Architecture

TrustOS software is deployed on any Hyperledger Besu based blockchain network (previously Hyperledger Fabric). Support for Ethereum, Polygon, Polygon ZkEvm, Optimism and Arbitrum based networks will be added soon.

Once deployed, an HTTP API is published so that it can be used from any programming language. The API hides much of the complexity of working with a Blockchain, but its direct use still requires low-level knowledge. For that reason, TrustOS also includes some libraries to be consumed by applications and other Smart Contracts. Therefore, TrustOS commands can be invoked from outside Blockchain through its APIs or from other Smart Contracts inside the Blockchain itself.

Since the installation and deployment of TrustOS requires considerable efforts, TrustOS is perfectly designed to allow the majority of business logics and client systems take advantage of its benefits without having knowledge of Hyperledger Besu or any Ethereum virtual machine (EVM) blockchain based network, neither deploying anything, just using simple APIs. Moreover, for those who are deepening into the field, doors will be open to deploy TrustOS software over its own network.

TrustOS also includes some administration features and interfaces that allow the developer community to add new modules to TrustOS.

​

How does it work

The following figure describes a layer-based architecture:

APIs do not speak the Blockchain language (send, validate or verify a transaction, query a block, provision or obtain gas at an address, compile, deploy or execute contracts, manage and safeguard cryptographic material, etc.) but the language a customer understands (create an asset and update its status or position, add account activity, verify an identity, create or transfer a token, etc.).

To register information in public Blockchain networks, the following steps are followed:

• Create a data model related to the information to be registered
• Perform the double hash of the information
• Register the double hash of the information and the identifier of the certificate or asset, along with the timestamp of registration, in a public Blockchain network.

This allows us to guarantee that the information has not been altered (it is immutable), since any change in the original information would generate a different hash and, therefore, a different record in the Blockchain network.

But, how does this work in practice?

When a user is registered in TrustOS, a unique identifier is assigned to him/her in order to identify him/her within TrustOS environments.

When the user wants to register a certificate in Cert API for the first time, a Smart Contract is automatically deployed that will be the repository of the certificates registered by the user. The same happens with assets in Track API.