Attempt at creating an etherscan data connector to retrieve the balance of an eth address from etherscan.
- Ubuntu 20.04 with Linux Kernel โฅ 5.11
- CPU: Intel Xeon E-2288G
- Docker (>= 20.10.21) & Docker-Compose
To establish a TLS channel, we need a CA and generates a client cert for mutual authentication, store them at cert
directory.
-
Generate Client private key:
openssl ecparam -genkey -name prime256v1 -out cert/client.key
-
Export the keys to pkcs8 unencrypted format
openssl pkcs8 -topk8 -nocrypt -in cert/client.key -out cert/client.pkcs8
-
Generate Client CSR
openssl req -new -SHA256 -key cert/client.key -nodes -out cert/client.csr
-
Generate Client Cert
openssl x509 -req -extfile <(printf "subjectAltName=DNS:localhost,DNS:www.example.com") -days 3650 -in cert/client.csr -CA cert/ca.crt -CAkey cert/ca.key -CAcreateserial -out cert/client.crt
public.ecr.aws/clique/clique-sibyl-base:2.1.0
public.ecr.aws/clique/clique-sibyl-mtls-base:2.1.0
public.ecr.aws/clique/clique-sibyl-dcsv2-base:2.1.0
public.ecr.aws/clique/clique-sibyl-dcsv2-mtls-base:2.1.0
-
Build Sibyl:
docker build -t sibyl -f Dockerfile.sibyl .
-
Build Sibyl with mTLS:
docker build -t sibyl -f Dockerfile.mTLS.sibyl .
-
Build DCsv2 Sibyl:
docker build -t sibyl -f Dockerfile.DCsv2.sibyl .
-
Build DCsv2 Sibyl with mTLS:
docker build -t sibyl -f Dockerfile.DCsv2.mTLS.sibyl .
-
Build DCsv2 custom DCAP service:
docker build -t pccs -f Dockerfile.DCsv2.pccs .
-
Deploy Sibyl:
docker compose -f docker-compose.yml up
-
Deploy Sibyl with custom DCAP service:
docker compose -f docker-compose-dcap.yml up
Then Sibyl will run and listen on port 3443.
For Azure VMs, custom DCAP service is only avaiable for DCsv2 and is not supported in DCsv3.
For example, if you want to make a get query for url https://api.github.com/repos/github/repo-name
:
curl -k --location 'https://localhost:3443/query' --key ./cert/client.pkcs8 --cert ./cert/client.crt \
--header 'Content-Type: application/json' \
--data '{
"query_type": "demo_get",
"query_param": {
"host": "api.github.com",
"url": "/repos/github/repo-name",
"port": 443
}
}'