This innovative system is built using blockchain technology that provides a more secure and efficient method of storing information within the company.. Furthermore, blockchain technolog
Types of employee attendance tracking system
Manual system
Manual attendance requires employees to record their own attendance Here are some examples of manual attendance systems:
This system requires employees to note their arrival and departure times on a physical attendance sheet They must also include their name, arrival time and signature
In the analog system, each employee has an attendance card to record her attendance Because employees need to keep track of their arrivals, this system is similar to attendance booking
There are some advantages and disadvantages for above methods
• Cost-effective: Some manual systems are relatively inexpensive to implement
• More reliable: Manual systems operated by people are less likely to experience unexpected errors than computerized systems
• No unexpected errors: the system is operated by people Unlike computers, it will not have system errors or require electricity to work
• Accuracy issues: Manual systems are prone to errors when employees record their own attendance
• Time-consuming: Manual systems require more time to manage than digital systems
Digital Attendance Systems
Digital attendance systems are becoming increasingly popular in many organizations due to their perceived security and difficulty in sabotaging These systems are designed to ensure that employees check in and out of work in a timely and accurate manner There are several types of digital attendance systems available today, including:
As the name suggests, this attendance system requires employees to use their fingerprints to check in and out of work This type of system is considered to be one of the most secure, as fingerprints are unique and difficult to replicate However, the system may not work if an employee's fingers are wet or dirty
Facial recognition technology is more difficult to implement than the fingerprint system It uses facial recognition features to determine the identity of the employee This system is considered to be highly accurate but may not work if the employee's face is obscured or if the lighting is poor
This type of system only requires employees to enter a password to check in and out of work This method is less secure than the fingerprint and facial recognition systems, as passwords can be easily forgotten or shared
With this system, employees must log in to a website to check in and out of work They need to navigate to the website, enter their personal username and password, and then check in This system is highly convenient, but it requires employees to have access to the internet at all times
Each employee is provided with a magnetic card, which they use to check in and out of work This method is considered to be one of the most convenient, as employees only need to swipe their card on the machine However, the cards can be easily lost or stolen
While the use of these digital attendance systems can bring many benefits, it also has some drawbacks
• Cost: Companies may have to pay upfront expenses to purchase the necessary devices for the system For example, they may need to buy fingerprint detector machines, face recognition machines, or magnetic cards for employees
• Security: The information stored in the database could be changed or manipulated by people who have access to it If a person with the right to access the database is a cheater, they could manipulate the data for their own gain or for the benefit of others who pay them
• Accuracy: The system is designed to work according to the logic of the code, so it rarely updates incorrect information
• Timesaving: The computer can handle requests very quickly, so the checking time is not too long for each employee This can be a huge time-saver for companies with many employees
Overall, digital attendance systems have become an essential part of many organizations By choosing the right system and implementing it effectively, companies can ensure that their employees are working efficiently and productively while also maintaining the highest levels of security
Alternative solution
Assumption
To be more specific, our system has certain assumptions for companies that use it
Firstly, we offer flexible working hours, allowing individuals to come to the company at any time during the day to work This way, employees can work around their schedule, resulting in better productivity and job satisfaction
Secondly, our system has a unique way of calculating work hours If an employee works for less than 4 hours, it will be marked as a "0" work day However, if they work between 4-8 hours, it will be marked as a "0.5" work day If an employee works more than 8 hours, their work day will be marked as "1" and the extra hours will be added to their total working time for that day, minus the 9-hour standard work day This system ensures that every minute of an employee's work is accounted for, without any discrepancies
Lastly, our system checks for intervals from 9 a.m to 9 p.m each day This means that the total extra hours an employee can work each day is not over 4 hours This ensures that employees are not overworked, which can lead to burnout and decreased job satisfaction
Overall, our system is designed to provide convenience, accuracy, and fairness to both the employers and the employees.
Solution
In order to maintain the advantages of using a digital system while also preventing unauthorized updates to the database, we will be implementing blockchain technology This will allow us to secure the data and ensure its integrity
In order to implement the scan system, we will be using QR codes to identify employees These codes can be provided as physical cards or as links to images The data will be stored in a database, but with the addition of a hash field This hash serves as a signature generated by the operator using the data in the database If anyone attempts to update the data, an inconsistency error will arise because the hash will no longer match the data
At the end of each day, the data in the database will be synchronized with the data in the smart contract This will ensure that every change made to the data is public and immutable The function to call for updates to the data will be limited to the operator, preventing unauthorized individuals from making any changes to the Smart contract Overall, this implementation of blockchain technology will provide an added layer of security and integrity to our system, ensuring that all data is accurate and reliable.
THEORY CONCEPT OF THE TECHNOLOGY 19
Brief introduction of blockchain technology
In 1911, two scientists, Stuart Haber and W Scott Stornetta, first conceptualized a technology that would be based on the idea of a chain of blocks using the concept of cryptography The idea was to create an architecture that could not be altered or retroactively time-stamped This idea laid the foundation for what we now call blockchain technology [1]
To enhance the efficiency of the blockchain technology, Merkle Trees were integrated into the design in 1992 The term "chain" in "blockchain" refers to the collection of several documents into a single block, which is then secured by the Merkle Tree This tree structure keeps a number of data records, each linked to the one before it, thus establishing a "safe chain of blocks." All the chain's history is recorded in the latest document in this chain
Then, in 2008, Satoshi Nakamoto developed the principle of distributed blockchains
He enhanced the performance of this system in a unique way that utilized a peer-to-peer network to verify a transaction instead of requiring credible parties to sign This
20 innovation revolutionized the blockchain technology and paved the way for the development of numerous blockchain-based applications that we see today.
