A professional blockchain-backed privacy compliance platform for managing policies, consents, and regulatory compliance (GDPR, CCPA, PIPEDA) with immutable blockchain verification on Constellation Network.
Sushiii provides enterprise-grade privacy compliance management with:
- Privacy Policy Management: Version-controlled policies with advanced rich text editing, templates, and approval workflows
- Granular Consent Management: User consent tracking with purpose-based permissions and audit trails
- Compliance Dashboard: Real-time GDPR compliance scoring and checklist tracking
- Blockchain Verification: Immutable records on Constellation Network metagraph
- Professional Export: Export policies to PDF and HTML with custom branding
- Embeddable Widgets: Drop-in consent widgets for websites
┌─────────────────────────────────────────────────────────────┐
│ Next.js Frontend (Port 3003) │
│ • Policy creator with advanced rich text editor │
│ • Compliance dashboard and GDPR checklist │
│ • Consent management UI │
│ • PDF/HTML export with custom branding │
└────────────────────────┬────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────┐
│ TypeScript API (Port 3005) │
│ • REST API for policies, consents, compliance │
│ • Multi-tenancy with API key authentication │
│ • PostgreSQL database integration │
│ • Redis caching and rate limiting │
└────────────────────────┬────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────┐
│ Constellation Network Metagraph (Local) │
│ • Data L1 (Port 9400) - Custom data validation │
│ • Metagraph L0 (Port 9200) - State consensus │
│ • Currency L1 (Port 9300) - Token layer │
│ • Global L0 (Port 9000) - Network layer │
└────────────────────────┬────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────┐
│ PostgreSQL + Redis │
│ • Policy and consent storage │
│ • User and tenant management │
│ • Session and rate limit cache │
└─────────────────────────────────────────────────────────────┘
- Node.js 18+ and npm
- PostgreSQL 15+
- Redis 7+
- Docker Desktop (with at least 8GB RAM allocated)
- Java 11+ (for blockchain)
- Git
- cargo (Rust package manager for
argc) - coursier (Scala installer for
giter8)
# Update system
sudo apt update && sudo apt upgrade -y
# Install Node.js 18
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt install -y nodejs
# Install PostgreSQL
sudo apt install -y postgresql postgresql-contrib
# Install Redis
sudo apt install -y redis-server
# Install Java 11
sudo apt install -y openjdk-11-jdk
# Install Docker (if not already installed)
curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER# Install Homebrew if not installed
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
# Install dependencies
brew install node@18 postgresql@15 redis openjdk@11 docker
# Start services
brew services start postgresql
brew services start rediscd ~/Desktop # or your preferred directory
git clone https://github.com/yourusername/sushiii.git
cd sushiii# Start PostgreSQL (if not running)
sudo systemctl start postgresql # Linux
# or
brew services start postgresql # macOS
# Create database and user
sudo -u postgres psql << EOF
CREATE DATABASE sushiii;
CREATE USER sushiii_user WITH ENCRYPTED PASSWORD 'sushiii_password';
GRANT ALL PRIVILEGES ON DATABASE sushiii TO sushiii_user;
\q
EOF# Start Redis (if not running)
sudo systemctl start redis # Linux
# or
brew services start redis # macOS
# Test Redis connection
redis-cli ping # Should return "PONG"cd api
# Install dependencies
npm install
# Create environment file
cp .env.example .env
# Edit .env with your settings
nano .envEdit .env with these settings:
# Database
DATABASE_URL="postgresql://sushiii_user:sushiii_password@localhost:5432/sushiii"
# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
# Server
PORT=3005
NODE_ENV=development
# CORS
CORS_ORIGIN=http://localhost:3003
# JWT Secrets (generate secure secrets)
JWT_SECRET=your-jwt-secret-here
JWT_REFRESH_SECRET=your-jwt-refresh-secret-here
# Blockchain (will configure later)
METAGRAPH_L0_URL=http://localhost:9200
METAGRAPH_L1_URL=http://localhost:9400
GLOBAL_L0_URL=http://localhost:9000Generate secure JWT secrets:
# Generate JWT_SECRET
node -e "console.log('JWT_SECRET=' + require('crypto').randomBytes(64).toString('hex'))"
# Generate JWT_REFRESH_SECRET
node -e "console.log('JWT_REFRESH_SECRET=' + require('crypto').randomBytes(64).toString('hex'))"Setup database schema:
# Generate Prisma client
npx prisma generate
# Run migrations
npx prisma migrate dev
# Seed database with demo data
npm run setup-dbTest the API:
npm run dev
# Should start on http://localhost:3005
# In another terminal, test health endpoint
curl http://localhost:3005/health | jqcd ../app
# Install dependencies
npm install
# Create environment file
cp .env.example .env.local
# Edit .env.local
nano .env.localEdit .env.local:
NEXT_PUBLIC_API_URL=http://localhost:3005Start the frontend:
