Upvest

The Upvest Blockchain API

A multi-protocol blockchain API for building blockchain-interacting applications.

Get Started     Tutorial     API Reference

Architecture

Learn about Upvest's technical infrastructure

Business Concept

Upvest defines the notion of ‘tenants’, which represent customers that build their platform upon the Upvest API. The end-users of the tenant (i.e. your customers), are referred to as ‘clients’. A tenant is able to manage their users directly (CRUD operations for the user instance) and is also able to initiate actions on the user's behalf (create wallets, send transactions).

Upvest

Upvest integrates blockchain protocols into their tech stack and exposes access to the functionality of those protocols to their tenants via an easy-to-use and documented set of API calls.

Tenant

A tenant is able to register an account with Upvest under account.upvest.co. The tenant usually represents a business which is integrating the Upvest API to offer blockchain-backed services to their users.

Client

A client is a user of the tenant, utilizing Upvest software indirectly, via interacting with the tenant's platform. Although the tenant can initiate actions on the user’s behalf, any actions that require access to the user’s wallet (i.e. transactions, signing) will require the involvement of the user using their password.

Technical Architecture

At a high level, the Upvest platform can be divided into three parts. It consists of the API layer, the Upvest Wallet Management layer as well as the Upvest Enclave.

Let's take a look at a working example of the technical architecture along with the example of sending a transaction:

User Triggers Transaction

The tenant's user submits his password and the relevant transaction information on the tenant's front-end which triggers an API call directly to Upvest from their browser.

Upvest API

The Upvest API is the customer (tenant) and end-user (client) facing product. It validates incoming transaction requests and passes them on for processing as well as steering the response back to the requesting entity (in this case the requesting user’s browser).

Upvest Wallet Management

Upon authenticating the user and validating their transaction request, the request is passed to the Wallet Management layer which retrieves the user’s encrypted wallet material from the Upvest data store. A first level of processing is performed using a Hardware Security Module (HSM), before passing the wallet data and transaction information to the Upvest Enclave.

Upvest Enclave

The Upvest Enclave is an extremely small and hardened bare-kernel processing environment. It is the only part of the Upvest platform where decrypted wallet private keys exist, and solely for the purpose of signing transaction requests.

The Upvest Enclave derives the user’s wallet decryption key from their password, decrypts the user wallet, validates and signs the requested transactions, and returns the signed payload to the Wallet Management layer, which passes the signed payload to back-end blockchain nodes for broadcast.

Architecture


Learn about Upvest's technical infrastructure

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.