Structure of the blockchain
Every node in the blockchain network stores data inside the block, including its own unique hash code This hash code is essential to the structure of the blockchain, as it ensures the integrity and consistency of the entire network Furthermore, each hash code points to the previous block in the chain, creating an unbreakable chain of blocks that are linked together in a secure and tamper-proof way The hash code serves as a digital fingerprint that uniquely identifies each block, making it virtually impossible to alter any data contained within the blockchain without leaving a trace [2] In this way, the blockchain ensures that all data stored within the network is secure, transparent, and immutable, making it an ideal solution for a wide range of applications, from finance to supply chain management and beyond
● Data: In blockchain technology, data is stored inside individual blocks which can represent the record of a transaction or simply the balance of an account The type of data stored in a block can vary depending on the blockchain type For instance, in the Ethereum chain network, a block contains a transaction with detailed information about the sender, the amount of coins being transferred and the receiver This information is then verified and recorded by the network's nodes to ensure its accuracy and transparency Additionally, data can be stored
21 on the blockchain in various formats such as text, images, audio and video This allows for a wide range of applications, from digital identity management to supply chain tracking, to be built on top of the blockchain technology Therefore, it is safe to say that data is the backbone of the blockchain and the key to its success and widespread adoption
● Hash: This field is unique for each block because it changes based on the content of data in the block through a hashing technique called sha256 This technique provides a secure way to maintain the integrity of the data in the blockchain network The hash code is generated by taking the data block and running it through the sha256 algorithm If any component in the data block is changed, it will result in a different hash code, which will change the structure of the chain of the block This means that any tampering with the data in a block will be instantly detectable as it will cause a mismatch between the hash code of the original data and the changed data This makes the blockchain network a secure and trustworthy way to store and transfer data
● Previous Block Hash: The hash of the previous block is a crucial component of blockchain technology It serves as a form of security guard for the blockchain, ensuring the traceability and connection between each block In other words, it acts as a checkpoint, verifying that each transaction in the blockchain is legitimate and valid If this hash does not match with the hash of the previous block, it will result in the rejection of the transaction made by blockchain This mechanism is what makes blockchain technology so secure and reliable, as it prevents any fraudulent or unauthorized activity from taking place It is because of this feature that blockchain technology has become increasingly popular in recent years, as it provides a safe and trustworthy way to conduct transactions and store data The importance of the previous block hash cannot be overstated, as it is the foundation upon which the entire blockchain is built
In a blockchain, each component in the chain, also called a block, has its own unique hash code and the previous block hash This way, the previous hash of the current block points to the previous block For example, suppose we have block number three with the hash 9L4Z1 This block points to the second block with a matching hash code of 8Y5C9 Similarly, the second block points to the first block However, the first block does not have a previous block to point to, as it is the first block in the chain
This block is called the genesis block
It is important to note that if any component in the chain modifies the content of its block, all subsequent blocks in the chain will be affected This is because changing the content of the block leads to the changing of its hash Consequently, the current block can no longer link to the previous block as their hashes will not match This makes all subsequent blocks invalid and disrupts the integrity of the entire chain.
Properties of blockchain
The concept of unchangeable data in a block is a key feature that helps maintain the transparency of the blockchain network Once a block is added to the chain, the data within it becomes immutable and cannot be altered This ensures that the integrity of the data is preserved and makes the blockchain network resistant to tampering and fraud [3]
When compared to traditional techniques, such as the banking system, where data is stored on servers controlled by centralized authorities, the blockchain network operates in a decentralized manner Transactions on the blockchain network are processed through a network of nodes
Each node in the network maintains a copy of the digital ledger In order to execute a new transaction or add a transaction to the blockchain network, each node must validate the transaction If the majority of nodes in the network accept the transaction request, it is added to the ledger as a valid transaction
The consensus mechanism ensures that it is practically impossible to add a new transaction to the blockchain network without the consent of many nodes Therefore, once a transaction has been added to the ledger, it becomes an immutable part of the blockchain network and cannot be modified retroactively
Figure 2.5 Centralized and Decentralized Banking System [5]
In summary, the blockchain network's transparency and immutability are ensured by the unchangeable nature of the data in each block The decentralized architecture of the network, coupled with the consensus mechanism, makes it a secure and tamper-proof system
The decentralized nature of the blockchain network is one of its most significant advantages It guarantees that information within the network cannot be tampered with by a single governing individual or group of people in charge of the framework Instead, a group of nodes connected in a chain maintains the network, making it decentralized This means that the network is not subject to control by any centralized authority, which significantly increases its security and transparency
The decentralization of blockchain technology plays a crucial role in ensuring that transactions within the network are transparent and secure Since the system does not require any government agency, we can access it directly through the internet and store our assets there This not only provides us with a secure and transparent way of storing our assets but also eliminates the need for intermediaries, thereby reducing cost and increasing efficiency.
