Interaction between BigBang light wallet service (LWS) and Amazon aws IoT Core

  Back to News

  China, Xianggang, Guiqing - 01/23/2020 (

LWS is the abbreviation of light wallet service, which is a bridge between the backbone network of Bigbang public blockchain and the terminal data collection remote sensing equipment. Through LWS, the block and transaction data of the Bigbang Core wallet are updated and cached in a timely manner in lWS' own high-speed memory database and local database.

Based on these data, it can calculate the latest utxo set of public key addresses corresponding to the keys held by different terminal devices, and publish this information to Amazon cloud facilities through mqtt connection with aws IoT Core. Its message broker forwards the information to the corresponding terminal devices that subscribe to this information.

Correspondingly, the terminal device will package the data into the transaction after acquiring the data collected by the monitoring according to the utxo list related to itself, and publish it to Amazon IoT Core through mqtt.

Via the latter's message broker, LWS pushes are sent to these devices that subscribe to the sending transaction topics, and LWS verify these transactions. If the verification is successful, this part of the transaction will be forwarded to the BigBang Core core wallet through the socket api, and the latter will broadcast these transactions to the BigBang Core network through the p2p network interface. The block-producing node will collect these transactions and finally complete the operation of its packaging block on the chain.

The security of data interaction between LWS and device is divided into two aspects:

On the one hand, the transmission security is between LWS and aws iot core. The default security provided by aws is a secure connection through X509 certificate and TLS1.2 client two-way authentication and encryption.

Through the Amazon AWS IoT Device SDK, LWS establishes a connection that must provide its own client device certificate, the key registered on the Amazon cloud and the root certificate of the iot with the latter's highly scalable device gateway. It must provide its own client's device certificate, the key registered on the Amazon cloud, and the root certificate of the iot to complete the authentication of identity and authentication. Communicate with the message gateway behind it.

On the other hand, the business data transmission security established with the device through mqtt is secure.Each time a device-side service request creates a session with LWS, it randomly selects a pair of key pairs from its ApiKeySeed pool, and calculates the ApiKey as the current value through an elliptic curve multiplication operation with the public key attached when the device terminal requests it. The unique session key during the lifetime of the session ensures session security.In addition, for abnormal device-side requests, LWS will make a corresponding judgment, and record the {$ DEVICE} of the abnormal device to determine that it is added to the blacklist according to the number of illegal ServiceReq parameter submissions and the frequency of invalid messages.


The following are the relevant definitions and calculations of ApiKey

Pubkey Address structure

1Pubkey ?ED25519)

2. Creating ApiKeySeed

Use ED25519 to generate keypair?Privkeylws,Pubkeylws)

ApiKeySeed = Pubkeylws

3. Generating ApiKey

The keypair for DeviceClient address is (Privkeycli, Pubkeycli)

Pubkeycli corresponds to the point on the ED22519 curve Pcli = (Privkeycli) x G

The keypair generated by LWS for creating ApiKeySeed is (Privkeylws, Pubkeylws)

Pubkeylws corresponds to point Plws on the ED22519 curve = (Privkeylws) x G

LWS calculation?

ApiKey = PACK?? Privkeylws? xPcli?

DeviceClient calculation?

ApiKey = PACK?? Privkeycli? x Plws ?


LWS uses the long-connection-based, two-way message pub / sub message broker provided by aws to release the coupling relationship with the device-side data interaction of a large number of connections, and solves the high concurrency and high scalability of the device.

For data storage query of block and transaction, and UTXO data update, LWS uses aws Amazon DynamoDB service to store their KV key-value pair data.

Considering the massive transaction data and packaged block data generated by the high concurrent TPS on the multiple branches of the BigBang Core public chain network, as well as the massive UTXO data, the data storage service Amazon DynamoDB, which uses the ms-level response delay of aws, can serve every business The branch chain creates a block database and transaction database to accelerate data retrieval capabilities.

LWS synchronizes the downlink blockchain data of the backbone network with the high-throughput, elastically expanded Amazon Kinesis service, using Amazon S3 distributed data with high scalability (durability), high durability (durability), and high availability The storage service caches huge block files to the Amazon cloud. This completes the real-time data collection and processing of the block, and can be used by other LWS with local physical addresses and even provide retrieval services to LWS worldwide. Moreover, when out of sync with the core wallet or data error, LWS can use the data in S3 to recover quickly.

In addition, LWS uses the rules engine of the aws rule engine to convert and route messages to the aws service. The backend uses the Kinesis service to offload data to different aws services, or connects to the Lambda service to offload data.

In an environment where the regional network transmission is uneven, Aws CloudFront service can also be used to provide CDN-like functions.

Useing PB-level Amazon Redshift relational data warehouse can store structured blockchain data, and it is convenient for BigBang Core blockchain web browsers, smart device wallet apps, BigBang Core blockchain development testers to debug and track data when the program is running view.

LWS is developed using the high-concurrency language golang. The program uses goroutine and channel facilities to ensure that a large number of device-side requests sent simultaneously to send transactions to the core wallet backbone network can be processed in a timely and effective manner, thereby achieving high-speed on-chain transactions.

Media Contacts:

person_outline  Full Name:Vicky Shu
phone  Phone Number:N/A
business_center  Company:BigBang
View Results in Google
Promote Your Business keyboard_arrow_right

Join The Community