Inspiration
As PayID launched and I started to build an AWS Lambda function to return my address data, I quickly realized all of the needed pieces were not super obvious to be compliant. After creating the first version of my Lambda function, I changed course to start building payidvalidator.com.
What it does
The service asks the user/dev to enter the PayID address and choose which payment network to make a request of. Once the user submits the form, it attempts to make the request and then validates the response across several rules.
Checks performed:
- HTTP Status Code
- CORS Headers
- Access-Control-Allow-Origin
- Access-Control-Allow-Methods
- Access-Control-Allow-Headers
- Access-Control-Expose-Headers
- Content-Type header check
- Cache-Control header check
- Response Time
- JSON Schema Validation of the response body
- Validation of Address to Content-Type header
- Cross-check that each crypto address returned is valid on the given network/environment.
- Check for valid signatures when a response contains a verifiedAddresses property. (Disclaimer, this work was completed by nhartner.)
How I built it
Tech used:
- AWS
- CloudFormation
- VPC
- Certifcate Manager
- EC2
- CloudFront
- S3
- SecretsManager
- ParameterStore
- Route53
- CodeBuild
- CodeDeploy
- CodePipeline
- Apache
- PHP 7.1+
- CURL
- JSON schema validation
Challenges I ran into
In the process of building this, I learned how to write/define JSON schema files. I also have never built a true end-to-end continuous deployment pipeline. The pipeline was achieved by using AWS CodeBuild, AWS CodeDeploy and AWS CodePipeline. With any commit to the master branch, a build is kicked off and flows through the pipeline and is automatically released to the site.
What's next for PayID Validator
I am working on adding more checks to push the threshold for PayID server responses higher.
Open Source
This project is open source and welcomes community contributions. https://github.com/rswarthout/payid-validator
Log in or sign up for Devpost to join the conversation.