target/service daemon
masterFiduciaryServer: http://localhost:5556
.However before it can work properly we need to configure the Master Fiduciaries NoeId to be the same as the principal's
nano ~/.milagro/config.yaml copy the value of nodeID into masterFiduciaryNodeID e.g. masterFiduciaryNodeID: QmfWg5GffUEzwahd9hkvdnqTGQs5PfusoEpx3kSDSdG4ze nodeID: QmfWg5GffUEzwahd9hkvdnqTGQs5PfusoEpx3kSDSdG4ze
The API has three parts to it:
The details of the API can be seen here...
curl -X POST "http://localhost:5556/identity" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"name\":\"thisNode\"}"