Skip to content

AdityaC-07/SkillChain

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SkillChain — Blockchain-Powered Vocational Credentials

Overview

SkillChain issues verifiable, blockchain-backed vocational certificates to learners and institutions. It stores cryptographic proofs on Polygon (Mumbai) and the certificate artifacts on IPFS; a backend AI fraud detector analyzes uploaded certificates for tampering.

Built for high integrity and easy verification, SkillChain helps institutions issue credentials that employers and government agencies can trust.

Architecture Diagram

Frontend → FastAPI Backend → MongoDB ↓ Blockchain Service → Polygon Mumbai ↓ IPFS Service → Pinata ↓ AI Fraud Service → HuggingFace ViT

Quick Start

Prerequisites

  • Python 3.11+
  • Node 20+
  • MongoDB (or Docker)
  • MetaMask (for interacting with deployed contracts)
  1. Clone and setup
git clone <repo>
cd SkillChain
python -m venv .venv
.venv\Scripts\activate
pip install -r requirements.txt
  1. Configure .env
  • MONGODB_URI - MongoDB connection string (default mongodb://localhost:27017/skillchain)
  • JWT_SECRET - JWT signing secret
  • JWT_EXPIRE_MINUTES - token expiry in minutes
  • PINATA_API_KEY, PINATA_SECRET_KEY - Pinata credentials
  • POLYGON_RPC_URL - Polygon RPC endpoint (Mumbai testnet)
  • PRIVATE_KEY - Deployer private key for contracts
  • CONTRACT_ADDRESS - deployed SkillCertificate contract address (optional)
  • FRONTEND_URL - URL where frontend is hosted (for share links)
  1. Deploy smart contract
python app/contracts/deploy.py
# Copy the deployed address into .env as CONTRACT_ADDRESS
  1. Seed database
python seed.py
  1. Start backend
uvicorn main:app --reload --port 8000
  1. Start frontend
cd skillchain-frontend
npm install
npm run dev
  1. Run with Docker
docker-compose up --build

API Reference

Method Endpoint Auth Description
POST /api/auth/register No Register user (learner/institute)
POST /api/auth/login No Login and retrieve JWT
GET /api/auth/me Yes Get current user
POST /api/certificates/issue Yes (institute) Issue a certificate and mint NFT
GET /api/certificates/verify/{id} Public Verify certificate status
POST /api/digilocker/push/{id} Yes (learner) Push to DigiLocker sandbox
GET /api/analytics/stats Public Landing page stats
... ... ... More endpoints documented in code

Test Accounts (seed.py)

Key Features

  • ✅ Blockchain-backed certificates
  • ✅ IPFS storage for certificate artifacts
  • ✅ AI fraud detection using vision models
  • ✅ DigiLocker sandbox integration

Tech Stack

  • Frontend: React (Vite, Tailwind)
  • Backend: FastAPI, Beanie, MongoDB
  • Blockchain: web3.py, Polygon Mumbai
  • Storage: IPFS (Pinata)

Blockchain Details

  • Network: Polygon Mumbai (testnet)
  • Contract: SkillCertificate (deploy via app/contracts/deploy.py)

Project Structure

LICENSE
main.py
app/
  contracts/
  core/
  models/
  routers/
  services/
skillchain-frontend/
tests/

Contributing

Please open issues and PRs. This project is MIT licensed.

SkillChain (NCVET) — Python backend

FastAPI service for a blockchain-linked vocational certificate demo: IPFS (Pinata), Polygon Mumbai (web3.py), MongoDB (Beanie), JWT auth, optional fraud image scan (HuggingFace ViT), and mock DigiLocker hooks.

Prerequisites

  • Python 3.10+
  • MongoDB (local or Atlas)
  • (Optional) Pinata API keys, deployed SkillCertificate contract + funded wallet for mint/revoke on Mumbai

Quick start

cd skillchain-backend
pip install -r requirements.txt
python seed.py
uvicorn main:app --reload --port 8000

Interactive docs: http://localhost:8000/docs

Environment

Copy .env and set real values for production:

  • MONGODB_URI — e.g. mongodb://localhost:27017/skillchain
  • JWT_SECRET — long random string
  • PINATA_* — for PDF + JSON metadata uploads
  • POLYGON_RPC_URL, PRIVATE_KEY, CONTRACT_ADDRESS — on-chain mint/revoke (owner wallet must match contract owner)
  • FRONTEND_URL — used in QR codes ({FRONTEND_URL}/verify/{certificate_id})

Contract ABI is loaded from app/contracts/abi.json (update if you change the Solidity interface).

Smart contract

app/contracts/SkillCertificate.sol is written for OpenZeppelin ^0.8.20. Compile and deploy with your toolchain (Hardhat/Foundry), then paste the deployed address into CONTRACT_ADDRESS and refresh abi.json if needed.

Notes

  • seed.py wipes users, certificates, and audit_logs in the configured database, then inserts demo data without calling the blockchain.
  • The fraud endpoint uses google/vit-base-patch16-224 as a placeholder signal; it is not a trained forgery detector.
  • Polygon Mumbai may be deprecated upstream; switch POLYGON_RPC_URL to your preferred test network if Mumbai RPCs fail.

Known Limitations

  • Mumbai Testnet Performance: Polygon Mumbai can be slow during high network congestion. Certificate minting may take 30-60 seconds. The system includes graceful failure handling with PENDING_MINT status and automatic retry logic.
  • Fraud Detection Model: The current fraud detection uses a pre-trained ViT model as a placeholder. For production, a model specifically trained on certificate forgery patterns should be used.
  • Read-Only Mode: If PRIVATE_KEY is not set in .env, the server starts in read-only mode where certificate issuance is disabled but verification still works.
  • IPFS Pinning: Relies on Pinata's free tier which has rate limits. For high-volume production, consider using a dedicated IPFS node or paid Pinata plan.
  • Demo Mode: The /demo route pre-fills form data for hackathon demonstrations. This should be disabled in production environments.

Screenshots

(Team to add screenshots here)

  • Landing page with live activity feed
  • Certificate issuance form with PDF preview
  • Certificate detail page with blockchain explorer embed
  • Why Blockchain comparison widget
  • Fraud scanning interface

Running Smoke Tests

To verify the application is working correctly, run the smoke test script:

# Set API URL if not using localhost
export API_URL=http://localhost:8000

# Run smoke tests
bash scripts/smoke_test.sh

The smoke test will:

  1. Check health endpoint
  2. Register a test institute
  3. Login with test credentials
  4. Issue a certificate (may fail if no blockchain funds)
  5. Verify the certificate
  6. Run a fraud scan

Each test will print PASS or FAIL with a summary at the end.

About

FastAPI backend for SkillChain (NCVET): JWT auth, MongoDB/Beanie, IPFS (Pinata), Polygon Mumbai NFT certificates, fraud scan stub, mock DigiLocker.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors