Blokshare

A Capstone Proposal

presented to the

Faculty of CST 499 at

California State University, Monterey Bay

In Partial Fulfillment

of the Requirements for the Degree

Bachelor of Science

in

Computer Science

by

Jordan Bienz and Miguel Solis

Summer 2021
 ii

Copyright © 2021

by

Jordan Bienz and Miguel Solis

 iii

Executive Summary

Blokshare

by

Jordan Bienz and Miguel Solis

Bachelor's of Science in Computer Science

California State University Monterey Bay, 2021

The purpose of this project is to develop a platform that creates an alternative method for

internet users to share files between them. The main goal of this project is to develop a reliable

method of sharing files that is trusted in maintaining the file’s authenticity and reliability for the

receiving user of the shared file. This will be achieved by designing and implementing

technology that can be used to create a decentralized system that is not owned or controlled by

one entity and is dispersed among many individuals and organizations.

The scope of this project has limited the use case of this platform to the sharing of college

transcripts and degree verifications between students, schools, and organizations. Transferring of

transcripts and sending degree verifications to potential employers has introduced challenges for

current and former students. Blokshare aims at making this process easier on all parties involved

all while maintaining, if not improving, the authenticity and reliability of the current processes

that are used.

 Table of Contents
PAGE

Executive Summary III

Table of Contents IV
Part I 1
Background and Approach 1
Introduction 1
Issue: 2
Solution: Blokshare - decentralized and private file storage 2
Evidence of Need: 3
Project Goals and Objectives 4
Goals 4
Objectives 4
Environmental Scan 5
Stakeholders and Community 6
Approach and Methodology 7
Part II 9
Ethical Considerations 9
Legal Considerations 10
Part III 11
Project Scope 11
Timeline and Budget 11
Milestones 13
Resources Needed 13
Risks and Dependencies 14
Final Deliverables 14
Usability Testing and Evaluation 14
Team Members 15
Appendix A 16
Usability Test Survey 16
 1

Part I
Background and Approach

Introduction

In today's connected world, technology is at everyone’s fingertips. Taking pictures,

sending text messages, visiting social media sites, sending email, and browsing the web are tasks

that people take part in daily with their cell phones and computers. With the growth of

technology comes the increase of security risks and vulnerability for the users of this technology.

Emails, online accounts, and other services are at risk of becoming compromised. Due to recent

breaches of large and trusted institutions, it is becoming more complicated to trust who we think

is on the other side and validate the legitimacy of the different forms of electronic

communication we are receiving. We need a way that we can share forms of electronic

communication, have the ability to validate that what we have received originated from the

person that sent it to us, that we are the intended recipient, and that the data is in its original state

and has not been tampered with. These needs are paving the way for a more decentralized

approach to authentication and file-sharing.

Most file-sharing systems rely on a kind of cloud data storage. With the growth of

technology, cloud storage has become one of the most convenient methods to store data. Cloud

data is typically stored in a centralized manner. Centralized systems also pose a single point of

failure and, most of the time, lead to data unavailability and eventually to collapse the system.

Data is the basic building block for any technological system and should be handled in a

secure way. If this does not happen, then it will lead to insecurities and threats to existing
 2

file-sharing systems. It is essential to provide users with a system that can overcome these

security loopholes in today’s systems.

Issue:

Due to recent events, we’ve seen the need to move more processes into the digital world.

The increase in cybercrime such as data breaches, ransomware, email phishing, and others has

eroded the trust we once had in large centralized institutions. We’ve seen data breaches from

Equifax and Experian, major credit reporting agencies that exposed the personal data of millions

of people. The Solarwinds hack exposed thousands of government agencies and corporations to

hackers with unknown consequences. Also, with centralized systems, there can be a concern

about availability. The user’s access to data that is stored in this method can easily be disrupted

with a distributed denial-of-service (DDoS) attack. This can lead to unavailability and reliability

of data.

For most people, it is common now to receive an email with an important document

attached. At times the process is more involved; we must print, sign, and return. With the

constant threat of phishing, can we trust that we know who is on the other side of electronic

communications? Can we trust that our critical private documents will be available to us at a

moment's notice?

Solution: Blokshare - decentralized and private file storage

Blokshare will help with the reliability and trust of the data being shared between users.

This system aims to create a web application that allows users to share files or information in a

secure and trusted way. This system will perform data validation, and transactions will be

completed against a distributed blockchain technology. Users will be able to share data with
 3

other users. Only those authenticated users can access that particular data by successfully

decrypting the cryptographic hash key stored on the blockchain. With Blokshare, data will be

stored in a decentralized file storage system by replicating it across redundant nodes. This

method helps overcome the potential security risks associated with a traditional cloud data

storage solution.

