Disclaimer: Please check the README of this project for all the details: https://github.com/ankitshubham97/dappvault#readme .

This project combines the power of cryptography, blockchain & decentralized file system to create a document-protection product for DAOs (or any web2 organizations as well).

Problems:

In every organization, there are a bunch of sensitive documents that need to be private to certain members. The current state of the solution is to subscribe to document-protection product based on centralized systems like Bitwarden, Google docs etc.

Dependency on centralized system & single point-of-failure

What if the service on which the organizations hosted their sensitive files goes down? What if the files get compromised because of a bug in the centralized server, or any other reason? These centralized systems serve as the single point-of-failures!

High charges to store files

The centralized services charge a significant amount for a relatively-simpler work. They are able to do this because of the monopoly they enjoy!

Not encrypted, prone to leaks

It is not new to hear of news that due to certain vulnerabilities in the centralized system, the files got leaked. On top of it, they rarely care to encrypt the data and then store it.

Solution:

Dappvault is a document-protection dapp which is truly decentralized yet secure. The files are tightly-encrypted & then stored on IPFS. They can only be accessed by the members which the organization has authorized to. The authorization is granted to a member only if any of the 2 conditions are met:

-- Have the correct NFT in their wallet which the organization provided.

-- Have a certain amount of governance tokens of the organization.

Think something similar to Developer DAO (You need to either have one of their genesis NFTs or 400 $CODE tokens to unlock access)

In its essence, the organization can:

-- Store files on IPFS(so decentralized)

-- Remain worry-free because their files are first encrypted and then stored on IPFS

-- Token-gate their files; so only that member who possesses a certain NFT or have enough governance tokens can truly access the information (Of course, the NFT would be provided by the organization and it would be one of the guarantees of access to their private content!)

-- With Chainsafe, 20GB data could be hosted for free!

High-level positive flow (A):

-- Member has the correct NFT in their wallet.

-- Member goes to app and connects his wallet.

-- Voila! He is able to access the sensitive files!

High-level positive flow (B):

-- Member has the enough governance tokens in their wallet.

-- Member goes to app and connects his wallet.

-- Voila! He is able to access the sensitive files!

High-level negative flow (A):

-- Member goes to the app but does not connect his wallet and tries to view the sensitive data.

-- Oops! He is unable to access them!

High-level negative flow (B):

-- Member has neither the correct NFT nor enough governance tokens in their wallet . -- Member goes to app and connects his wallet.

-- Oops! He is unable to access the sensitive data!

Disclaimer: Please check the README of this project for all the details: https://github.com/ankitshubham97/dappvault#readme .

-- This project is built on Polygon Mumbai chain.

-- The app is deployed at https://dappvault-frontend.vercel.app/

-- The app uses Chainsafe and its APIs for decentralized storage on IPFS. -- The app uses Covalent and its APIs for fetching account balance. This is critical to verify if a wallet holds the correct NFT or if the wallet has enough governance tokens so that accordingly, the backend would generate a valid access token.

What is in the project?

This projectcontains 3 sub-projects:

1. Backend service

2. Frontend for members.

3. A simple admin interface for the organization to encrypt-and-upload new content to IPFS.

-- The app is based on Polygon Mumbai chain and the related ERC-721 smart contract is deployed here (Contract address: 0x8437ee943b49945a7270109277942defe30fac25 on Polygon Mumbai) The smart contract is in the smart-contracts directory.

Technical flow (positive)

-- User has either the correct NFT or enough governance tokens in their wallet.

-- User goes to app (https://dappvault-frontend.vercel.app/) and connects his wallet.

-- They sign a nonce and frontend sends a payload containing the nonce, signature and wallet public address to the backend.

-- Backend finds the signature to be valid. It also finds that the wallet public address does contain the correct NFT using Covalent API.

-- It generates an access token and sends it to frontend.

-- Frontend piggybacks this access token on the request to the backend server that enables the user to view the private content.

-- Backend server sees that the frontend is trying to access the private content. It checks if the access token is valid and finds it to be valid.

-- Backend server fetches the encrypted content from IPFS, decrypts it using its secret key and sends the decrypted content to the frontend.

-- Voila! The member is able to view the sensitive files!

-- (Note that the organization uploads files to IPFS via the admin interface (https://dappvault-frontend.vercel.app/admin). The admin interface sends the content to the backend where it is first encrypted by the backend's secret key and then the encrypted content is uploaded to IPFS.)

Technical flow (negative)

-- In any negative flow, the user won't be having a valid access token. The flow stops here itself and the content is never fetched.

For judges: To know how to test the dapp, please follow the steps mentioned here: https://github.com/ankitshubham97/dappvault#ethonline-hackathon-2022