One of the most remarkable features of the blockchain network is its ability to store different types of data, ranging from documents to digital assets such as cryptocurrency or NFTs, and even virtual real estate The blockchain technology provides a secure and tamper-proof way of storing data, ensuring that it cannot be tampered with or corrupted by any centralized authority or malicious actor
Figure 2.6 Centralized and Decentralized System [6]
When accessing the blockchain system, users can use their private key to authenticate their identity The decentralized structure of the blockchain network is user-friendly and makes it easy for the common person to access the system Additionally, it ensures that users have complete control over their assets and can access them whenever needed This feature is particularly beneficial for people who live in countries with unstable governments or a high degree of corruption, as it provides a secure and reliable way to store their assets and protect them from being seized by the government or other malicious actors
In conclusion, the decentralized nature of the blockchain network is a crucial feature that provides security and transparency to transactions within the network It eliminates the need for intermediaries, reduces cost, and increases efficiency Furthermore, it is user-friendly and provides people with complete control over their assets, making it an attractive option for individuals living in countries with unstable governments or high levels of corruption
The blockchain's decentralized structure is a key feature that ensures high levels of security for the data stored within the block With no central authority in control, any changes to the data would require the agreement of all parties involved, making it almost impossible to modify the content of the block without detection Additionally, the use of complex encryption algorithms provides an additional layer of security that makes it incredibly difficult for hackers to breach the system
To understand how the encryption works, think of it as a complex mathematical algorithm that turns input data into a unique fixed-length string of characters For example, the sha256 algorithm produces a hash string of 256 characters in length that serves as a unique identifier for any piece of data on the blockchain Every block in the ledger has its own unique hash and stores the hash of the previous block, creating a secure and tamper-proof chain that is virtually impossible to manipulate
This unchangeable nature of the blockchain makes it an ideal tool for secure data storage and transfer Its decentralized nature and cryptographic techniques ensure that data remains secure and tamper-proof, making it an ideal solution for industries such as
26 finance, healthcare, and supply chain management In fact, the blockchain's versatility and security features have made it one of the most popular technologies in the world, with many companies and organizations exploring its potential applications in various fields such as logistics, real estate, and even voting systems.ional layer of security for the system that makes it incredibly difficult to hack
A public ledger is a transparent database that can provide all the details about a transaction and the parties involved This means that everything is visible and there is nowhere to hide However, in some cases, a private or federated blockchain can be justified Even then, many people can still see what actually occurs in the ledger
Ethereum network
These networks serve the purpose of transferring funds between different parties and storing data It is important to note that there are several Ethereum networks available, such as Optimism (OP) and Litentry (LIT) However, there exists one main Ethereum network that is universally utilized for deploying production applications Nonetheless, there are numerous alternative Ethereum networks in existence
The Ethereum network has gained significant popularity worldwide due to its exceptional features It provides a high level of security, transparency, and decentralization, making it an ideal solution for various applications
A notable advantage of the Ethereum network is its capability to facilitate smart contracts These contracts are self-executing agreements in which the terms are directly written into code They automatically enforce the contract rules and execute the terms
30 once all involved parties fulfill their obligations This eliminates the need for intermediaries like banks or lawyers, resulting in time and cost savings
Moreover, the Ethereum network enables the creation of decentralized applications (Dapps) These applications operate on a decentralized network and are not controlled by any single entity Consequently, the data and transactions performed on these applications are transparent and secure, devoid of manipulation or control by a central authority
Additionally, the Ethereum network supports the creation and management of tokens Tokens based on Ethereum, such as ERC-20 tokens, are widely utilized in the cryptocurrency realm to represent digital currencies or assets on the blockchain These tokens can be easily created and managed on the Ethereum network, providing a secure and straightforward method of representing real-world assets on the blockchain
In conclusion, the Ethereum network is a powerful and flexible blockchain solution that offers numerous advantages for businesses, developers, and individuals Its capacity to facilitate smart contracts, decentralized applications, and token creation has made it an indispensable tool for those interested in exploring the potential of blockchain technology.
Smart contract
Smart contracts are computer programs that reside on a blockchain and are designed to automatically execute when specific pre-established conditions are met These contracts aim to streamline the execution of agreements, providing immediate certainty to all
31 participants without the need for intermediaries or time-consuming processes They can also automate workflows by triggering subsequent actions when certain conditions are fulfilled
A notable advantage of smart contracts is their ability to accommodate a wide range of stipulations necessary to ensure satisfactory completion of tasks Participants must agree on how transactions and their associated data are represented on the blockchain, as well as establish "if/when then " rules that govern these transactions They need to thoroughly explore potential exceptions and establish a framework for resolving disputes
In essence, smart contracts offer enhanced flexibility, transparency, and efficiency in business transactions Developers can create these contracts, or organizations utilizing blockchain for business purposes can provide templates, web interfaces, and other online tools to simplify the process of structuring smart contracts As a result, smart contracts have the potential to revolutionize the execution and management of business agreements
A contract account is composed of several components that enable it to function as intended The first component is its balance, which records the amount of ether controlled by the account This is like the balance of regular accounts, but it is specific to the contract account
The second component is storage, which can be thought of as a tiny cubby where data related to the contract can be stored This data can take different forms, such as numbers, strings, and arrays, depending on the requirements of the application being developed
In addition, a contract account is equipped with code This code contains all the raw machine code necessary for the contract to operate as intended By storing the code and instructions with the contract account, it is always aware of its function and the tasks it needs to perform
Overall, these components work together to ensure that the contract account can perform its intended function in an efficient and effective manner
RELATED RESEARCH 33
Attendance Checking System Using Quick Response Code for Students at the
The article "Attendance Checking System Using Quick Response Code for Students at the University of Sulaimaniyah" by Miran Baban, Bahroz J Mohammed, and Shukri Shafee discusses the implementation of an attendance tracking system using QR codes at the University of Sulaimaniyah in Iraq The system was designed to eliminate the drawbacks of traditional attendance systems, such as roll call, and improve efficiency in tracking attendance records
The study was conducted using a mixed-methods approach that included a survey of students and a case study of the attendance tracking system The survey aimed to evaluate students' attitudes towards the new system, while the case study analyzed the effectiveness of the system in terms of accuracy, efficiency, and usability
The results of the survey showed that the majority of students had a positive attitude towards the new system and found it to be an improvement over traditional attendance method However, some students expressed concerns about potential technical difficulties with the system and the possibility of cheating by sharing QR codes
The case study revealed that the attendance tracking system was highly effective in terms of accuracy, efficiency, and usability The system had a high level of accuracy, with attendance records being recorded in real-time, and was highly efficient in terms of time and resource utilization Additionally, the system was found to be user-friendly and easy to operate, with a simple interface for students to scan QR codes and view their attendance records
Overall, the authors conclude that the implementation of an attendance tracking system using QR codes can provide significant benefits for universities and students The system can eliminate the drawbacks of traditional attendance methods and improve efficiency in tracking attendance records Additionally, the system can provide real-
34 time attendance data to instructors, allowing them to monitor student attendance and identify potential issues early on
The study has several limitations, including the relatively small sample size of the survey and the single case study design Additionally, the study was conducted at a single university, limiting the generalizability of the findings to other institutions Future research could address these limitations by conducting larger-scale surveys and case studies at multiple universities to evaluate the effectiveness and usability of attendance tracking systems using QR codes
In conclusion, the implementation of an attendance tracking system using QR codes can provide significant benefits for universities and students, including improved accuracy, efficiency, and usability While the system may have some technical and security concerns, the authors suggest that these issues can be addressed through appropriate measures, such as system updates and security protocols Overall, the study provides valuable insights into the potential benefits of implementing attendance tracking systems using QR codes in higher education institutions.
