# Astral Private Chain (Offline) This folder provisions an air-gapped private Ethereum network using Geth + Clique (PoA), then deploys `AstralAccess.sol` with Hardhat. ## What is configured - Consensus: Clique (PoA) - Block time: 5 seconds (`period: 5`) - Network ID / Chain ID: `1999` - RPC: `http://127.0.0.1:8545` - CORS: `*` - Persistent chain storage: `./chain_data` - Auto-unlock accounts on startup: enabled with `--unlock`, `--password`, `--allow-insecure-unlock` ## Accounts Two deterministic private keys are included for fully offline reproducibility: - Sealer key: `keys/sealer.key` - Pre-funded key: `keys/prefunded.key` On first startup, `init-and-run.sh` imports both keys into `./keystore`, stores their addresses in: - `keystore/sealer.address` - `keystore/prefunded.address` Then it generates `genesis.json`, initializes chain data, and starts mining. `password.txt` content: ```text studio ``` ## Initialize genesis block (geth init) This explicit command is provided for manual control: ```powershell cd blockchain geth init --datadir ./chain_data ./genesis.json ``` For this setup, `docker compose up` automatically runs genesis generation + `geth init` on first startup. ## Start the node ```powershell cd blockchain docker compose up -d ``` Check logs: ```powershell docker compose logs -f geth ``` ## Hardhat setup and deployment From `blockchain/`: ```powershell npm init -y npm install --save-dev hardhat @nomicfoundation/hardhat-ethers ethers npx hardhat compile npx hardhat run deploy.js --network astralLocal ``` ## Local network config `hardhat.config.js` points to: - URL: `http://127.0.0.1:8545` - Chain ID: `1999` - Account: private key of the pre-funded account (`keys/prefunded.key`) Optional override: ```powershell $env:PREFUNDED_PRIVATE_KEY="0x" ``` ## Contract functions - `grantAccess(address user, string lora_hash, uint256 durationInSeconds)` (admin only) - `revokeAccess(address user, string lora_hash)` (admin only) - `checkAccess(address user, string lora_hash)` - `logGeneration(string lora_hash, string output_hash)` `logGeneration` reverts when access is invalid and emits `GenerationCreated` when a record is appended.