Hosted Sandbox

Overview

This tutorial provides step-by-step instructions for running the Builder Vault Demo on your personal device.

The Sandbox is a Builder Vault instance with three MPC nodes hosted by Blockdaemon, available for you to access with certificate authentication.

This environment allows you to explore and test various functionalities, enabling you to:

  • Try TSM features such as key generation (ECDSA, secp256k1) and transaction/message signing.
  • Modify the Demo app to test other functionality or cryptographic primitives of your choice.
  • Build an independent PoC using the TSM SDK.
  • Test the solution integration with your existing suite of products.

Sandbox Terms

There are some terms that you need to understand before using the Builder Vault Sandbox:

  • Usage Disclaimer: This system is available for evaluation purposes only and should not be used for commercial or personal services. This demo bundle does not include the actual TSM. The TSM nodes are fully hosted and controlled by BD and are not running in any kind of safe environment given it’s only for demo purposes. In real-life scenarios, one needs to take care of the appropriate access controls and possibly run them in enclaves.
  • Data Reset Schedule: The data on the nodes undergoes a regular reset, meaning that it should not be treated as a dependable replication of a production environment. This sandbox is a shared resource and be sure to back up your keys per the user documentation.
  • Maximum Ping Rate: The max ping rate 80/s for the keygen operation and 95/s for the signing operation.

📘

Note:

The instructions have been tested on Linux and Mac OS. You might need to make slight adjustments if you're using a different operating system.

Step-by-step Guide

Prerequisite

  • Go version 1.21.

1. Download the Demo App

  1. Go to the registration page and fill in your info
  2. You will receive an email with the Demo App download link
  3. Download the Demo App from the email that you received
  4. Unzip the downloaded file. Ensure that it has the following files:
    1. main.go: The SDK example file with a simple CLI that you can use to generate keys and sign messages. Feel free to try anything!
    2. client.crt: Your unique TLS certificate, used by main.go to connect to the sandbox cluster.
    3. client.key: Your unique TLS private key, used by main.go to connect to the sandbox cluster.
    4. go.mod: The Go dependencies required by the example file.
    5. readme.md: Your instruction on how to run the TSM demo.

2. Run the Demo App

After setting up your Go environment, you can start experimenting with the Builder Vault Sandbox by following the steps below:

Step 1: Setup

Simply run go mod tidy to pull the required dependencies, and you're good to go!

Step 2: Generating a new key

To generate a new key and get back it's handle and the public key simply run:

$ go run main.go keygen

Example output:

Starting keygen for client-2
Starting keygen for client-0
Starting keygen for client-1
-------
Node 1: Key created!
Key ID: ABDB6gK4Gu7zUI1qphDkfQGvp09J
public key: MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEv7IyQLERmgRS/bOnVnRrQAoPCNJpe78pfHlLnfhfePmDzCetrsncfo4AMJdqDNk/6P00Fpkku4hTniaXvt+1pw==
-------
-------
Node 2: Key created!
Key ID: ABDB6gK4Gu7zUI1qphDkfQGvp09J
public key: MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEv7IyQLERmgRS/bOnVnRrQAoPCNJpe78pfHlLnfhfePmDzCetrsncfo4AMJdqDNk/6P00Fpkku4hTniaXvt+1pw==
-------
-------
Node 0: Key created!
Key ID: ABDB6gK4Gu7zUI1qphDkfQGvp09J
public key: MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEv7IyQLERmgRS/bOnVnRrQAoPCNJpe78pfHlLnfhfePmDzCetrsncfo4AMJdqDNk/6P00Fpkku4hTniaXvt+1pw==
-------

Step 3: Signing a message

To sign a message using the newly generated key, run:

$ go run main.go sign ABDB6gK4Gu7zUI1qphDkfQGvp09J "hello world"

Example output:

Starting signing for client-2
Starting signing for client-0
Starting signing for client-1
-------
Node 1: Message signed!
sig: MEQCIDZC1u6uiakHB4Dr7em6ggGAPRnIJdr0sbAyMUJx0NM1AiBtHi7PbKYqu48rrKt85Jvlt7+kHVNR09wU2wFlR/Ujzw==
key ID: EFRB6gK4Gu7zUI1qphDkfQGvp09J
------
-------
Node 0: Message signed!
sig: MEQCIDZC1u6uiakHB4Dr7em6ggGAPRnIJdr0sbAyMUJx0NM1AiBtHi7PbKYqu48rrKt85Jvlt7+kHVNR09wU2wFlR/Ujzw==
key ID: EFRB6gK4Gu7zUI1qphDkfQGvp09J
------
-------
Node 2: Message signed!
sig: MEQCIDZC1u6uiakHB4Dr7em6ggGAPRnIJdr0sbAyMUJx0NM1AiBtHi7PbKYqu48rrKt85Jvlt7+kHVNR09wU2wFlR/Ujzw==
key ID: EFRB6gK4Gu7zUI1qphDkfQGvp09J
------

Optional: Manually verifying a signature

This doesn't require the Builder Vault SDK, but here's one way to verify the signature using OpenSSL:

openssl dgst -sha256 -verify <(echo "<public key>" | base64 -d) \
 -signature <(echo "<signature>" | base64 -d) \
 <(echo -n "<message>")

Here's the example of the signature generated above:

$ openssl dgst -sha256 -verify <(echo "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEv7IyQLERmgRS/bOnVnRrQAoPCNJpe78pfHlLnfhfePmDzCetrsncfo4AMJdqDNk/6P00Fpkku4hTniaXvt+1pw==" | base64 -d) \
  -signature <(echo "MEQCIDZC1u6uiakHB4Dr7em6ggGAPRnIJdr0sbAyMUJx0NM1AiBtHi7PbKYqu48rrKt85Jvlt7+kHVNR09wU2wFlR/Ujzw==" | base64 -d) \
  <(echo -n "hello world")
  

3. Learn more about Builder Vault

Please visit the full documentation to discover more Builder Vault use cases and functionality.

You can also visit the GO TSM SDK v2 repo and build your own applications, using the Builder Vault Sandbox.

Need Help?

Contact us through email or our support page for any issues, bugs, or assistance you may need.

Does your application require something more?

Blockdaemon also offers an array of APIs for blockchain connectivity, reporting, staking, and more. Please contact us to learn more.