DEV Community

loading...

NEM Catapult for common use Multisig Account

Anthony Law
・4 min read

Integrate blockchain account into existing user management system.

They are a lot of companies are interested in integrating blockchain into the current existing system. The first thing how to integrate the blockchain Account (wallet) to pair with their current existing user.

The most common solution is to help the user to manage the private key and store it into a database.

In my opinion, the first may user don't know how to take care of the private key, because the private key never recovers like “password”. Another reason it may be hard to do a secure way in a smart contract.

That is not a good solution, because it’s not the decentralized solution and account security is not guaranteed. The blockchain account asset can be controlled by the company or the system admin. In security-wise, if the system admin accidentally deletes the database, otherwise the company needs to spend extra cost to maintain the database.

Introduce NEM Catapult Blockchain

It’s a powerful blockchain engine, as a developer, it’s easy to implement and fast to integrate into any existing system.

Catapult provided a lot of on-chain features, which multisig account is one of it, and we will be using Multisig Account to apply into user management solution.

In this example, the company name called Catapult Academy provided NEM catapult related training and let participate enroll exam. Once the exam pass, Catapult Academy will certify the participant.

The company like to Integrate NEM blockchain into the current existing system, to make the user traceability, in the future, all digital certificate will distribution via NEM blockchain.

Integrate Multisig Account to existing user in database

image.png

In this diagram, we link 3 NEM Account as cosignatories to Multisig Account. In this example, we have Catapult Academy Admin, User Management Admin and User.

With this solution

  • Users able to control the Multisig account by his own account.
  • Every transaction detail can track using the Multisig Account.
  • The multisig Account condition need to configure 1 minimum approval and 2 minimum removal.

1 minimum approval

  • User can directly to interact with his multisig Account, without anyone else permission.

2 minimum removal

  • Only Catapult Academy Admin and User Management Admin can remove the User cosigner public key if users lose the account.

In the solution, user are freely control the multisig account, even if user lose the account, user can just recreate the new NEM account and link back to multisig account.

High level overview flow (onboard user)

image.png

  1. User have to submit public key to the system.
  2. Once user public key available, system will generate Multisig account and prepare multisig tranaction.

    • System can randomly generate Multisig Account
    • Multisig configuration
  3. Announce Aggregate bonded transaction to network.

  4. Update Multisig Account in existing user database.

  5. Related cosignatories must cosign the transaction.

Highlight

// Random account generation
const { Account, NetworkType } = require('nem2-sdk')
Account.generateNewAccount(NetworkType.TEST_NET)

// Convert NEM account to Multisig account
const multisigAccountModificationTransaction = MultisigAccountModificationTransaction.create(
    Deadline.create(),
    1, // minimum approval
    2, // minimum removal
    [userManagementAdminAccount.publicAccount, catapultAcademyAdminAccount, userAccount],
    [],
    NetworkType.TEST_NET,
    UInt64.fromUint(200000) // fees
);

High level overview flow (update publickey for exisitng multisig account)

image.png

  1. User have to submit new public key to system.
  2. System will prepare Multisig account modification.
    • Retrive the old user public key from multisig account.
    • Remote old user public key and assign the new user public key to multisig account.
  3. Announce aggregate bonded transaction to network.
  4. Related cosignatories must cosign the transaction.

Highlight

// Retrive cosignatories and fliter old user public key

const multisigHttp = new MultisigHttp(endpoint);
let oldUserPublicKey = await multisigHttp
    .getMultisigAccountInfo(MutlisigAccount)
    .toPromise()

// Remote `old user public key` and assign the `new user public key` to multisig account

const multisigAccountModificationTransaction = MultisigAccountModificationTransaction.create(
    Deadline.create(),
    0,
    0,
    [newUserAccount], // Add 
    [oldUserAccount], // Remote
    networkType,
    UInt64.fromUint(200000)); // Fees

Summary

As we can see, with this solution, everything is tracking on-chain decentralized. The user database just only needs to add a multisig account record. The benefit for this design, decentralized account management, worry-free for users lose the private key, it won't affect the multisig account. It may be expensive to create Multisig account for every user, but for the long term, it's more secure and gains the decentralized advantage on the blockchain.

I believe the solution can implement in many areas, such as National Voting, Exchange Catapult Wallet, Foreigner digital ID border control and etc.

Read more :
Source Code
NEM Catapult Explain By Opening line
What is Multisig Account By NEM Tech

Discussion (0)