Skip to content

HackStyx/Blockchain-Based-Question-Paper-Security-System

BranchesTags

Repository files navigation

Blockchain-Based Question Paper Security System

A secure, decentralized system for managing academic question papers using blockchain technology, ensuring integrity, traceability, and role-based access control.

🎯 Features

Core Functionality

  • Secure Upload: Encrypted question paper storage with IPFS integration
  • Role-Based Access: Admin, Moderator, Examiner, and Student roles with specific permissions
  • Approval Workflow: Moderator review and approval process for all papers
  • Audit Trail: Immutable blockchain logging of all system activities
  • Search & Filter: Advanced filtering by subject, difficulty, status, and more
  • AI-Assisted Paper Generation: Gemini-powered solution schemes and mixed question papers for different difficulty levels
  • Student Chatbot: “Clear Doubts” academic assistant for conceptual queries with persistent conversation history

Security Features

  • End-to-End Encryption: Files encrypted before leaving the browser
  • Blockchain Integrity: Smart contract verification for all operations
  • Access Control: Granular permissions based on user roles
  • Immutable Logs: All activities recorded permanently on blockchain
  • Secure PDF Viewer: Custom viewer with watermarking, and disabled download/print for student access

🏗️ Architecture

Frontend (React) → Backend (Node.js/Express) → Blockchain (Ethereum)
                ↓                           ↓
            Encryption                   Smart Contracts
                ↓                           ↓
            IPFS Storage              Metadata & Logs

🛠️ Technology Stack

Blockchain

  • Ethereum with Solidity smart contracts
  • Hardhat for development and testing
  • Ganache for local blockchain
  • Web3.js for blockchain interaction

Backend

  • Node.js with Express.js
  • MongoDB for off-chain metadata
  • JWT for authentication
  • Multer for file handling
  • Crypto-js for encryption
  • Google Gemini (via @google/generative-ai) for solution schemes, paper generation, and chatbot

Frontend

  • React.js with Material-UI
  • Axios for API communication
  • React Router for navigation
  • PDF.js-based secure viewer with watermarking and restricted actions

📋 Prerequisites

  • Node.js (v16 or higher)
  • MongoDB
  • Ganache or local Ethereum node
  • Git

🚀 Installation & Setup

1. Clone Repository

git clone <repository-url>
cd blockchain-question-paper-security

2. Install Dependencies

# Install backend dependencies
npm install

# Install frontend dependencies
cd client
npm install
cd ..

3. Environment Configuration

# Copy environment template
cp .env.example .env

# Edit .env with your configuration
# Update MongoDB URI, JWT secret, etc.

4. Start Services

Start MongoDB

# On Windows
net start MongoDB

# On macOS/Linux
sudo systemctl start mongod

Start Ganache

  • Open Ganache GUI and create a new workspace
  • Or use Ganache CLI: ganache-cli

5. Deploy Smart Contract

npm run compile
npm run deploy

6. Create Initial Admin User

After deploying the smart contract, you need to create an initial admin user:

# Create initial admin user in MongoDB
curl -X POST http://localhost:5000/api/init-admin

This creates an admin user with credentials:

7. Register Admin User in Blockchain

After creating the initial admin user, you need to register them in the blockchain:

# Login to get authentication token
curl -X POST http://localhost:5000/api/login \
  -H "Content-Type: application/json" \
  -d '{"email":"admin@system.com","password":"admin123"}'

# Use the token from the response to register the user in blockchain
curl -X POST http://localhost:5000/api/register-existing \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -d '{"address":"0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266","name":"System Admin","email":"admin@system.com","role":"Admin"}'

8. Start Application (Development)

# Terminal 1 – Start blockchain (Ganache)
ganache --port 7545 --accounts 10 --mnemonic "test test test test test test test test test test test junk"

# Terminal 2 – Deploy contracts (after Ganache is running)
npm run deploy

# Terminal 3 – Backend API
npm run dev

# Terminal 4 – Frontend
npm run client

🎮 Usage

Access the Application

Default Admin Account

After contract deployment and following the setup steps above, you can log in with:

User Registration Important Note

All users must be registered in both MongoDB and the blockchain:

  1. Create users in MongoDB through the admin interface or API
  2. Register users in the blockchain using the admin panel or /api/register-existing endpoint

User Roles & Permissions

Admin

  • Full system access
  • User management (create, activate, deactivate)
  • Upload question papers
  • View all papers and audit logs

