Blockchain-based Product Authenticity Verification System
ChainCheck is a decentralized application (dApp) that enables consumers to verify product authenticity using blockchain technology. By scanning a QR code, users can instantly determine if a product is genuine or potentially counterfeit.
Counterfeit products cost the global economy over $500 billion annually. Consumers have no reliable way to verify product authenticity, and brands lose revenue to fake goods. Traditional verification methods are easily compromised and lack transparency.
ChainCheck provides a transparent, immutable verification system:
- Manufacturers register products on the blockchain with unique serial numbers
- Each product receives a unique QR code containing batch ID and serial number
- Consumers scan the QR code to verify authenticity on-chain
- First scan = Authentic | Second scan = Potential Counterfeit
- On-chain Verification: All verifications are recorded on Polygon blockchain
- Mobile-First Scanner: No app installation required, works in any browser
- Real-time Results: Instant verification with blockchain confirmation
- Tamper-Proof: Immutable records prevent fraud
- Low Cost: Built on Polygon for minimal transaction fees
- Open Source: Transparent and auditable codebase
- Solidity 0.8.20
- Hardhat - Development framework
- Polygon - Low-cost blockchain network
- React 18 - UI framework
- TypeScript - Type safety
- Vite - Build tool
- Ethers.js - Blockchain interactions
- html5-qrcode - QR code scanning
- Node.js - QR code generation service
- Express - Web server
- QRCode - QR code library
ChainCheck/
contracts/ # Smart contracts
ChainCheck.sol # Main verification contract
frontend/ # React application
src/
App.tsx # Main application component
config.ts # Configuration and contract ABI
utils/ # Blockchain utility functions
package.json
qr-generator/ # QR code generation service
server.js
scripts/ # Deployment scripts
deploy.js
test/ # Test suite
ChainCheck.test.js
hardhat.config.js # Hardhat configuration
README.md
- Node.js 18+ and npm
- MetaMask browser extension
- Git
- Clone the repository
git clone https://github.com/yourusername/ChainCheck.git
cd ChainCheck- Install root dependencies
npm install- Install frontend dependencies
cd frontend
npm install
cd ..- Install QR generator dependencies
cd qr-generator
npm install
cd ..- Set up environment variables
# Root directory
cp .env.example .env
# Frontend directory
cd frontend
cp .env.example .env
cd ..Edit .env files and add your configuration:
- Root
.env: AddPRIVATE_KEY,POLYGON_RPC_URL, etc. - Frontend
.env: AddVITE_CONTRACT_ADDRESSafter deployment
Validate environment variables:
npm run validate-env- Start local Hardhat node
npx hardhat nodeKeep this terminal running.
- Deploy contract to local network (in a new terminal)
npx hardhat run scripts/deploy.js --network localhostCopy the deployed contract address.
- Update frontend configuration
- Open
frontend/src/config.ts - Update
CONTRACT_ADDRESSwith the deployed address - Set
CURRENT_NETWORKtoNETWORK_CONFIG.localhost
- Start QR generator service (in a new terminal)
cd qr-generator
npm start- Start frontend development server (in a new terminal)
cd frontend
npm run dev- Access the application
- Open http://localhost:3000 in your browser
- Connect MetaMask to localhost network (Chain ID: 1337)
- Import test accounts from Hardhat node for testing
Run the test suite:
npm testThe test suite covers:
- Contract deployment
- Manufacturer authorization
- Product registration
- Product verification (authentic and fake)
- Access control
- Edge cases
- Set up environment variables
cp .env.example .env
# Edit .env and add your PRIVATE_KEY and other required variables- Validate environment
npm run validate-env- Get test MATIC
- Visit https://faucet.polygon.technology
- Request test tokens for your address
- Deploy contract
npm run deploy:mumbai
# Or manually:
# npx hardhat run scripts/deploy.js --network mumbai- Verify contract (optional)
npx hardhat verify --network mumbai <CONTRACT_ADDRESS>-
Ensure sufficient MATIC in your wallet
-
Deploy contract
npm run deploy:prod
# Or manually:
# npx hardhat run scripts/deploy-production.js --network polygon- Update frontend configuration
- Option A (Recommended): Set
VITE_CONTRACT_ADDRESSinfrontend/.env - Option B: Update
CONTRACT_ADDRESSinfrontend/src/config.ts - Set
CURRENT_NETWORKtoNETWORK_CONFIG.polygoninfrontend/src/config.ts
- Install Vercel CLI
npm i -g vercel- Build frontend
cd frontend
npm run build- Deploy
vercel --prodThe frontend is a standard React application and can be deployed to:
- Netlify
- GitHub Pages
- AWS S3 + CloudFront
- Any static hosting service
The QR generator service includes:
- Rate limiting (100 requests/15min per IP)
- Request logging (Morgan)
- Error handling
- Health check endpoint (
/health) - Production-ready error messages
Deploy to:
- Heroku
- Railway
- Render
- AWS EC2
- Any Node.js hosting service
Environment variables:
PORT=3001 # Optional, defaults to 3001
NODE_ENV=production # Set to production for production deploymentHealth check:
curl http://your-service-url/healthOr use it locally for development:
npm run serverChainCheck includes Sentry integration for production error tracking:
- Set up Sentry:
- Create account at https://sentry.io
- Create a React project
- Copy your DSN
- Configure:
# Add to frontend/.env
VITE_SENTRY_DSN=https://your-dsn@sentry.io/project-id- Features:
- Automatic error capture
- Performance monitoring
- Session replay on errors
- User context tracking
Track user behavior and business metrics with PostHog:
- Set up PostHog:
- Create account at https://posthog.com
- Create a new project
- Copy your API key (phc_...)
