README
¶
TRISA Envoy
An open source TRISA node for use in Travel Rule information transfers
Complete documentation for Envoy can be found at https://trisa.dev/envoy.
Travel Rule Compliance
If you're looking to deploy Envoy for travel rule compliance purposes, you'll need to start by requesting mTLS certificates to join the TRISA network. Please visit The TRISA Directory for more information about how to register.
Running Envoy Locally
NOTE: Development is happening rapidly on the node right now; if these instructions don't work correctly, please open an issue on GitHub so we can review the docs.
Step 1: Generate localhost self-signed certificates (ensure that you run the script from within the .secret directory):
$ cd .secret
$ ./generate.sh
$ cd..
This will use openssl to create a fake certificate authority (localhost.pem) and certificates for a development server, a development counterparty, and a client. You will need openssl installed on your computer for this command to work and you'll need the execute permission set on the generate.sh script. The secrets are stored in the .secret directory and should not be committed to GitHub.
Prior to step 2 you can optionally set the $GIT_REVISION environment variable to prevent warnings and help you track what version is running in docker compose (but this will only work if you've cloned the repository).
$ export GIT_REVISION=$(git rev-parse --short HEAD)
Step 2: Build the latest version of the envoy node:
$ docker compose build
You will have to have docker installed on your computer with a compatible version of docker compose.
Step 3: Run the services (including Envoy and GDS):
$ docker compose up
Localhost Networking: to ensure that the services can reach other internally to the docker compose network environment, the nodes are launched as envoy.local and counterparty.local respectively. It is likely that if you're developing, you'll have to add these domains to your /etc/hosts file as follows:
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
127.0.0.1 envoy.local
127.0.0.1 counterparty.local
Step 4: Initialize the GDS with data about the localhost network.
$ go run ./cmd/fsi gds:init
Note this requires you to have Go installed on your computer. If you cannot install Go, let us know by creating an issue and we can build a binary for your OS that you can download and run.
Step 5: Create an admin user to login to the localhost with
$ docker compose exec envoy.local envoy createuser -e [email] -r admin
Now open a browser at http://localhost:8000 (or at http://envoy.local:8000 if you have edited your hosts file) and you should be able to access the envoy node with the email and password created in the previous step!
Step 6: Optionally create an admin user to login to the local counterparty with. The counterparty is intended to allow you to have two Envoy nodes to send transfers back and forth to.
$ docker compose exec counterparty.local envoy createuser -e [email] -r admin
You can access the counterparty at http://localhost:9000 or at http://counterparty.local:9000 if you have edited your hosts file.
NOTE: Due to the way cookie domains work with the credentials, you can only be logged into either the envoy development node or the counterparty development node at the same time. It's annoying, but you'll have to login again when switching between nodes unfortunately.
Envoy Implementation Options
| Open Source | One-Time Setup | Managed Service |
|---|---|---|
| Envoy is open source (MIT License). Download, install, integrate, host and support your own Envoy node and service. | The Envoy team will install and configure your Envoy node in your environment while you host, maintain, and support the node on an ongoing basis. | The Envoy team will install, configure, host, maintain, and support an Envoy node for you. Includes dedicated, provenance-aware node with regional deployments. |
If you’d like more information on the one-time integration service or managed services, schedule a demo with the Envoy team!
Envoy Support
| Open Source | One-Time Setup | Managed Service | |
|---|---|---|---|
| Envoy Documentation | ✓ | ✓ | ✓ |
| Access to TRISA Slack Community | ✓ | ✓ | ✓ |
| Training from Envoy Team | ✓ | ✓ | |
| Dedicated Support | ✓ | ||
| Response Time* | Within 5 business days | Within 5 business days | Within 3 business days |
*The Envoy team's business hours are 9AM - 6PM Eastern.
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
envoy
command
|
|
|
fsi
command
FSI stands for "foreign service institute" e.g.
|
FSI stands for "foreign service institute" e.g. |
|
postman
Postman providers helper functionality for managing TRISA and TRP transfers and sorting them and storing them in the database.
|
Postman providers helper functionality for managing TRISA and TRP transfers and sorting them and storing them in the database. |
|
store/txn
Unfortunately, to prevent import cycle, we have to put the transaction interface in a subpackage of store so that store and other packages can import it.
|
Unfortunately, to prevent import cycle, we have to put the transaction interface in a subpackage of store so that store and other packages can import it. |
|
trp
* Package trp implements a JSON web server for the Travel Rule Protocol that was * designed and developed by OpenVASP.
|
* Package trp implements a JSON web server for the Travel Rule Protocol that was * designed and developed by OpenVASP. |
|
web/scene
Scene provides well structured template contexts and functionality for HTML template rendering.
|
Scene provides well structured template contexts and functionality for HTML template rendering. |