Parity e-mail verification
The following process ties an account to an email address:
confirm(token)
+-------------------> +--------+
| |contract| puzzle(address, sha(token), sha(email))
| +-----------> +--------+ <-----------+
| | |
| | request(sha(email)) |
| | |
| | |
| +------+ POST /?email=…&address=… +------+
+-+ |client| +-------------------------> |server| code=rand()
+------+ +------+ token=sha(code)
token=sha(code) ^ e-mail with code |
+------------------------------------+- client requests verification (
request(sha(email))) - client calls verification server (
POST /?email=…&address=…) - server generates
codeand computestoken - server posts challenge (
puzzle(address, sha(token), sha(email))) - server sends e-mail to client (with
code) - client computes
token - client posts response (
confirm(token))
Now, anyone can easily check if an account is verified by calling certified(address) on the contract.
latest deployed EmailVerification.sol
Installation
git clone https://github.com/ethcore/email-verification.git
cd email-verification
npm install --productionUsage
The account calling puzzle has to be the owner of the contract.
- Set up an account and put its password in a file.
- Run Parity with
--jsonrpc-apis net,eth,personal,parity. - Create a config file
config/<env>.json, which partially overridesconfig/default.json. env NODE_ENV=<env> node index.js
Deploy to production using process managers like forever.
To run on both testnet and mainnet, just create two config files. Make sure to use
- separate Parity processes listening on different ports (
parity.host) - separate
dbfiles - separate ports to listen on (
http.port)