Xerobank

Last updated by burtbeckwith 1 year ago

We used Grails on a project for Xerobank, one of our clients. They wanted to build the 2nd generation of their network privacy platform, which separates the identity of the user on two parts: the Deposit account they use for buying network access tokens for the system, and the Access account used for anonymously accessing the Xerobank VPN.

The following areas of the system were implemented in Grails:

• Several parts of the VAULTS anonymity subsystem (which by itself is a big write-up)
• User checkout process at https://checkout.xerobank.com/
• Deposit and Access account control panels at https://activate.xerobank.com/
• Accounting of customer monthly payments, network token purchase and network token usage
• Accounting web services for the network subsystem to request more tokens to spend, as the user consumes their bandwidth allotment
• Account-related web services for Xerobank's Privacy Machine
• Administration and report tools

The networking subsystem and their privacy machine were implemented by third parties, and interface with our systems via the aforementioned webservices.

Everything is integration- and unit-tested - both our own APIs as well as those created by third parties - which was simplified by the ease with which we could add tests to Grails, and helped on several occasions to notice API breaks immediately during development.

Besides Grails, we used the following technologies:

• The Bouncy Castle encryption libraries
• Our own plugins on Crypto and Currencies
• JFreeChart
• Jsecurity and the Jsecurity plugin
• Quartz plugin, to create scheduled services
• XML RPC plugin

They have been trying out the system in a relatively small scale without doing much publicity, and so far it is handling very well.