feat(release): 🚀 Laravel Blockchain v2.0.0 — major upgrade with user-specific certificates, Merkle root verification, and health monitoring

- Introduced user-specific PEM certificate support for per-user signing
- Added blockchain health monitoring with blockchain:health command
- Enhanced chain verification and fork detection logic
- Added Merkle root signing and verification for hierarchical integrity
- Improved BlockchainManager structure for clarity and maintainability
- Updated README with installation, upgrade guide, and usage examples
- Strengthened RSA key handling and password-based encryption flow
- Improved configuration flexibility for keys, hashes, and auto-verification

Author: Ronald-PH

README.md

@@ -47,5 +47,5 @@
     },
     "minimum-stability": "stable",
     "prefer-stable": true,
-    "version": "1.2.1"
+    "version": "2.0.0"
 }

composer.json

@@ -1,23 +1,25 @@
 <?php
 
 return [
+
     /*
     |--------------------------------------------------------------------------
-    | Blockchain Table Name
+    | Blockchain Ledger Table
     |--------------------------------------------------------------------------
     |
-    | The name of the table that will store blockchain ledger records.
+    | The table that stores blockchain ledger entries.
+    | You can override this in .env via BLOCKCHAIN_TABLE_NAME.
     |
     */
     'table_name' => env('BLOCKCHAIN_TABLE_NAME', 'blockchain_ledgers'),
 
     /*
     |--------------------------------------------------------------------------
-    | Hash Algorithm
+    | Hashing Algorithm
     |--------------------------------------------------------------------------
     |
-    | The hashing algorithm to use for block hashing.
-    | Supported: 'sha256', 'sha512', 'md5' (not recommended)
+    | The algorithm used to generate block hashes.
+    | Supported: 'sha256', 'sha512', 'md5' (md5 not recommended).
     |
     */
     'hash_algorithm' => env('BLOCKCHAIN_HASH_ALGORITHM', 'sha256'),
@@ -27,18 +29,18 @@
     | Signature Algorithm
     |--------------------------------------------------------------------------
     |
-    | The OpenSSL signature algorithm to use.
-    | Supported: OPENSSL_ALGO_SHA256, OPENSSL_ALGO_SHA512
+    | OpenSSL algorithm used for signing blockchain data.
+    | Options: OPENSSL_ALGO_SHA256, OPENSSL_ALGO_SHA512.
     |
     */
     'signature_algorithm' => OPENSSL_ALGO_SHA256,
 
     /*
     |--------------------------------------------------------------------------
-    | Keys Storage Path
+    | Keys Storage Directory
     |--------------------------------------------------------------------------
     |
-    | The path where cryptographic keys are stored.
+    | The default location for blockchain keys (private/public).
     |
     */
     'keys_path' => storage_path('blockchain/keys'),
@@ -48,27 +50,30 @@
     | Default Private Key
     |--------------------------------------------------------------------------
     |
-    | Path to the default private key file (relative to keys_path).
+    | File name of the default private key relative to keys_path.
+    | Used if no user certificate is assigned.
     |
     */
-    'private_key' => env('BLOCKCHAIN_PRIVATE_KEY', 'private.pem'),
+    'private_key' => env('BLOCKCHAIN_PRIVATE_KEY', 'private4.pem'),
 
     /*
     |--------------------------------------------------------------------------
     | Default Public Key
     |--------------------------------------------------------------------------
     |
-    | Path to the default public key file (relative to keys_path).
+    | File name of the default public key relative to keys_path.
+    | Used to verify blockchain data without user certificate.
     |
     */
-    'public_key' => env('BLOCKCHAIN_PUBLIC_KEY', 'public.pem'),
+    'public_key' => env('BLOCKCHAIN_PUBLIC_KEY', 'public4.pem'),
 