Blockchain for Cybersecurity and Privacy: Architectures, Challenges
The use of blockchain technology can significantly improve security in various applications, including cybersecurity As discussed in the book "Cybersecurity with Blockchain" by Shipra Sharma, blockchain technology provides several key features that enhance security and protect against cyber threats
One of the main advantages of using blockchain technology for cybersecurity is its decentralized nature Unlike traditional centralized systems, where data is stored in a single location, blockchain technology distributes data across a network of nodes This makes it difficult for cyber attackers to target a single point of failure, as the data is replicated across the network
Additionally, blockchain technology uses cryptographic techniques to secure data and prevent tampering Each block in the blockchain contains a unique cryptographic hash, which ensures that the data in the block is immutable and cannot be altered
35 without detection This makes it difficult for cyber attackers to modify or delete data on the blockchain without being detected
Another important feature of blockchain technology is smart contracts, which are self- executing contracts that can automate the enforcement of rules and regulations Smart contracts can be used to enforce cybersecurity policies and protocols, such as access control, authentication, and encryption, without the need for human intervention This can significantly reduce the risk of human error and improve the efficiency and effectiveness of cybersecurity measures [7]
Furthermore, blockchain technology can enable secure and private communication channels between parties By using encrypted communication channels on the blockchain, data can be transmitted securely without the need for intermediaries or trusted third parties This can reduce the risk of data breaches and cyber-attacks that can occur when data is transmitted over unsecured channels
Overall, the use of blockchain technology can significantly enhance security in various applications, including cybersecurity By leveraging the decentralized, immutable, and secure nature of blockchain technology, organizations can improve the resilience of their cybersecurity systems and protect against cyber threats [8]
TECHNICAL USAGE 36 4.1 Private blockchain
Advantages
Private blockchains offer certain advantages compared to public ones:
● Private blockchains can be customized to meet the specific business needs of an organization This is because there are fewer nodes in the network, which allows for greater flexibility in terms of network design and management
● In addition, because private blockchains operate on a smaller network, there is the potential for greater throughput This means that transactions can be processed more quickly and efficiently, which can be particularly beneficial for organizations that need to process large volumes of data in a short amount of time
● Furthermore, there is no cost associated with placing blocks on private blockchains that are owned and governed by an organization This can be an attractive feature for organizations that are looking to reduce costs and streamline their operations.
Disadvantages
On the one hand, private blockchains offer several benefits, as outlined below:
● Customization: Private blockchains can be customized according to the business needs of the organization as there are fewer nodes in the network
● A smaller network so potentially more throughput can occur
● No cost to place blocks on private blockchains owned and governed by an organization Savings: One of the key advantages of private blockchains is that there is no cost to place blocks on the blockchain This is because private blockchains are owned and governed by the organization, meaning there are no third-party fees or charges to worry about.
Private blockchain use cases
Private blockchains have a myriad of use cases, which makes them a valuable tool for businesses One of the most vital use cases of private blockchains is central bank digital currencies (CBDCs) CBDCs are the digital form of a country's fiat currency and are believed to be the future of transactions As a result, several central banks worldwide are currently developing their own CBDCs, and many of them have been built on permission (private) blockchains
Apart from CBDCs, private blockchains can revolutionize other industries as well For example, the shipping process, which is currently paper-intensive and prone to frequent (and costly) errors, can be improved by using private blockchains Such a blockchain can enable businesses to manage data about shipments made, resulting in improved sales efficiency
Moreover, private blockchains can provide businesses with better visibility into their supply chains, highlighting gaps and reducing waste and spoilage This increased
38 visibility can enhance the overall efficiency of the supply chain by streamlining processes and reducing waste
Furthermore, private blockchains can ensure that disclosures are limited to process- specific employees, which can maintain confidentiality and prevent data breaches This is particularly important for businesses that deal with sensitive information
Private blockchains are versatile tools that can transform the way businesses operate While CBDCs are a significant use case, there are many other ways in which private blockchains can benefit businesses, from improving sales efficiency to reducing waste and spoilage in the supply chain
One example of a company that uses blockchain technology is DHL, a shipping giant
By keeping a digital record of its shipments, DHL is able to maintain the integrity of its transactions However, the utility of blockchain technology goes beyond just secure transactions It also allows for instant data sharing across all network participants, which greatly improves supply chain efficiency
As a result, private blockchains are becoming increasingly popular across various industries, including retail, healthcare, insurance, financial services, and even government These blockchains offer robust, fast, highly secure, and scalable enterprise database services that can greatly benefit businesses in any of these industries
One particularly promising use case for private blockchains is in the development of central bank digital currencies (CBDCs) CBDCs are digital versions of a country's fiat currency and are seen by many as the future of transactions The benefits of CBDCs are numerous, including faster and cheaper transactions, greater financial inclusion, and the ability to monitor and manage money supply more effectively As such, several central banks across the world are actively working on their own CBDCs, many of which are being built on permission (private) blockchains This is a testament to the potential that private blockchains have to revolutionize the way we conduct financial transactions and manage our economies
In addition to CBDCs, there are many other use cases for private blockchains as well For example, the shipping process is currently paper-intensive and prone to frequent
(and costly) errors A private blockchain can allow businesses to manage data about shipments made, improving sales efficiency This not only reduces the likelihood of errors but also provides a more comprehensive and accurate overview of the shipping process
Private blockchains also provide businesses with better visibility into their supply chains, highlighting gaps and reducing waste and spoilage By keeping a record of every transaction made, businesses can easily trace the source of any issues and address them accordingly Furthermore, private blockchains can limit access to certain information, ensuring that such disclosures are only available to process-specific employees
For example, shipping giant DHL uses blockchain technology to keep a digital record of its shipments This helps protect the integrity of transactions and ensures that the shipment information is secure and tamper-proof Blockchain can also help them share data instantly with all network participants, who can then work together to predict and improve supply chain efficiency [5]
Therefore, private blockchains can be used by businesses in various industries such as retail, healthcare, insurance, financial services, and even government They provide robust, fast, extremely secure, and scalable enterprise database services that can help businesses operate more efficiently and transparently With the potential to improve everything from supply chains to financial transactions, it's no wonder that private blockchains are becoming increasingly popular among businesses of all sizes and industries.