Evidence of Need:

As the world’s paperwork becomes more digitized, the increased convenience comes at a

risk. The same advances in technology that give us the ability to digitize our world also give bad

actors the opportunity and tools to commit fraud. Scans of paper documents are easy to edit

using tools like Photoshop. Digital or electronic documents can also easily be altered without

anyone being the wiser. For this reason trusted third parties are required to authenticate the

integrity of digital documents. Our project is needed to facilitate the transition to our digitized

world without the cost or hassle of third parties when sharing documents. A great example is the

transcript and degree verification. For a student to transfer credits between schools they must

first get a transcript for the school they are transferring from and send it to the school they are

transferring to. Many times in order to guarantee the authenticity of transcripts schools use a

trusted third party. A similar process is used for credentials/ degree verification. This platform

would facilitate the sharing of transcripts, credentials, as well as provide authentication directly

to other universities, employers, or government agencies.

 4

Project Goals and Objectives

Goals

The goals of this project are to:

● Develop an alternative and decentralized way to share private documents using

blockchain technology.

● Give users peace of mind that the files they are receiving have not been intercepted and

altered during the transfer.

● Remove the “middleman” that is present with the current centralized authentication

systems.

● Allow users to upload and share secure and encrypted documents with other users.

● Only originating users and designated users will have the ability to download and decrypt

the file being shared.

Objectives

● Create a custom distrusted decentralized blockchain.

● Create a simple decentralized file-sharing protocol to store and retrieve files from the

network.

● Develop a simple user interface using React to allow users to upload, review, and store

documents with ease.

● Allow users to grant and revoke permissions to access stored files.

● Allow users to embed digital signatures on documents that require a signature.

 5

Environmental Scan

Filecoin is a similar product to what is defined by this project. Filecoin is a platform by

Protocol Labs that is decentralized and used for data storage. The purpose of Filecoin was to

create an efficient solution for storing data which is based on the IPFS decentralized network.

The IPFS product was also developed by Protocol Labs to substitute the existing HTTP protocol

with a content-addressable peer-to-peer method of storing and sharing hypermedia in a

distributed file system.

The software company Guardtime uses similar technology to secure its data using

blockchain. Instead of observing the traditional centralized system, the company makes use of

blockchain technology and distributes data to different nodes across the system. They have a

range of products including cybersecurity, patient health care record auditing, and supply chain

solutions.

Blokshare will focus on providing a solution that uses blockchain technology that

provides decentralization, transparency, and tamper-evidence. The file-sharing technology will

not be focused on larger file sharing, but instead smaller documents and give the sender and

receiver the ability to electronically sign the shared document. The electronic signature can then

be authenticated if necessary for legitimacy.

 6

Stakeholders and Community

Several stakeholders will benefit from the completion of a product resembling the one

that is being developed in this project. The span of stakeholders that could benefit from a product

such as Blokshare is quite broad. In this project, the scope will be reduced and limited to one

targeted group of stakeholders that would benefit from a particular use case of this type of

technology. They are part of the process for transmission and sharing of college transcripts and

degrees needed by schools that students are trying to transfer their credits to, or for potential

employers that need verification of degrees as a condition of hire. Each of these stakeholders has

a different position, stance, and benefit from what they would gain by using this product directly

or indirectly. These stakeholders include the individuals that could be classified as students,

schools, and companies.

Today students have several ways that they can request the transfer of transcripts. One

way is by picking up officially sealed transcripts from one school and dropping them off at

another. The other method is an electronic request that is completed by accessing a centralized

service. Blokshare would take away any manual process that a student would have to complete

and migrate to a decentralized system that they could rely on. This method of transfer would

decrease the steps needed in the process and would speed up the time that a student normally

must wait for either the sending or receiving of transcripts between schools.

Schools today receive electronic, paper, and in-person requests for official transcript

prints in paper or electronic format that can be received by other schools. Blokshare would allow

for a more streamlined request for transcripts to be received by schools. It would alleviate the

need for paper and the questioning of the reliability of the transcripts that are received. It would
 7

cut down on the cost of materials needed to print and send transcripts to the necessary parties.

The queue of paper transcripts to be entered would change to a new method of validation and

electronic processing of transcripts into the appropriate college systems. This is in replacement

of the task of a person completing data entry that can be prone to errors.

