DocureChain — Verify Once. Trusted Forever. 🔗

A hybrid blockchain + cloud document verification platform targeting the Indian Background Verification (BGV) industry.
Core Principle: Blockchain for trust. Cloud for speed. Device for privacy.

---

What is DocureChain?

Every time someone changes jobs in India, their entire career history is re-verified from scratch — a slow, expensive, and repetitive process. DocureChain introduces the BGV Chain: each document is verified once by the issuing institution, anchored on the Polygon blockchain, and reused across future employers with the person's consent. New employers only verify the latest record; everything before is already confirmed.

Key Highlights

Metric	Traditional BGV	DocureChain
Verification time	9–14 days	1–2 days
Repeated work	100%	Only newest
Person controls data	❌	✅ (consent)
Tamper-proof records	❌	✅ (blockchain)

---

Architecture

┌────────────────────────────────────────────────────────────────────┐
│                         FRONTEND LAYER                            │
│  ┌──────────────────────┐   ┌───────────────────────────────────┐ │
│  │   Mobile (Expo RN)   │   │   Org Portal (Next.js 16 + TW4)  │ │
│  │  Wallet · Upload · QR│   │  Landing · Person/Org Demo Views  │ │
│  └──────────┬───────────┘   └──────────────┬────────────────────┘ │
├─────────────┼──────────────────────────────┼──────────────────────┤
│             │       API GATEWAY (:4000)     │                     │
│             │   Express + http-proxy-middleware                   │
│             │   /api/v1/auth  → Auth Service                     │
│             │   /api/v1/documents → Document Service              │
│             │   /api/v1/verify → Verification Service             │
├─────────────┼────────────────────────────────────────────────────-┤
│                        MICROSERVICES                              │
│  ┌──────────┐  ┌───────────┐  ┌──────────────┐  ┌─────────────┐ │
│  │Auth :4001│  │Doc  :4002 │  │Verify  :4003 │  │Notif  :4004 │ │
│  │Express   │  │Fastify    │  │Express       │  │Express      │ │
│  │JWT + DID │  │Multipart  │  │Hash + QR + ID│  │Redis PubSub │ │
│  └──────────┘  │Bull Queue │  └──────────────┘  └─────────────┘ │
│                └───────────┘  ┌──────────────┐                   │
│                               │AI Mail :4005 │                   │
│                               │OpenAI+Resend │                   │
│                               └──────────────┘                   │
├──────────────────────────────────────────────────────────────────-┤
│                         DATA LAYER                                │
│        PostgreSQL (Prisma)  ·  Redis  ·  AWS S3  ·  IPFS/Pinata  │
├──────────────────────────────────────────────────────────────────-┤
│                      BLOCKCHAIN LAYER                             │
│           Polygon (Hardhat · OpenZeppelin Upgradeable)            │
│   IdentityRegistry  ·  DocumentRegistry  ·  AccessControl        │
└───────────────────────────────────────────────────────────────────┘

Tech Stack

• Monorepo: Turborepo v2 + pnpm 9 workspaces
• Smart Contracts: Solidity 0.8.20, OpenZeppelin Upgradeable, Hardhat
• Frontend: Next.js 16 (App Router) + TailwindCSS v4, React Native (Expo)
• Backend: Express, Fastify, Prisma ORM, Bull queues, Redis
• AI: OpenAI (gpt-4o) for verification email drafting
• Email: Resend for transactional delivery
• Crypto: AES-256-GCM client-side encryption, SHA-256 hashing, DID:ethr identity