Examples of private blockchain services
Ethereum, the underlying blockchain of ETH, has been the go-to platform for developers and businesses alike to create decentralized applications In addition to its public blockchain, Ethereum also offers a private blockchain known as Enterprise Ethereum, which provides businesses with a higher level of security and privacy With Enterprise Ethereum, companies can create their own private chains based on Ethereum's public mainnet and have complete control over who can access it Other companies such as IBM, Hyperledger, R3 Corda, and Tezos have also entered the
40 private blockchain market, offering their own unique features and services to businesses
One such example is Hyperledger Fabric, which is a blockchain framework that provides developers with identity management and access control capabilities Its unique features make it the perfect solution for companies dealing with supply chain traceability, loyalty and rewards, liquidation and liquidation of financial assets, and more
In fact, Walmart has already implemented a private blockchain system based on Hyperledger Fabric As an open-source framework developed by The Linux Foundation, Hyperledger Fabric is a permissioned blockchain that allows Walmart to trace the origin of its products Suppliers upload certificates of authenticity to the ledger, and this allows the company to trace the origin of its products in seconds instead of days With this technology, Walmart can ensure the authenticity of its products and protect its customers from counterfeit goods.
Backend
Our application platform is built using NestJS on the BE side This framework allows us to easily incorporate features and functionality while maintaining a streamlined codebase To ensure scalability and flexibility, we have implemented the microservice architecture pattern This allows us to break down our application into smaller, independent services that can be developed and deployed separately By doing so, we are able to optimize our resources and enhance the overall performance of the application Additionally, we have implemented various best practices and coding standards to ensure high quality and maintainability of our codebase These practices include automated testing, continuous integration and deployment, and code reviews by experienced developers
Nest (NestJS) is a versatile and powerful framework that is designed specifically to build efficient and scalable server-side Node.js applications It is one of the most popular Node.js frameworks and is widely used by developers all over the world The framework uses progressive JavaScript and is built with and fully supports TypeScript, which provides developers with the ability to write code in pure JavaScript Nest also combines elements of OOP (object-oriented programming), FP (functional programming), and FRP (functional reactive programming), making it a highly versatile and flexible framework that can be used to build a wide range of applications With its powerful features and easy-to-use interface, Nest is rapidly becoming the preferred choice for developers who want to build high-quality, scalable Node.js applications
4.2.2 What are the best features of Nest.JS?
Nest.JS is an excellent framework that boasts many useful features Some of these features include:
● Its use of TypeScript, which is a strongly-typed language that is a superset of JavaScript, making it easier to catch errors early in the development cycle and increase overall code quality This can help developers save time and reduce bugs in their applications
● Its powerful Command Line Interface (CLI) that can help increase productivity and simplify development This CLI can be used to create new projects, generate modules and controllers, and run various scripts to automate tasks
● It is integrated DI (dependency injection) container that makes applications more modular and efficient This container allows developers to easily manage the dependencies of their application and improve overall performance
● Ability to lazy load modules that load things on demand This can help to reduce the startup time of an application and improve overall performance
● The dozens of Nest-specific modules that are available to help integrate popular technologies and concepts like TypeORM, Mongoose, GraphQL, logging, validation, caching, WebSockets, and more These modules can help developers to easily add functionality to their application and save time
● Simple unit testing applications that can help developers ensure that their code is working as expected and reduce the number of bugs in their application
● Nest.JS provides detailed documentation to help developers get started with the framework and learn how to use its features effectively This documentation can be a valuable resource for developers of all skill levels
What are microservices and why use Nest.JS for microservices?
● Microservices are an architectural style that structures an application as a collection of services
By default, Nest.JS microservices can connect, not through the Apache server advertising port, but internally through a TCP port This means that microservices can communicate with each other without going through a public-facing server, which can improve security and reduce latency Socket-based connections are also possible for microservices, which can offer additional flexibility in how they communicate
Developers can specify microservices for the project to make the project behave accordingly This means that the microservices can be customized to fit the specific needs of the project, such as by specifying different communication protocols or adding additional functionality The ability to customize microservices in this way can make them a powerful tool for building complex applications
One of the main benefits of using Nest.JS for microservices is that it helps build lightweight, well-structured, and stunning microservices that can be easily scaled and integrated into multiple elements of a project The microservices architecture enables fast, frequent, and reliable delivery of large and complex applications, which can be critical for businesses that need to respond quickly to changing market conditions
Out-of-the-box tools and features make development, extension, and maintenance efficient, which can save developers time and effort For example, the Nest.JS framework includes built-in support for WebSockets, which can make it easier to build real-time applications Additionally, the framework supports a wide range of databases, which can make it easier to integrate microservices with existing data sources
The highlight of the Nest framework, however, is the power of dependency injection, which makes it easy to reuse code by injecting one module into another This can help reduce code duplication and make it easier to maintain and update code over time Overall, Nest.JS is a powerful tool for building microservices that can help businesses stay agile and competitive in today's fast-paced marketplace
What is ReactJS
ReactJS is an open-source JavaScript library that was developed and launched by Facebook in 2013 Its main purpose is to build user interfaces by allowing developers to use components in creating interactive web applications One of the most remarkable features of ReactJS is its ability to render data not only on the Server layer but also on the Client layer This feature makes the library highly efficient and capable of handling complex web applications Moreover, ReactJS has a wide range of useful tools and features that enable developers to create complex web applications with ease These tools include but are not limited to, Redux, React Router, and Flux, which are all designed to enhance the performance and flexibility of the library In addition, ReactJS is highly customizable, which means that developers can easily adjust the components to meet the specific needs of the application they are creating This feature makes ReactJS perfect for creating large-scale web applications that require high customization Overall, ReactJS is a powerful and versatile library that is widely used by developers to create interactive web applications that are both efficient and highly customizable
● SEO-friendly: SEO is an indispensable part of bringing the information in your website to the top of Google
