CVerify

CVerify decentralized the resume. We use DNS and math to turn experience into tamper-proof records. Companies sign your history, you own the proof. No more calls, just instant verification.

Comment 1

CVerify πŸ›‘οΈ

"Don't Trust. Verify."

The Decentralized Protocol for Professional Credential Verification.

Hackathon PHP Crypto OlaCV License

🚨 The Problem: The "LinkedIn Lie"

Resumes are just text files. Anyone can write "Senior Engineer at Google" on a PDF. Recruiters waste thousands of hours validating claims via phone/email, or worseβ€”they blindly trust them.

πŸ’‘ The Solution: CVerify

CVerify is a decentralized, trustless protocol that allows companies to cryptographically sign work experiences. Instead of trusting a platform, we trust Mathematics.

  1. The Anchor: Every company/user owns a Domain Name. We use this as the Root of Trust.
  2. The Signature: Companies sign digital attestations using their Private Key.
  3. The Verification: Anyone can fetch the Public Key from DNS and verify the signature.

✨ New: Native .cv Ecosystem Support

CVerify now includes a complete Registrar module and automatic DNS management for the .cv Top-Level Domain.

πŸ”Œ OlaCV API Integration

We use the OlaCV API to provide a seamless "Infrastructure-as-Code" experience for identity management.

  1. Registrant Portal: A built-in web app to search, purchase, and manage .cv domains directly.
  2. ⚑ AutoDNS: The "Magic Button". When setting up a User or Company profile on a .cv domain, CVerify interacts with the API to automatically configure identity and public key TXT records. No manual copy-pasting required.

πŸš€ Usage & Flow

The system is composed of four integrated portals:

1. Registrant Portal ( The Foundation )

Directory: /registrant

  • Search & Buy: search and register domains (e.g., myname.cv).
  • Manage Config: Create contacts and manage DNS zones.
  • API Power: Built on top of docs.ola.cv/api.

2. User Dashboard ( The Holder )

Directory: /public/user

  • Generate personal RSA keys.
  • Auto-Config: One-click DNS setup for .cv domains.
  • Request validation for experiences from companies.
  • Result: A cv.json file containing signed attestations.

3. Company Portal ( The Issuer )

Directory: /public/company

  • Setup corporate identity.
  • Auto-Config: Instantly publish corporate public keys via API.
  • Receive pending requests and sign legitimate experiences.

4. Verifier Lens ( The Observer )

Directory: /public/verifier

  • A public tool requiring no login.
  • Input a User's Profile URL to verify cryptographic proofs.

πŸ“ Project Structure

cverify/
β”œβ”€β”€ public/                  # Main Application
β”‚   β”œβ”€β”€ src/
β”‚   β”‚   β”œβ”€β”€ OlaCV.php       # ⚑ API Client for AutoDNS
β”‚   β”‚   β”œβ”€β”€ Crypto.php      # RSA Operations
β”‚   β”‚   └── DNS.php         # Verification Logic
β”‚   β”œβ”€β”€ user/               # User Dashboard
β”‚   β”œβ”€β”€ company/            # Company Portal
β”‚   └── verifier/           # Public Verifier
β”‚
β”œβ”€β”€ registrant/              # πŸ†• Domain Registrar Portal
β”‚   β”œβ”€β”€ domains/            # Buy & Search logic
β”‚   β”œβ”€β”€ dns/                # Zone Management
β”‚   β”œβ”€β”€ src/OlaCV.php       # Registrar API Wrapper
β”‚   └── index.php           # Portal Home
β”‚
└── relay-server/            # Backend Signal Server

πŸ“ Project Structure

1. The Algorithms

  • Signing: RSA-2048 (Probabilistic Signature Scheme)
  • Hashing: SHA-256 for document fingerprinting
  • Transport: JSON payloads encoded in Base64

2. The Chain of Trust

  • Key Generation: RSA Keypair generated locally
  • DNS Publication: Public Key published to TXT records
  • Attestation: Company signs the hash of the experience data
  • Verification: Verify(PublicKey, Signature, Hash) = TRUE

πŸ› οΈ Installation

Requirements

  • PHP 8.0 or higher
  • OpenSSL PHP extension
  • Web server (Apache or Nginx)
  • (Optional) OlaCV API Key for .cv domains

🌐 Live Demo & Testing

Try the protocol live on the CVerify network:

  • Main Portal: http://cverify.cv:8080/
  • Test Validation: Use this signed CV URL to test the verifier: http://calimatteo.cv:5000/user/cv.json

Setup

  1. Clone the repository: bash git clone https://github.com/ma13w/cverify.git
  2. Configure data directories as needed for your environment.
  3. (Optional) Configure Registrant API:

πŸ” DNS Configuration

Option A: Automatic (.cv Domains)

If you own a .cv domain, simply click "⚑ Auto Configure DNS" in the Setup page. The system will use the API to inject the necessary TXT records immediately.

Option B: Manual (Standard Domains)

For .com, .org, etc., manually add the following TXT records to your DNS zone:

Type Name Content
TXT @ cverify-id=[YOUR_SHA256_FINGERPRINT]
TXT @ cverify-key-0=[YOUR_RSA_PUBLIC_KEY_CHUNK_1]
TXT @ cverify-key-1=[YOUR_RSA_PUBLIC_KEY_CHUNK_2]

CVerify - Decentralized Professional Attestation
Built with πŸ” by the open source community

Built With

Share this project:

Updates