---

Project Structure

docurechain/
├── apps/
│   ├── mobile/                  # Expo React Native – end-user wallet
│   └── org-portal/              # Next.js 16 – product landing & demo
│
├── services/
│   ├── api-gateway/             # Edge proxy bridging all microservices
│   ├── auth-service/            # UUID/DID mapping, JWT signing
│   ├── document-service/        # Fastify multipart S3/IPFS uploads + Bull queues
│   ├── verification-service/    # Document hash, ID, and QR code verification
│   ├── notification-service/    # Redis pub/sub push & email notifications
│   └── ai-mail-service/         # AI-drafted verification emails (OpenAI + Resend)
│
├── packages/
│   ├── crypto-utils/            # AES-256-GCM encryption, DID generation, SHA-256 hashing
│   └── shared-types/            # Common TypeScript interfaces
│
├── blockchain/
│   └── contracts/
│       ├── IdentityRegistry.sol # DID ↔ address mapping, issuer registration
│       ├── DocumentRegistry.sol # Anchor document hashes, revocation
│       └── AccessControl.sol    # Time-limited verifier access tokens
│
├── docker-compose.yml           # PostgreSQL 15 + Redis 7
├── Makefile                     # Dev, test, deploy, clean targets
├── turbo.json                   # Turborepo pipeline config
└── pnpm-workspace.yaml

---

Smart Contracts

Contract	Purpose
IdentityRegistry	Maps DIDs to Ethereum addresses. Registers verified issuers (owner-only).
DocumentRegistry	Anchors SHA-256 hashes on-chain with owner DID, IPFS CID, doc type, and issuer. Supports revocation.
AccessControl	Grants time-limited access tokens to verifiers. Owner can revoke anytime.

All contracts use OpenZeppelin Upgradeable proxies for future-proof deployment.

---

Getting Started

1. Prerequisites

• Node.js ≥ 20
• pnpm ≥ 9.0
• Docker & Docker Compose

2. Environment Setup

cp .env.example .env
# Fill in: DATABASE_URL, REDIS_URL, JWT_SECRET, AWS/S3, Pinata,
#          Polygon RPC, OPENAI_API_KEY, RESEND_API_KEY, etc.

3. Start Infrastructure

Spin up PostgreSQL and Redis containers:

make services-up

4. Install & Build

pnpm install
pnpm run build

5. Deploy Smart Contracts

cd blockchain
npx hardhat compile
npx hardhat test
npx hardhat run scripts/deploy.ts --network mumbai

Important: Update .env with the deployed addresses for IDENTITY_REGISTRY_ADDRESS, DOCUMENT_REGISTRY_ADDRESS, and ACCESS_CONTROL_ADDRESS.

6. Start All Services

Boot every app and service via Turborepo:

make dev
# or: pnpm dev / turbo run dev

Service	Default Port
API Gateway	4000
Auth Service	4001
Document Service	4002
Verification Service	4003
Notification Service	4004
AI Mail Service	4005
Org Portal (Next.js)	3000

---

Mobile App (Expo)

The React Native app provides:

• Wallet Generation: Creates a secp256k1 keypair and DID:ethr identity, stored in expo-secure-store
• Encrypted Document Upload: Select from gallery → upload via API Gateway → anchor on-chain
• QR Code Verification: Scan any DocureChain QR to verify document authenticity against Polygon

cd apps/mobile
npx expo start

---

Testing

Run the full test suite across the monorepo:

make test
# or: pnpm test

Individual services can be tested in isolation:

cd services/verification-service
pnpm test

---

Security Model

Layer	Mechanism
Transport	Helmet headers, CORS, rate limiting on every service
Encryption	AES-256-GCM client-side — server never sees raw documents
Identity	DID:ethr decentralized identifiers, JWT-secured API paths
Blockchain	SHA-256 hashes anchored on Polygon — tamper-proof source of truth
Access	Time-limited on-chain access tokens; owner grants and revokes
Gateway	Express reverse proxy with per-IP rate limiting (300 req/min)

---

Make Targets

Command	Description
make dev	Start infra + all services
make test	Run monorepo-wide test suite
make services-up	Docker Compose up (PostgreSQL + Redis)
make services-down	Docker Compose down
make deploy-contracts	Deploy Solidity contracts to Polygon
make clean	Remove all node_modules, dist, .turbo

---

License

Private — All rights reserved.