Setting up the compliance server

The compliance server will be used by the banks to exchange the customer's KYC information before initiating a payment request. Follow these steps to set up the compliance server:

  1. Download the compliance server release from the Stellar website here (https://github.com/stellar-deprecated/bridge-server/releases). Select the binary corresponding to your OS version.
  2. Extract the binary file and copy the extracted folder. Paste and create two copies of the extracted folders labeled complianceA and complianceB.
  3. Create a file called compliance.cfg inside the extracted folders and open it in a text editor. Configure it like so for the compliance server for Bank A:
external_port = 8003
internal_port = 8004
needs_auth = true
network_passphrase = "Standalone Network ; February 2017"

[database]
type = "postgres"
url = "postgres://bankauser:bankauser@localhost/compliancea?sslmode=disable"

[keys]
# This should be the secret seed for your base account (or another account that
# can authorize transactions from your base account).
signing_seed = "SDSQ5MJALF7VWDFEFETPGGWJK2UEQ5HU6HJBKMT5M5YDJ3WYKMC5RC3O"
#encryption_key = "SDSQ5MJALF7VWDFEFETPGGWJK2UEQ5HU6HJBKMT5M5YDJ3WYKMC5RC3O"

[callbacks]
sanctions = "http://localhost:5000/compliance/sanctions"
ask_user = "http://localhost:5000/compliance/ask_user"
fetch_info = "http://localhost:5000/compliance/fetch_info"

[tls]
certificate_file = "/home/ishan/mkcert/banka.com.pem"
private_key_file = "/home/ishan/mkcert/banka.com-key.pem"

From the preceding code, we can make the following observations:

  • The external port is the TCP port where other banks or financial institutions need to submit requests for the exchange of compliance information.
  • The internal port will be used by the bank's internal infrastructure to run compliance checks on its own customers while initiating a transaction.
  • When the needs_auth flag is set to true, it means that the compliance server requires the KYC details of the beneficiary from the receiving bank when it is sending a payment.
  • The Stellar network passphrase is the network's passphrase. The database will be used to log compliance requests. Notice how we provide the user details and compliance database details for banka that we set up earlier when we were setting up the bank's internal databases. 
  • The signing key that's used for the messages is the secret key of Bank A. We also specify the callbacks server for the compliance server.
  • The compliance server will connect with these webhooks when it tries to fetch and validate the information from the bank's internal databases. We'll look at this in more detail when we set up the callback server.
  • Lastly, we provide the certificate and key file for Bank A that we generated earlier to secure all the incoming and outgoing requests to the compliance server.
  1. Set up the compliance.cfg file for Bank B:
external_port = 8008
internal_port = 8009
needs_auth = true
network_passphrase = "Standalone Network ; February 2017"

[database]
type = "postgres"
url = "postgres://bankbuser:bankbuser@localhost/complianceb?sslmode=disable"

[keys]
# This should be the secret seed for your base account (or another account that
# can authorize transactions from your base account).
signing_seed = "SB6HTLWBKVY6KOGKFZE2EKH3ZFSIYHYXJOORGKIOHSMPHBCX4SS4PU6G"
#encryption_key = "SB6HTLWBKVY6KOGKFZE2EKH3ZFSIYHYXJOORGKIOHSMPHBCX4SS4PU6G"

[callbacks]
sanctions = "http://localhost:5100/compliance/sanctions"
ask_user = "http://localhost:5100/compliance/ask_user"
fetch_info = "http://localhost:5100/compliance/fetch_info"

[tls]
certificate_file = "/home/ishan/mkcert/bankb.com.pem"
private_key_file = "/home/ishan/mkcert/bankb.com-key.pem"

From the preceding code, we can make the following observations:

  • The external port is set to 8008, while the internal port is set to 8009.
  • The database is set to complianceb for Bank B. The signing seed is the secret key for the Bank Stellar account.
  • The callbacks server for Bank B will be running on port 5100.
  • The certificate and key file are set to the relevant files for Bank B.
  1. Next, let's bring our compliance server online. Navigate to the compliancea directory. First, we need to migrate the compliance database. Do so with the following command:
./compliance --migrate-db
  1. Next, bring the server online with the help of the following command:
./compliance

Repeat the preceding steps for Bank B by navigating to the complianceb directory and executing the last two commands.

Now, we have set up the compliance server. Next, we'll set up the bridge server.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.74.54