● Suitable for a variety of website types: ReactJS library is born to make creating a website easier because users do not need to code as much as when creating other pure websites using HTML, JavaScript
● Debug easily: Facebook application has released a Chrome Extension for debugging during application development This helps speed up the product development process
● Reusing Components: If users can build a Component that is good enough and flexible enough to meet the needs of different projects, you only spend the initial build time and can almost fully reuse it in the following projects
● Can be used for Mobile Application: If users want to develop more mobile applications, they can use React Native-A framework also developed on Facebook platform
The main disadvantage of ReactJs is that:
Reactjs is a library that is specialized in serving the View layer Although it is not an MVC framework, it is a powerful tool that can be used in combination with other libraries Unlike other frameworks, React doesn't have Model and Controller parts In addition, React doesn't support two-way binding or Ajax, which may require you to use other libraries or APIs to achieve the same effect
However, integrating Reactjs into traditional MVC frameworks may require some reconfiguration Despite this, React is still a powerful tool that can provide a lot of benefits to developers One of the downsides of React is that it is quite heavy compared to other frameworks For example, React is similar in size to Angular, weighing in at about 35kb compared to Angular's 39kb However, it should be noted that Angular is a complete framework, whereas React is just a library
For newbies who are just starting to learn the Web, React may be difficult to access However, with some practice and guidance, you can quickly become proficient in using React and other related libraries This will allow you to create powerful and responsive user interfaces that will enhance the user experience and improve the overall performance of your application
Database
PostgreSQL is an open-source object-relational database management system (ORDBMS) that has a rich development history spanning 30 years It was first introduced in 1986 under the direction of Michael Stonebraker as part of the POSTGRES project at the University of California at Berkeley The project was funded by the Defense Advanced Research Project Agency (DARPA), the National Science Foundation (NSF), and other organizations that recognized its importance and potential PostgreSQL has seen various advancements and improvements over the years, including the incorporation of an SQL interpreter in 1994, which increased the system's efficiency by 30-50% PostgreSQL was renamed with version 6.0, and it has retained its name to this day With its long-standing history and ongoing development, PostgreSQL continues to be a leading ORDBMS in the industry
Advantages of PostgreSQL include its standardized program, which ensures data consistency, integrity, security, and compliance; a large community of users with countless experts willing to share best practices and tips; the user-friendliness of SQL, which allows for database management and querying using simple keywords with little or no coding; and ACID compliance, which keeps tables in sync and ensures transactions are valid These properties make PostgreSQL a good choice for applications that require a high level of data integrity and have no room for error
Some popular alternatives to PostgreSQL include MySQL, Oracle, SQL Server, and MongoDB MySQL is another open-source relational database management system that is known for its speed and scalability Oracle is a proprietary relational database management system that is known for its robustness and security SQL Server is another proprietary relational database management system that is popular among businesses
MongoDB is a NoSQL database management system known for its flexibility and scalability
The choice of database platform often depends on the specific needs of the application Relational database management systems like PostgreSQL and MySQL are good choices for applications that require a high level of data integrity and consistency NoSQL databases like MongoDB are better suited for applications that require flexibility and scalability Ultimately, the choice of database platform should be based on factors such as the size and complexity of the application, the specific needs of the business, and the expertise of the development team
While the standardized schema of SQL databases makes them rigid and difficult to change, it does have some advantages All data added to the database must conform to the well-known schema of linked tables of rows and columns Some may find it limiting or limiting, but it is useful when data consistency, integrity, security and compliance are important
At nearly 50 years old, the SQL programming language is extremely mature and is still widely used It has a strong community, with countless experts willing to share proven best practices and tips There are many opportunities to hone skills and work together
If needed, SQL consultants and vendors can provide additional support With SQL, your developers can find the answers they need
SQL is a user-friendly language Database management and querying can be done using simple keywords with little or no coding Most developers learn SQL in college
The highly structured nature of relational database tables allows SQL databases to be ACID compliant This level of compliance keeps tables in sync and ensures transactions
48 are valid It's probably the right choice when running applications that have no room for error and require the highest level of data integrity
These are the ACID properties:
Atomicity: All data and transaction changes are performed completely and as a single action If this is not possible, none of the changes will be made It's all or nothing
Consistency: Data must be valid and consistent at the start and end of a transaction Isolation: Transactions run concurrently without competing with each other Instead, they act as if they are happening one after another
Durability: When a transaction is completed, the associated data is permanent and cannot be changed
The standard for SQL databases is vertical scaling, where capacity can only be expanded by increasing features such as RAM, CPU, and SSD on the existing server or by migrating to a server bigger and more expensive You need to continually add disk space as your data grows, and you need faster machines to run scalable and more sophisticated technologies The database vendor you use will likely require you to update your hardware regularly only to run the latest versions In this environment, hardware can quickly become obsolete Any upgrade is sure to be expensive and resource intensive SQL hardware needs also include day-to-day maintenance and operational costs It's an endless hamster wheel
Developed at a time when data storage costs were high, relational databases seek to deny data duplication Each table has different information and can be linked and queried using common values However, as SQL databases get large, queries and joins between many tables can slow things down rigidity
The schema of an SQL database must be defined before it can be used Once in place, they are inflexible and changes are usually difficult and resource intensive For this
49 reason, a lot of time has to be invested in pre-planning even before the database goes live It follows that they are only appropriate if all your data is equally structured and you do not expect big changes, either in terms of volume or types of data
As mentioned earlier, SQL databases are typically scaled by increasing hardware investments This is expensive and time consuming In some cases, an organization may attempt to scale out a SQL database through partitioning This increased complexity increases the time and resources involved The effort likely includes coding, which requires highly skilled and well-paid developers As the volume of data grows, scaling your SQL database is like playing an endless game of tag, where the perfect configuration is always out of reach On the other hand, NoSQL databases can be scaled, making it easier and cheaper to expand capacity They are well suited for cloud computing and managing extremely large and rapidly growing data sets.
