6ec8d3236d
- Replace TLAS with License Authority throughout documentation - Add Government of Goa emblem/logo (Ashoka Chakra style) - Update frontend branding to match documentation - Add configurable Swagger API link via VITE_API_BASE_URL env var - Fix Docker build for VitePress (git dependency, .dockerignore) - Fix helmet security headers for HTTP deployments - Add CORS support for VM deployment Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
5.0 KiB
5.0 KiB
Solution Architecture
System Overview
┌─────────────────────────────────────────────────────────────────────┐
│ License Authority Platform │
├─────────────────────────────────────────────────────────────────────┤
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ Applicant │ │ Department │ │ Admin │ │
│ │ Portal │ │ Portal │ │ Console │ │
│ └──────┬───────┘ └──────┬───────┘ └──────┬───────┘ │
│ │ │ │ │
│ └─────────────────┼─────────────────┘ │
│ │ │
│ ┌──────▼───────┐ │
│ │ API Gateway │ │
│ │ (NestJS) │ │
│ └──────┬───────┘ │
│ │ │
│ ┌─────────────────┼─────────────────┐ │
│ │ │ │ │
│ ┌──────▼──────┐ ┌──────▼──────┐ ┌──────▼──────┐ │
│ │ PostgreSQL │ │ Hyperledger │ │ External │ │
│ │ Database │ │ Besu │ │ Services │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────────────────────┘
Component Responsibilities
| Component | Function |
|---|---|
| Applicant Portal | Application submission, document upload, status tracking, certificate download |
| Department Portal | Queue management, application review, approval actions, reporting |
| Admin Console | Department onboarding, workflow configuration, system monitoring |
| API Gateway | Authentication, authorization, request routing, rate limiting |
| PostgreSQL | Application data, user accounts, workflow definitions, audit logs |
| Hyperledger Besu | NFT minting, certificate verification, immutable transaction record |
Data Flow: License Issuance
1. Applicant submits application
│
▼
2. System validates documents and routes to workflow
│
▼
3. Officers process through defined approval stages
│
▼
4. Final approval triggers blockchain transaction
│
▼
5. NFT minted with license metadata
│
▼
6. Certificate generated with embedded verification QR
│
▼
7. Applicant notified and certificate available for download
Blockchain Integration
Hyperledger Besu serves as the certificate authority:
- Private network: Government-controlled nodes, no public exposure
- Permissioned access: Only authorized services can mint tokens
- Smart contract: ERC-721 implementation for license NFTs
- Verification API: Public endpoint for certificate validation
NFT Structure
{
"tokenId": "0x...",
"licenseNumber": "GOA/TRADE/2026/00001",
"holder": {
"name": "Applicant Name",
"identifier": "AADHAAR-XXXX"
},
"issuingDepartment": "Department of Trade",
"issueDate": "2026-02-09",
"validUntil": "2027-02-08",
"documentHash": "SHA256:abcd1234..."
}
Security Architecture
| Layer | Controls |
|---|---|
| Network | HTTPS only, WAF, DDoS protection |
| Authentication | JWT tokens, session management, DigiLocker OAuth |
| Authorization | Role-based access control, department isolation |
| Data | Encryption at rest (AES-256), TLS 1.3 in transit |
| Application | Input validation, SQL injection prevention, XSS protection |
| Audit | Immutable logs, tamper detection, compliance reporting |