Security and communication
Welcome to security and communication knowledge base
We’re thrilled that you show interests to this article. We’re here to assist you in order to understand how the application handle security and why it is important.
How private key are handled in Business Central
This application handle the access of your company crypto assets through Business Central. Security and access regarding this information is critical.
A blockchains accounts can hold valuables assets and the private key is ultimately the only information needed in order to transfer the funds away. This is comparable to a bank account password, including 2FA.
Functional Security
1. The minimal permission required to access a private key is direct Write, on Blockchain
Account table. Additionally we recommend to limit private key access to :
« Super USer Only » or « Super User + Created By User only »
This option is available under Blockchain General Setup. The access from API is disabled by default.
2. Billing blockchain address on sales documents shall be locked to prevent any fraud with customer payment. When this option is enabled, either the default blockchain address or a new generated address is affected on sales document and can’t be changed.
3. If a granted user open a private key, the application will alway open a consent form first
Any user accepting the consent form will be logged in the « Blockchain Private Key Access Log » for audit purpose.
5. Blockchain account can not be removed when the private key is verified. This control avoid lost of any received assets.
Instead of removing unused account, the “Archive” function put the account out of the updating job and regular view, to reduce the system workload.
Technical Security
1. Private keys are stored encrypted in the Business Central Database. Third party code can not read clear Private Keys, neither database administrators or debugger.
2. Manualy importing private key for a new account alway verify it and encrypt it.
3. Private Keys are never shared with Blockchain Node providers. Transactions are
sent one-way signed.
4. The system use checksum to detect if a record was modified outside of the application, in order to prevent any corruption or modification tentative outside of Business Central.
5. Emergency backup : blockchains accounts with verified private key are saved in a
backup table in case of accident, and can be restored.
Application Communications Flows
The application communicate with bellow services. The communication is alway initiated by Business Central (top arrows). It does not need to open any specific incoming port.
Optionally, an API can be published in Business Central. There is usecase when you need to interface with third party applications such as an e-shop (bottom arrows).
- For Onpremise installation, this need to open incoming port related to your service configuration
- For Cloud instance, this need to configure OAuth 2.0 and app regisration. Read Microsoft Article : Using OAuth to authenticate Business Central web services
Blockchain Node (“Remote Procedure Call”, Rest API)
- Use Https port (443)
- Provided by company/association hosting public Blockchain Node
- No private information are shared with blockchain nodes
- fetch updates regarding balance, incoming transactions, tokens
- Retrieve the network busy state and fee level
- Submit a transaction to the blockchain network (already signed, without sharing private key)
- Retrieve whether a transaction suceed
Azure Function (.NET Proxy, Rest API)
- Use Https Port (443)
- Hosted by Microsoft (run isolated and without log in Azure Function)
- Simple math proxy for unsupported cryptography computation in Business Central
- Http parameters and return values are encrypted, on top of Https
- Randomly generate new account and verify key pairs
- Sign raw transaction data, before its submited to the blockchain
Exchange Rate provider (public Rest API)
- Provided by CoinGecko or CoinMarketCap
- Use Https Port (443)
- Get simple crypto currency exchange rate in local company currency
Optional API for third party App
- Can be published in Business Central
- Use Https port on Cloud, depend OnPremise configuration
- Require Business Central Authentication
- OAuth2 for Cloud instance
- Windows NTLM or Basic for OnPremise instance
- Private Key sharing is disabled by default