Solidity
Solidity is an open-source programming language that was created in 2014 by the Ethereum Foundation It is the primary language used to develop smart contracts on the Ethereum blockchain, which is a decentralized and distributed public ledger that records transactions and stores data Smart contracts are self-executing computer programs that automatically enforce the rules and conditions of an agreement between parties, without the need for intermediaries or trusted third parties
Solidity is an object-oriented language, which means that it is based on the concept of objects, classes, and inheritance It is designed to be compatible with other programming languages, making it easy to integrate with existing systems The language is statically typed, which means that data types are defined at compile time, and supports complex data structures such as arrays and mappings It also has built-in support for mathematical functions, cryptographic functions, and string manipulation
One of the key features of Solidity is that it is designed to be secure and resistant to attacks The language includes features such as exception handling, which prevents errors from crashing the entire system, and access control, which restricts who can access certain functions and data It also has built-in support for secure coding practices, such as input validation and error checking
Solidity is compiled into bytecode, which is then executed by the Ethereum Virtual Machine (EVM) The EVM is a virtual machine that runs on the Ethereum network and executes smart contracts The bytecode is stored on the blockchain, and the smart contract code itself is executed by the EVM when triggered by a transaction
Since Solidity is the primary language used for smart contract development on Ethereum, there is a large community of developers and resources available for learning and support There are also many tools and frameworks available for Solidity development, such as Remix, Truffle, and Hardhat
In summary, Solidity is a powerful and secure programming language that is used to develop smart contracts on the Ethereum blockchain Its object-oriented design, security features, and compatibility with other programming languages make it a popular choice for blockchain developers With a growing community and a wide range of tools and resources available, Solidity is likely to remain a key player in the blockchain development space for years to come.
Metamask
MetaMask is a browser extension that has become a popular tool for accessing the decentralized web It was initially created as a way for users to interact with Ethereum- based decentralized applications (dApps) without the need for a full node or running a local Ethereum client
Metamask provides users with a digital wallet that securely stores their Ethereum and other ERC-20 tokens Users can easily send and receive Ethereum transactions, with the ability to view transaction histories and balances directly from their browser
One of the key features of Metamask is its ability to connect to dApps built on Ethereum This allows users to interact with these applications directly from their browser, without having to manually enter wallet addresses or perform other complex tasks Instead, Metamask automatically populates the necessary fields and handles the transaction process seamlessly in the background
Metamask is also designed with security in mind Users must create a unique password to access their wallet, and private keys are encrypted and stored locally on their device This provides an additional layer of security, protecting users from potential hacks and other security vulnerabilities
Overall, Metamask has become an essential tool for anyone looking to explore the decentralized web Its user-friendly interface and seamless integration with Ethereum- based dApps make it a popular choice for both developers and everyday users alike.
Github
Github is an online platform that allows developers to store and manage their source code It is a web-based interface for version control repositories that allows users to collaborate and manage their projects in a centralized location
With Github, developers can easily share their code and collaborate with others They can also track changes, make contributions, and manage their workflow Github also offers a variety of tools and features to help developers work more efficiently, such as issue tracking, code reviews, and automated testing
Github is widely used in the software development industry and is considered an essential tool for developers It is free to use for public and open source projects and offers paid plans for private repositories and additional features
In summary, Github is a powerful tool that allows developers to manage their code, collaborate with others, and streamline their workflow With Github, we can easily manage and collaborate on these projects, track changes, and streamline our workflow
Figure 4.1 Manage our repositories by Github
• Admin-attendance-frontend: Admin dashboard, where admin can check attendance update information of employees
• Employee-attendance-frontend: Employee page, where employee can check in and check out
• Employee-attendance-backend: backend server of our system, where we can get information of user, attendance, hashing
• Private-Blockchain: store the blockchain service, where ensure the decentralized and transparent information of checking attendance.
