Data privacy for Quorum.
Crux is a secure enclave for Quorum written in Golang.
4-node Quorum network with Crux
The best way to start is to run the Quorum-Crux Docker image. This image runs a 4 node Quorum network using Crux as the secure enclave communicating over gRPC.
git clone https://github.com/blk-io/crux.git docker-compose -f docker/quorum-crux/docker-compose.yaml up
Where the node details are as follows:
|Name||Quorum node address||Account key||Crux node key|
2-node Crux only-network
2 Crux nodes example is simple Docker image to just bring up 2 Crux nodes which communicate with each other.
git clone https://github.com/blk-io/crux.git docker-compose -f docker/crux/docker-compose.yaml up
Where the Crux node keys are the same as
quorum2 above, and are listening on ports
9001 and 9002 for gRPC requests.
For those of you who are unable to use Docker, you can run the
7 Nodes Quorum example which is an updated version of JP Morgan's Quorum 7 Nodes example using Crux as the secure enclave.
Download the latest binary
The latest binaries for different platforms are available on the release page.
Each Crux instance requires at least one key-pair to be associated with it. The key-pair is used to ensure transaction privacy. Crux uses the NaCl cryptography library.
You use the
--generate-keys argument to generate a new key-pair with Crux:
crux --generate-keys myKey
This will produce two files, named
myKey.pub reflecting the private and public keys
At a minimum, Crux requires the following configuration parameters. This tells the Crux instance what port it is running on and what ip address it should advertise to other peers.
Details of at least one key-pair must be provided for the Crux node to store requests on behalf of.
crux --url=http://127.0.0.1:9001/ --port=9001 --workdir=crux --publickeys=tm.pub --privatekeys=tm.key --othernodes=https://127.0.0.1:9001/
If you'd prefer to run just a client, you can build using the below instructions and run as per the below.
git clone https://github.com/blk-io/crux.git cd crux make setup && make ./bin/crux Usage of ./bin/crux: crux.config Optional config file --alwayssendto string List of public keys for nodes to send all transactions too --berkeleydb Use Berkeley DB for storage --generate-keys string Generate a new keypair --othernodes string `Boot nodes` to connect to to discover the network --port int The local port to listen on (default -1) --privatekeys string Private keys hosted by this node --publickeys string Public keys hosted by this node --socket string IPC socket to create for access to the Private API --storage string Database storage file name (default `crux.db`) --url string The URL to advertise to other nodes (reachable by them) --verbosity int Verbosity level of logs (default 1) --workdir string The folder to put stuff in (default: .) (default `.`) --grpc Use protobuf + gRPC for communication between nodes (default `true`) --tls Use TLS to secure HTTP communications --tlsservercert TLS server certificate --tlsserverkey TLS server key
How does it work?
At present, Crux performs its cryptographic operations in a manner identical to Constellation. You can read the specifics here.
The two main workflows for handling private transactions are the submission and retrieval demonstrated below.
New transaction submission
Existing transaction retrieval
Crux is a constellation located in the southern sky in a bright portion of the Milky Way. It is among the most easily distinguished constellations, even though it is the smallest of all 88 modern constellations. (Source: Wikipedia)
The critical or transitional moment or issue, a turning point.
@patrickmn the original author of Constellation. Crux would not exist were it not for his work.