- Configure:
# Add to frontend/.env
VITE_POSTHOG_KEY=phc_your_api_key_here
# Optional: If self-hosting
# VITE_POSTHOG_HOST=https://your-posthog-instance.com- What's Tracked:
- Page views (automatic)
- QR code scans
- Product verifications
- Wallet connections
- Errors
- Session recordings (optional)
- Feature flags support
- Features:
- Automatic event capture
- Session replay
- User identification
- Privacy-focused (GDPR-ready)
- Open source (can self-host)
See MONITORING_SETUP.md for complete monitoring setup guide.
ChainCheck includes GitHub Actions workflows for automated testing and deployment:
- CI Pipeline (
.github/workflows/ci.yml)
- Runs on every push/PR
- Tests and lints code
- Builds frontend
- Security audits
- Auto-deploys to staging/production
- Contract Deployment (
.github/workflows/contract-deploy.yml)
- Manual workflow for contract deployment
- Supports Mumbai and Polygon networks
- Optional contract verification
- Add GitHub Secrets:
VERCEL_TOKEN- Vercel deployment tokenVERCEL_ORG_ID- Vercel organization IDVERCEL_PROJECT_ID- Vercel project IDPRIVATE_KEY- For contract deploymentPOLYGON_RPC_URL- Polygon RPC endpointPOLYGONSCAN_API_KEY- For contract verification
- Workflow Triggers:
- Push to
main→ Deploy to production - Push to
develop→ Deploy to staging - Pull requests → Run tests only
See workflow files in .github/workflows/ for details.
- Get authorized by the contract owner
- Register products using the
registerProductfunction:
registerProduct(
batchId: 1,
name: "Premium Sneakers",
brand: "Nike",
serialHashes: [hash1, hash2, ...]
)- Generate QR codes using the QR generator service
- Attach QR codes to products
- Open ChainCheck in your browser
- Connect MetaMask wallet
- Click "Start Scan" and allow camera access
- Scan QR code on the product
- View result: Authentic or Potential Counterfeit
QR codes contain product data in one of two formats:
Colon-separated (default):
1:SN123456
JSON format:
{"batchId":"1","serialNumber":"SN123456"}- Private Keys: Never commit private keys to version control
- Access Control: Only authorized manufacturers can register products
- Serial Hashing: Serial numbers are hashed to prevent guessing
- One-time Verification: Each serial can only be verified once as authentic
- Network Security: Always verify you're on the correct network
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
ChainCheck is open source and available on GitHub. Contributions are welcome!
- Repository: https://github.com/CodeAndCoffeeGuy/Chaincheck
- Live Demo: https://chaincheck.io
- Issues: Report bugs or request features on GitHub
Important Security Notes:
- Never commit
.envfiles or private keys - All sensitive data uses environment variables
- Private keys are only used locally for deployment
- Frontend code is safe to be public (no secrets exposed)
- NFC chip integration
- Manufacturer dashboard UI
- Batch QR code generation tool
- IPFS metadata storage
- Multi-chain support
- Mobile app (React Native)
- Analytics dashboard
- API for third-party integrations
For issues, questions, or contributions:
- Open an issue on GitHub
- Check existing documentation
- Review test files for usage examples
- Built with Hardhat, React, and Polygon
- Inspired by the need for transparent product verification
- Open source and community-driven
Built with care for a more trustworthy marketplace.