Companies that are potential employers for a student that needs verification of a degree

would also gain benefits from Blokshare and this reliable method of sharing data. The student or

company would not have to struggle with release forms such that the potential employer has the

right to request the verification of the degree. The student would have the ability to easily request

the proof that needs to be shared with the company. Students can be given on-demand access to

their degrees and authorize the automatic sending and transfer to the receiving individual without

the need to reach back to the originating school.

Approach and Methodology

The agile method of development will be used to create Blokshare. Smaller sprints will

allow for a more flexible method for the software development. This will help the development

group focus on smaller milestones of the project and change priorities of the development when

needed.

Blokshare is based on the decentralized concept of blockchain that is typically used in

crypto currency. With the development of Blokshare also comes the growth of knowledge in the

blockchain concepts. This new and expanding knowledge of blockchain technology along with

the iterative agile process will allow the development group to enhance Blokshare by quickly

implementing new concepts as they learn.

 8

There will be different technologies and concepts that will be combined to achieve the

anticipated result of Blokshare. These include the data structure idea of a blockchain built using

the Python programming language. Python will be the primary language of the backend. Python

libraries will be used for different aspects of the project as needed. These include Flask as a

webserver to build a REST API, Pytest used to create automated tests in code, and cryptography

libraries to create public and private keys used by users to secure and access privileged

information. A PubSub network will be established as the form of communication between the

Blokshare nodes to publish additions to the chain and sync the blockchain data at each node.
 9

Part II
Ethical Considerations

In developing Blokshare, one should consider ethical concerns that may arise. Blokshare

will be built as a product using blockchain as the underlying foundation. With the term

blockchain usually comes the thought of cryptocurrency. Cryptocurrencies are a decentralized

system that many individuals associate with the exchange of currency-related illegal activity.

Hackers will use cryptocurrencies as a form of ransom payment against companies and

individuals because it is deemed untraceable and typically cannot be tracked back to the user.

Individuals need not be considered with any illegal activities being associated with Blokshare.

Blokshare is not a system that is designed for the exchange of currencies between individuals or

companies.

Ethical concerns could also include how the implementation of this system would affect

potential users that would be required to use it. The future users of the product could be currently

underprivileged or may be underprivileged in the future. These underprivileged users can be

categorized as individuals that do not have easy access to computers and other electronic

equipment, or have a disability that prevents them from using either. The scope of this project

limits Blokshare to current and former students at colleges. This raises concern about how the

implementation of Blokshare will affect these underprivileged college students. Colleges, being

the sponsor of Blokshare, would be able to come up with solutions to help these underprivileged

individuals. They would provide students a place to access the system on college campuses.

They would also set up a program that college faculty would have the ability to assist individuals

with using and accessing the system as needed.

 10

Legal Considerations

The user privacy-oriented design of the Blokshare file sharing platform guarantees that

the service provider has no visibility of what users store on the network. This key feature of the

platform creates a major legal consideration for Blokshare. Not knowing what users store on the

network means that there is a possibility that users may share illegal content, such as copyrighted

materials, without the platform's knowledge. The intended use of Blokshare is mainly for sharing

documents. Document file sizes are generally small. To mitigate the risk of sharing copyrighted

content, Blokshare will impose a file size limitation. Another deterrent for sharing illegal content

on Blokshare is the blockchain's inherent transparency. It would be simple to determine what

users have access to specific files.

The electronic signature feature of Blokshare poses another legal consideration.

Blokshare must take proper steps before and after the signing process in accordance with the

ESign Act of 2000 (Electronic Signatures in Global and National Commerce Act, n.d.) and other

such electronic signature laws. Such actions include acquiring user consent to use electronic

signatures and providing all signers with copies of signed documents. These requirements are

crucial to guarantee the validity of the platform's electronic signatures under law.

Blokshare must also consider the handling of private information protected by law, such

as with the use case of sharing college transcripts. The FERPA (Family Educational Rights and

Privacy Act (FERPA), n.d.) act protects the privacy of educational information. The FERPA act

limits who can access educational records and for what reasons with and without the parent and

eligible student consent. The individual users of Blokshare grant and revoke access to shared
 11

documents. There may be a need to add the option to limit the number of times a user can access

a shared document.
 12

Part III
Project Scope

Timeline and Budget

This project will be developed using the agile software development methodology. It will

consist of five seven-day sprints. As shown below (Figure 1) each sprint encompasses

fundamental components of the platform. Using the iterative agile process at the completion of

each sprint there will be a working prototype of Blokshare. This project has no budget but very

limited time constraints. The development can not exceed the deadline of July 29th. This

deadline is imposed to guarantee the development team adequate time to complete the project

report and presentation.

