# Development Notes

## Role of public and private keys

* Party A is the third-party business caller&#x20;
* Party B is the service provider of ChainUp&#x20;

The role of public-private key pair: Party A needs to generate a pair of public-private keys in advance when creating the application in the background, where the public key (rsa\_third\_pub) is provided to Party B, and the private key is kept by itself. When Party A requests the service provided by Party B, Party B encrypts the request parameters with Party B's public key and signs the original MD5 data with Party A's private key; when Party B receives the request, Party B decrypts the data with Party B's private key and checks the original MD5 data with Party A's public key.

## Account Preparation

Developers need to prepare the following information.&#x20;

1. Generate a pair of public and private keys, and submit the public key to the platform by creating an application in the background&#x20;
2. Third-party application server IP (optional)

&#x20;The information that the developer needs to save.&#x20;

1. The private key corresponding to the public key submitted to the platform: rsa\_third\_pri .&#x20;
2. The unique identifier of the created application: app\_id. The public key of the application corresponding to the platform: rsa\_saas\_pub.

### RSA public-private key production address

Production rules.&#x20;

Cipher length: 2048&#x20;

Key format: PKCS#8&#x20;

### Interface rules&#x20;

| Transmission method.:    | https                                                                                                       |
| ------------------------ | ----------------------------------------------------------------------------------------------------------- |
| Signature fields:        | All required fields except the sign field need to be involved in the signature                              |
| Response status code is: | 0 means successful processing, non-0 means request error or system exception                                |
| Request address:         | Domain name + interface address                                                                             |
| Encryption algorithm:    | Java encryption and decryption demo ： <https://github.com/exchange-platformApi/platformV2-java-example.git> |

## Interface documentation

&#x20;All the POST requests below need to convert the parameters in the Query object to json strings, encrypt them as data using rsa\_saas\_pub, and sign the data using the rsa\_third\_pri private key.

this is [demo](https://github.com/exchange-platformApi/platformV2-java-example/blob/b62e39e9bc1e4f9e562d82a54c1d0cb6be874fbe/exchange-platform-v2-example/src/main/java/com/chainup/open/exchangeplatformv2example/example/RequestDemo.java#L17)