I’d like some opinions and insight about the technical merit of an app that my father and I have developed. We call it GigarBox, and it is essentially a document management system using IPFS as a document store.
The app is built for institutions (such as academic institutions) to store records (such as academic transcripts and certificates) and serve access to these records (for instance, to students). We have implemented a version of the app specifically for Academic Institutions which is public at https://academia.gigarbox.com
In the beta implementation, institution admins have accounts in the app which enable them to upload documents to IPFS from a single IPFS client. (In beta, public IPFS net is used)
The most important feature of the app is record ‘authentication’. We essentially want anyone with a document that was stored by a GigarBox institution, to be able to verify that his or her document is genuine. To this end, we do the following:
- The original record is stored on IPFS
- We use its hash to create a QR code, and stamp the record with the QR code image. This creates our GigarBox record
- In the app we provide utility to scan the QR code of a GigarBox record to:
- Determine if the hash corresponds to a record stored by the institution
- Fetch the original record (corresponding to the QR coded hash) from IPFS, and display it to the user to check for identity.
- before QR encoding the IPFS hash of the original document, we do some bit scrambling to make it harder for someone to forge together a GigarBox document
- In the future implementations we would like to move our IPFS store to a private net, with nodes for each institution.
Please check out the following video to see a breakdown of the app implementation in full:
This is my first time building with IPFS, so I’m not aware of all of my blindspots, so to speak. I would greatly appreciate any opinions and insight on the technical merit of this project.