Figure 1. Project Timeline

To make sure we adhere to the timeline we are using the Jira project management

software. Jira is an agile project management platform that allows the team to easily visualize the

progress and identify potential risks to the timely completion of the project.
 13

Figure 2. Jira Project Roadmap

Each developer can start a task and post status updates on the task as work progresses.

Upon completion of a task the developer can simply start a new task from the backlog. Tasks on

the backlog are organized by sprint, allowing the developers to focus on only the tasks relevant

to the current sprint. Additional features improvements that are out of scope will be added to the

backlog and added to future sprints if time permits

Figure 3. Jira Sprint 1 Backlog

 14

Milestones

The major milestones for this project (Figure 4) correspond with the completion of key

components of the platform. Each milestone will add functionality and features to the platform.

Although there will be constant communication throughout the development process, the team

will meet after reaching a milestone. At the meeting, the working prototype will be tested and

reviewed. This will help the team align before moving forward to the next part of the project.

Figure 4. Project Milestones

Resources Needed

Due to this being a software development project limited resources will be required.

Equipment requirements include computers for each team member to program on, which are

provided by the team members themselves. Third-party services such as AWS or similar cloud

computing services may be required to host nodes for testing purposes. The third-party service

requirement may be bypassed by the use of local container-based virtualization such as Docker

to host nodes for testing purposes.

 15

Risks and Dependencies

The major risks that can affect the timely completion of this project are the development

team’s lack of experience regarding blockchain technology and their individual work schedules.

Both developers are not just students but are also employed full-time. A sudden and unexpected

change in work schedules could negatively impact the availability of developers. This risk will

be mitigated with the proper scheduling of time to complete assigned tasks. If a work schedule

problem does occur the developer will inform the team and plan accordingly.

The first milestone, completing the custom blockchain implementation, has no

dependencies. However, it is the backbone of the authentication feature of the application and

has a finish to start dependency with the second milestone. The second milestone also has a

finish to start dependency with the third milestone. File sharing is another key feature of

Blokshare and must be completed before work starts on the user interface. The last two

milestones, the permissions service, and digital signatures service are not must-have features of

the platform. Although the plan is to develop them in a specific order, they are both finish to start

dependent on the completion of the user interface.

Final Deliverables

The final deliverables for this project are the source code for Blokshare. This will include

the blockchain, file system, and web application. We will also include access to the working

prototype of the Blokshare platform. Sample accounts with sample files will be created for

testing purposes.
 16

Usability Testing and Evaluation

Using the agile methodology there will be continuous testing of the platform throughout

the development process. As stated before, there will also be usability testing by the developers

after reaching key milestones in the project. After the fourth sprint, the product should be ready

for a usability test. This test will be conducted by the developers, fellow students, family

members, and friends. The usability testing will be conducted online. A document with

instructions on tasks to be completed will be provided to the participants. For privacy reasons,

participants will be provided with a testing account and sample files to upload to the platform.

During the tests, developers will be available both via slack or zoom to answer questions if

needed.

After the tests have been completed the participants will be sent a Google Forms survey

to complete (Appendix A). Participation in the survey, like the usability test, will be voluntary.

Survey responses will be anonymous and used to gauge the direction of the project in the final

sprint. Addressing issues identified during the usability test may be prioritized over the final

feature development.

Team Members

The team consists of two developers Jordan Bienz and Miguel Solis. The division of

labor for the project is not set in stone. Both will be a part of the development process, testing,

subsequent project documentation, and presentation. All project tasks will be posted to the Jira

project management system. Roles and responsibilities will vary depending on the specifics of

the individual tasks and can be impacted by the outcome of the sprints.>>
 17

References

Conway, Luke. “Blockchain Explained.” Investopedia, Investopedia,

www.investopedia.com/terms/b/blockchain.asp.

Electronic Signatures in Global and National Commerce Act. (n.d.).

https://www.govinfo.gov/content/pkg/PLAW-106publ229/pdf/PLAW-106publ229.pdf

Family Educational Rights and Privacy Act (FERPA). (n.d.).

https://studentprivacy.ed.gov/node/548/

“Guardtime: the World's Largest Blockchain Company: Digital Insurance Agenda: Accelerate

Innovation in Insurance.” DIA,

www.digitalinsuranceagenda.com/featured-insurtechs/guardtime-the-worlds-largest-block

chain-company/.

“How Filecoin Works.” Filecoin Docs, 23 Mar. 2021,

docs.filecoin.io/about-filecoin/how-filecoin-works/.
 18

Appendix A
Usability Test Survey
Link to google forms: https://forms.gle/bPDrnyEMRrgafAPa6
19