Moderator

  • Review and approve/reject papers
  • View audit logs
  • Download approved papers

Examiner

  • Upload question papers
  • Download approved papers

Student

  • View and download approved papers only

🧪 Testing

Smart Contract Tests

npm run test

API Testing

Use the provided Postman collection or test endpoints manually:

# Health check
curl http://localhost:5000/api/health

# Login (after creating users)
curl -X POST http://localhost:5000/api/login \
  -H "Content-Type: application/json" \
  -d '{"email":"user@example.com","password":"password"}'

📁 Project Structure

├── contracts/              # Solidity smart contracts
│   └── QuestionPaperSecurity.sol
├── scripts/                # Deployment scripts
│   └── deploy.js
├── test/                   # Smart contract tests
│   └── QuestionPaperSecurity.test.js
├── client/                 # React frontend
│   ├── src/
│   │   ├── components/     # React components
│   │   ├── contexts/       # React contexts
│   │   └── App.js
│   └── package.json
├── server.js               # Express backend server
├── hardhat.config.js       # Hardhat configuration
├── package.json            # Backend dependencies
└── README.md

🔐 Security Considerations

Implemented Security Measures

  • File Encryption: AES encryption before IPFS storage
  • Access Control: Smart contract role-based permissions
  • Input Validation: Server-side validation for all inputs
  • JWT Authentication: Secure session management
  • Audit Logging: Immutable activity tracking

Production Recommendations

  • Use HTTPS in production
  • Implement rate limiting
  • Add input sanitization
  • Use environment-specific configurations
  • Regular security audits

🚀 Deployment

Local Development

Follow the installation steps above.

Production Deployment

Backend

  1. Set production environment variables
  2. Use PM2 for process management
  3. Configure reverse proxy (Nginx)
  4. Set up SSL certificates

Frontend

cd client
npm run build
# Deploy build folder to web server

Blockchain

  1. Deploy to testnet (Ropsten, Goerli)
  2. Update contract addresses in configuration
  3. For mainnet: Comprehensive security audit required

🤝 API Documentation

Authentication Endpoints

  • POST /api/login - User login
  • POST /api/register - Register new user (Admin only)
  • GET /api/profile - Get user profile

Paper Management

  • POST /api/upload - Upload question paper
  • GET /api/papers - Get all papers (filtered by role)
  • POST /api/papers/:id/approve - Approve paper (Moderator)
  • POST /api/papers/:id/reject - Reject paper (Moderator)
  • GET /api/papers/:id/download - Download paper

System

  • GET /api/health - System health check
  • GET /api/audit-logs - Get audit logs (Admin/Moderator)

🐛 Troubleshooting

Common Issues

Contract Deployment Fails

  • Ensure Ganache is running
  • Check network configuration in hardhat.config.js
  • Verify sufficient ETH in deployer account

MongoDB Connection Error

  • Verify MongoDB is running
  • Check connection string in .env
  • Ensure database permissions

Frontend Build Issues

  • Clear node_modules and reinstall
  • Check Node.js version compatibility
  • Verify all dependencies are installed

"User not registered" Error When Fetching Papers

This error occurs when a user exists in MongoDB but is not registered in the blockchain. To fix:

  1. Ensure the user is registered in the blockchain using the admin panel or API
  2. The user's address must match between MongoDB and blockchain

"Failed to fetch papers" Error

If you're getting this generic error:

  1. Check that the user is properly registered in both MongoDB and blockchain
  2. Verify that Ganache is running and accessible
  3. Check the server logs for more detailed error information

📈 Future Enhancements

Planned Features

  • IPFS Integration: Full decentralized storage
  • Multi-signature Approval: Multiple moderator approval
  • Paper Versioning: Track paper revisions
  • Notification System: Email/SMS notifications
  • Analytics Dashboard: Usage statistics and insights
  • Mobile App: React Native mobile application

Scalability Improvements

  • Layer 2 Solutions: Polygon/Arbitrum integration
  • Microservices: Service decomposition
  • Caching: Redis implementation
  • CDN: Content delivery optimization

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🤝 Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Commit your changes
  4. Push to the branch
  5. Create a Pull Request

📞 Support

For support and questions:

  • Create an issue in the repository
  • Contact the development team
  • Check the troubleshooting section

🙏 Acknowledgments

  • Ethereum Foundation for blockchain technology
  • OpenZeppelin for smart contract security patterns
  • React team for the frontend framework
  • All contributors and testers

About

A complete question paper management system

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages