To make sure that you are not interacting with a sanctioned person or organization when sending or receiving cryptocurrencies, you need to run a small compliance check for the presence of crypto addresses on the sanctioned lists.
The simplest thing you can do is download the sanctioned persons list file from the official government website and find the address you are interested in (for example, using the grep command).
However, in a distributed system, obvious problems such as cache invalidation, outgoing requests via the Internet, and duplication of updater/parser code arise.
This project is a small http server written in Rust intended to solve these problems and allow you to check whether a crypto wallet address is on the sanctions list via simple json api.
It is an open source alternative to tools such as: Chainalysis Sanctions Screening Tools or TRM Sanctions Screening API.
At the moment, the server does not support operation over the TLS protocol, and therefore should not be used for requests over the Internet without a part capable for terminating TLS traffic (for example, nginx).
The server is designed to be simple, fast and used behind a reverse proxy or load balancer. However, some of this may change over time.
- Be as fast as possible without turning source into a mess of optimized write-only code
- Be secure and follow best security practices, but no more than is required for safe use
- Follow the HTTP protocol as much as possible to ensure compatibility with any client
- Startup cache and it's invalidation policy
- Retry policy for outgoing requests
- Socks proxy (tor?) for outgoing requests
- Health status support for load balancing
- Signal processing and graceful shutdown
- Expose more command line configuration options
- JSON response format and extended info
- Dump of all database records
- Batch address check (cors support for post req?)
- TLS support
- Code coverage and package release
- Possibility of effective compression
You can easily install the server locally using the cargo package manager command:
cargo install crypto-sanctions-server
The server can run inside a docker container. Several steps required:
git clone [email protected]:stdfox/crypto-sanctions-server.git
docker build -t crypto-sanctions-server .
docker run --detach --rm --name=crypto-sanctions-server -p 8000:8000 -t crypto-sanctions-server
git clone [email protected]:stdfox/crypto-sanctions-server.git
cargo run
Or build and run in release mode, with optimizations:
cargo run --release
You can start the http server on a custom host and port using the following command options:
cargo run -- --host 0.0.0.0 --port 3000
You can check the crypto address using any available http1 client, curl
for example:
curl http://127.0.0.1:8000/api/crypto-sanctions/1EpMiZkQVekM5ij12nMiEwttFPcDK9XhX6
This will print the response in JSON format like this:
{"address": "1EpMiZkQVekM5ij12nMiEwttFPcDK9XhX6", "sanctioned": true}
It works the same for all blockchains, for example for an Ethereum address:
curl http://127.0.0.1:8000/api/crypto-sanctions/0xf3701f445b6bdafedbca97d1e477357839e4120d
It will print:
{"address": "0xf3701f445b6bdafedbca97d1e477357839e4120d", "sanctioned": true}
If you prefer short console commands to use on desktop, you can add something like this to your shell configuration file (.bashrc, .zshrc, etc):
crypto-sanctions () {
command curl http://127.0.0.1:8000/api/crypto-sanctions/$@
}
After that you can use the command as follows:
crypto-sanctions 0xf3701f445b6bdafedbca97d1e477357839e4120d
Since this server works with an in-memory database and does not use a serializer, it is quite performant. See the benchmark result on my good old 2017 MacBook Pro (3,1 GHz Dual-Core Intel Core i5) for release build:
% ab -k -c 100 -n 1000000 -q http://127.0.0.1:8000/api/crypto-sanctions/0xf3701f445b6bdafedbca97d1e477357839e4120d
This is ApacheBench, Version 2.3 <$Revision: 1903618 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 127.0.0.1 (be patient).....done
Server Software:
Server Hostname: 127.0.0.1
Server Port: 8000
Document Path: /api/crypto-sanctions/0xf3701f445b6bdafedbca97d1e477357839e4120d
Document Length: 77 bytes
Concurrency Level: 100
Time taken for tests: 14.328 seconds
Complete requests: 1000000
Failed requests: 0
Keep-Alive requests: 1000000
Total transferred: 209000000 bytes
HTML transferred: 77000000 bytes
Requests per second: 69793.78 [#/sec] (mean)
Time per request: 1.433 [ms] (mean)
Time per request: 0.014 [ms] (mean, across all concurrent requests)
Transfer rate: 14245.02 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 0 0.0 0 5
Processing: 0 1 0.4 1 16
Waiting: 0 1 0.4 1 16
Total: 0 1 0.4 1 16
Percentage of the requests served within a certain time (ms)
50% 1
66% 1
75% 1
80% 2
90% 2
95% 2
98% 3
99% 3
100% 16 (longest request)
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in a work by you, shall be licensed as MIT, without any additional terms or conditions.
This project has a rule on how git commit messages can be formatted. This leads to messages that are more readable and easy to follow when looking through the project history.
Each commit message consists of mandatory type and a subject:
<type>: <subject>
Any line of the commit message cannot be longer 100 characters.
Examples:
docs: add contributing guidelines to readme file
build: remove unused dependencies
If the commit reverts a previous commit, it should begin with revert:
, followed by the header of the reverted commit.
Must be one of the following:
- build: Changes that affect the build system or external dependencies
- docs: Documentation only changes
- feat: A new feature
- fix: A bug fix
- perf: A code change that improves performance
- refactor: A code change that neither fixes a bug nor adds a feature
- style: Changes that do not affect the meaning of the code
- test: Adding missing tests or correcting existing tests
The subject contains a brief description of the change:
- use the imperative, present tense: "change" not "changed" nor "changes"
- don't capitalize the first letter
- no dot (.) at the end
This project is licensed under the MIT License.