     /*
     |--------------------------------------------------------------------------
     | Private Key Password
     |--------------------------------------------------------------------------
     |
-    | Password for the private key encryption.
+    | Password for the default private key if encrypted.
+    | Can be set in .env as BLOCKCHAIN_PRIVATE_KEY_PASSWORD.
     |
     */
     'private_key_password' => env('BLOCKCHAIN_PRIVATE_KEY_PASSWORD', null),
@@ -78,18 +83,43 @@
     | Genesis Block Hash
     |--------------------------------------------------------------------------
     |
-    | The hash used for the genesis block (first block in chain).
+    | Initial block hash for the blockchain.
     |
     */
     'genesis_hash' => '00000',
 
     /*
     |--------------------------------------------------------------------------
-    | Auto Verify Chain
+    | Save Algorithm Metadata
+    |--------------------------------------------------------------------------
+    |
+    | Whether each block stores its hashing algorithm.
+    | Useful if you might change system default in the future.
+    |
+    */
+    'save_algorithm' => false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Automatic Chain Verification
     |--------------------------------------------------------------------------
     |
-    | Automatically verify the blockchain integrity before creating new blocks.
+    | If true, verifies the chain integrity before adding a new block.
     |
     */
-    'auto_verify' => env('BLOCKCHAIN_AUTO_VERIFY', false),
-];
+    'auto_verify' => env('BLOCKCHAIN_AUTO_VERIFY', true),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Blockchain Root Configuration
+    |--------------------------------------------------------------------------
+    |
+    | Enable Merkle root signing with a master key pair.
+    |
+    */
+    'with_blockchain_root' => env('WITH_BLOCKCHAIN_ROOT', false),
+    'master_private_key' => env('MASTER_PRIVATE_KEY', null),
+    'master_private_key_password' => env('MASTER_PRIVATE_KEY_PASSWORD', null),
+    'master_public_key' => env('MASTER_PUBLIC_KEY', null),
+
+];

config/blockchain.php

@@ -0,0 +1,24 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('blockchain_default_certificates', function (Blueprint $table) {
+            $table->id();
+            $table->string('public_key_path');
+            $table->string('private_key_path');
+            $table->integer('status')->max(2)->default(1);
+            $table->timestamps();
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('model_has_certificates');
+    }
+};

database/migrations/2025_11_07_000000_create_blockchain_default_certificates_table.php

@@ -0,0 +1,25 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('blockchain_roots', function (Blueprint $table) {
+            $table->id();
+            $table->string('table_name');
+            $table->unsignedBigInteger('record_id')->nullable();
+            $table->string('merkle_root')->nullable();
+            $table->text('signature'); // signed by master key
+            $table->timestamps();
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('blockchain_roots');
+    }
+};

database/migrations/2025_11_07_000001_create_blockchain_roots_table.php

@@ -0,0 +1,26 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('model_has_certificates', function (Blueprint $table) {
+            $table->id();
+            $table->unsignedBigInteger('user_id')->index();
+            $table->string('certificate_path'); // example: storage/app/certificates/user1.pem
+            $table->integer('status')->max(2)->default(1);
+            $table->timestamps();
+
+            $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('model_has_certificates');
+    }
+};

database/migrations/2025_11_07_000002_create_model_has_certificates_table.php

@@ -0,0 +1,40 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('blockchain_ledgers', function (Blueprint $table) {
+            $table->id();
+            $table->string('nonce')->nullable();
+            $table->unsignedBigInteger('user_id')->nullable();
+            $table->string('table_name')->index();
+            $table->unsignedBigInteger('record_id')->index();
+            $table->json('data')->nullable();
+            $table->string('data_hash', 64);
+            $table->string('previous_hash', 64);
+            $table->string('block_hash', 64)->unique();
+            $table->text('signature');
+            $table->boolean('with_user_certificate')->default(false);
+            $table->unsignedBigInteger('certificate_id')->nullable();
+            $table->unsignedBigInteger('default_certificate_id')->nullable();
+            $table->string('algorithm')->nullable();
+            $table->timestamps();
+
+            $table->index(['table_name', 'record_id']);
+
+            $table->foreign('user_id')->references('id')->on('users');
+            $table->foreign('certificate_id')->references('id')->on('model_has_certificates');
+            $table->foreign('default_certificate_id')->references('id')->on('blockchain_default_certificates');
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('blockchain_ledgers');
+    }
+};