SYSTEM ANALYSIS 53
Use case diagram
5.1.1 Scan QR to check in/ check out:
● Web interface shows the QR page to the employee
● Employee show their QR in front of the web and the system will scan the employee's QR to save the check-in / check-out record
Figure 5.1 Scan QR use case
Description Employee need to checkin to record they attendance before woking in the company
Preconditions They must own a QR code which corresponding to the employee
Normal flow 1 Employee press the ‘Scan QR’ button in the interface
2 Web interface shows the page for employees to scan
3 Employees show their own QR in front of the camera
5 Employees press the button to get back to home page (if needed)
Exceptions Exception 1: The system can not verify the signature of the admin wallet Exception 2: Can not find employee’s ID in the database
Exception 3: Picture which snap by the website is missing the employee’s face
Table 5.1 Check in use case
Description Employee need to out to record they attendance after working in the company
Preconditions They must own a QR code which corresponding to the employee
ID in the database and they have to record the checkin information before they checkout
Normal flow 1 Employee press the ‘Scan QR’ button in the interface
2 Web interface shows the page for employees to scan
3 Employees show their own QR in front of the camera
5 Employees press the button to get back to home page (if needed)
Exceptions Exception 1: The system can not verify the signature of the admin wallet Exception 2: Can not find employee’s ID in the database Exception 3: Picture which snap by the website is missing the employee’s face
Exception 4: The employee forgot to checkin
Table 5.2 Check out use case
Description After scan QR code, employee need to check their information, then confirm to send this information to the database
Preconditions They must finish the process of scaning QR code and snaping the photo
Normal flow 1 Employee read the info show in the screen
2 Click “confirm" button to send it to backend
Exceptions Exception 1: The system can not verify the signature of
56 the admin wallet Exception 2: Can not find employee’s ID in the database
Use case name Validate photo
Description When employee scan the QR code, the website also snap the photo in order to save to server But we have to ensure the employee’s face is also in the photo too
Preconditions The machine have to scan the QR code successfully and the computer which running our website must has a camera
Normal flow 1 Employee scan QR code
2 Website snap the photo at the same time
3 Use model to checking there is any face in the photo
4 Return error if photo is invalid
Exceptions Exception 1: Camera is broken
Table 5.4 Validate photo use case
5.1.2 View the information of employee
● In the web interface, employee can check their own personal information
● Employee can also check their attendance info in year/ month or just a specific day
Figure 5.2 Check attendance and info of employee
Use case name View Dashboard
Description The admin can view the dashboard which show several figures related to the working time of all employees in the company
Preconditions The admin have to login before using this function because the system need to authorize the right of the user
Normal flow 1 Login to the web
3 Navigate or filter by some catagories if they want
Exceptions Exception 1: User is unauthorization
Use case name View employee’s information
Description The admin can view information of all employee, they also can add, update or remove them
Preconditions The admin have to login before using this function because the system need to authorize the right of the user
Normal flow 1 Login to the web
2 View all information of employee
3 Click to the user, they want to view
4 From this screen they also can navigate to the create, update screen or directly delete them
Exceptions Exception 1: User is unauthorized
Use case name View employee’s attendance information
Description User can attendance infomation of the employee if they know the
ID of employee Preconditions User has the employee ID
Normal flow 1 Enter the employee's ID to the seach box in the website
3 They also can filter by month, year Exceptions Exception 1: Invalid employee ID
Table 5.7 View employee’s attendance information
Sequence diagram
Figure 5.4 Scan QR code flow
Objective Store checking information for employee
Actor Employee, Time attendance Machine, Server, Database
Trigger Employee tap scan QR button
Pre-condition Employee have QR code and the checking place is time attendance machine Post-condition Succcessfully store information to the database
Table 5.8 Scan QR code flow description
5.2.2 All flow prepare data and call smart contract
Figure 5.5 All flow prepare data and call smart contract
Objective Update data from database to smartcontract
Trigger At the end of everyday server will auto trigger this event
Pre-condition Data in database is valid(auto update by BE, not manually update) Post-condition Data update to the smartcontract
Table 5.9 All flow prepare data and call smart contract description
Actor Admin, web, server, database
Trigger Admin use function create new employee
Pre-condition The admin's signature is verified and having employee information
Post-condition Succcessfully create new record in table users and month_attendence for employee
Table 5.10 Creata a new user description
Flow chart
Objective Update checkin or checkout time for employees
Trigger API check attendent is called
Pre-condition Having information of checking time, employee ID and the admin signature Post-condition Succcessfully update information to the database
5.3.2 Check in process flow chart
Objective Update checkin time for employees
Trigger API check attendent is called
Pre-condition The admin's signature is verified and this is the first time API check attendence is called for this employee ID
Post-condition Succcessfully create new record in table day_attendence for employee
Table 5.12 Check in flow description
5.3.3 Check out process flow chart
Objective Update checkout time for employees
Trigger API check attendent is called
Pre-condition The admin's signature is verified and this is not the first time API check attendance is called for this employee ID
Post-condition Succcessfully update checkout time for employee in the record in table day_attendence
Table 5.13 Check out flow description
5.3.4 Cronjob in BE at 10:00 PM update the database
Objective Update total work day and extra hours for employee
Pre-condition The time come to 10 p.m and the information is valid (hash is consistensy with information) Post-condition Succcessfully to update month-attendence info and hash
5.3.5 Cronjob to call smart contract at 10:30 PM at smart contract
Figure 5.11 Cronjob in smart contract
Objective Call SmartContract to update data for
Trigger Server auto trigger this event at 10:30 PM
Pre-condition The time is 10:30 pm
Post-condition Successfully to call smart contract
Table 5.15 Smart contract Cronjob description
5.3.6 Store data in smart contract
Figure 5.12 Store data in smart contract
Objective Validate and update data in smart contract
Trigger Smart contract’s function is called
Pre-condition Data must sign by deployer wallet
Post-condition Successfully to update data in smart contract
Table 5.16 Store data in smart contract description
5.3.7 Cronjob at first day of month
Figure 5.13 Cronjob at first day of month
Objective Call SmartContract to update data for employees
Trigger Server auto trigger this event at 10:30 PM
Pre-condition The time is 10:30 pm
Post-condition Successfully to call smart contract
Table 5.17 Cronjob at first day of month description
5.3.8 Verify data between database and blockchain
Figure 5.14 Verify data between database and blockchain
Objective Verify data between database and
Trigger Admin call the API
Pre-condition Need the admin token to call api
Post-condition Successfully to return the list of invalid user’s data in the month
Table 5.18 Verify data between database and blockchain
Database Schema
There are three tables in our database which are users, month_attendances, day_attendances In the database, we try to store all information about users and their checking information
About users table, it include basic information like full name, address, date of birth, gender, job title, phone number, email and department their belong to.Each user record have relationship with several records in month_attendances table via the user’s id as the foreign key
For month_attendances table, it will auto generate a record for each user at the first day of the month It contain information about how many work day user checked and the total extra hour for that month The hash in the table is the signature generate by deployer The main function of hash is to ensure no one can update the database manually It means no one can cheat on the system, even they can access the database There is one to many relationship between month_attendances and day_attendances table The day_attendances table basically is checking information of each day in a month_attendance record which it.
API
• Used by Admin, register and login to have access to get information of employees
• Use to upload files (images, attachments) in the application
• As admin, use this API to create/ update/get information of all User
• As Employee, use this API to update/get information of their own profile
• Get attendance information in a month of User
• Information admin can get are total working day, total extra hours, and hashing of month record of a user
• Employees use this API to check in
• Admin can get detailed information of attendance checking in every single day
• Information admin can get are check in time, check out time, and check in/ check out image