PORT=3003 npm run dev
# Should start on http://localhost:3003This is the critical step that enables blockchain verification.
cd ~/Desktop # or your preferred directory
git clone https://github.com/Constellation-Labs/euclid-development-environment.git
cd euclid-development-environment# Install argc (command runner)
cargo install argc
# Install giter8 (Scala template tool)
# First install coursier if needed
curl -fL https://github.com/coursier/launchers/raw/master/cs-x86_64-pc-linux.gz | gzip -d > cs
chmod +x cs
./cs setup
./cs install giter8
# Verify installations
argc --version
g8 --version- Open Docker Desktop
- Go to Settings → Resources
- Set Memory to at least 8GB (16GB recommended)
- Set CPUs to at least 4
- Click Apply & Restart
- Go to https://github.com/settings/tokens
- Click Generate new token → Generate new token (classic)
- Add note: "Euclid Development Environment"
- Select scope: read:packages
- Click Generate token
- Copy the token (you won't see it again)
cd ~/Desktop/euclid-development-environment
# Create or edit euclid.json
nano euclid.jsonAdd this configuration:
{
"github_token": "your-github-token-here",
"project_name": "sushiii-metagraph"
}# Navigate to euclid directory
cd ~/Desktop/euclid-development-environment
# Build all layers (this takes 5-10 minutes first time)
./scripts/hydra buildWhat this does:
- Downloads Tessellation framework (Constellation's blockchain SDK)
- Builds Global L0 layer (network consensus)
- Builds Metagraph L0 layer (state management)
- Builds Currency L1 layer (token transactions)
- Builds Data L1 layer (custom data validation)
# Start genesis (initial blockchain state)
./scripts/hydra start-genesis
# This will start:
# - 1 Global L0 node (port 9000)
# - 3 Metagraph L0 nodes (ports 9200, 9210, 9220)
# - 3 Currency L1 nodes (ports 9300, 9310, 9320)
# - 3 Data L1 nodes (ports 9400, 9410, 9420)Wait 2-3 minutes for all nodes to start and form consensus.
# Check Global L0 status
curl http://localhost:9000/cluster/info | jq
# Check Metagraph L0 status
curl http://localhost:9200/cluster/info | jq
# Check Data L1 status
curl http://localhost:9400/data-application/info | jq
# Check all node statuses
./scripts/hydra statusExpected output:
Global L0: ✓ Running on port 9000
Metagraph L0 Node 1: ✓ Running on port 9200
Metagraph L0 Node 2: ✓ Running on port 9210
Metagraph L0 Node 3: ✓ Running on port 9220
Currency L1 Node 1: ✓ Running on port 9300
...
cd ~/Desktop/sushiii/api
# Update .env file
nano .envUpdate blockchain configuration:
# Blockchain endpoints
METAGRAPH_L0_URL=http://localhost:9200
METAGRAPH_L1_URL=http://localhost:9400
GLOBAL_L0_URL=http://localhost:9000
# Generate wallet (optional for local dev)
# PRIVATE_KEY=your-dag4-wallet-private-keyRestart the API:
# Stop the API (Ctrl+C in API terminal)
# Start again
npm run devInitially, the Data L1 layer wasn't properly configured to accept custom data types (PolicyVersion and ConsentEvent). The nodes would start but reject all submissions.
-
Custom Data Types (
euclid-development-environment/source/project/metagraph/data_l1/src/main/scala/):- Created
PolicyVersion.scalawith fields: policyId, version, contentHash, jurisdiction - Created
ConsentEvent.scalawith fields: subjectId, policyRef, eventType, timestamp - Defined proper JSON codecs for serialization
- Created
-
Data Validation (
DataApplicationL1Service.scala):- Added signature verification using Ed25519
- Implemented content hash validation
- Added timestamp validation (not in future)
- Validated jurisdiction codes (GDPR, CCPA, PIPEDA)
-
Custom Endpoints:
POST /data-application/policy- Submit policy versionsPOST /data-application/consent- Submit consent eventsGET /data-application/info- Get current state
-
State Management (
StateChannel.scalain L0):- Event-sourced state management
- Immutable state updates
- Snapshot creation every 20 blocks
-
Rebuild and Deploy:
cd ~/Desktop/euclid-development-environment ./scripts/hydra stop ./scripts/hydra build ./scripts/hydra start-genesis
Open 4 terminals:
Terminal 1: Database (if not auto-starting)
sudo systemctl start postgresql redisTerminal 2: Blockchain
cd ~/Desktop/euclid-development-environment
./scripts/hydra start-genesisTerminal 3: API
cd ~/Desktop/sushiii/api
npm run devTerminal 4: Frontend
cd ~/Desktop/sushiii/app
PORT=3003 npm run dev- Frontend: http://localhost:3003
- API: http://localhost:3005
- Blockchain L0: http://localhost:9200/cluster/info
- Blockchain L1: http://localhost:9400/data-application/info
- Email:
admin@test.com - Password:
admin123
- Press
Ctrl+Cin terminals 3 and 4 (API and Frontend) - Stop blockchain:
cd ~/Desktop/euclid-development-environment ./scripts/hydra stop
- (Optional) Stop database:
sudo systemctl stop postgresql redis
-
Advanced Policy Editor:
- 8 professional fonts (Arial, Times New Roman, Georgia, Calibri, etc.)
- Tables for GDPR data processing categories
- 6 heading levels, text colors, highlights
- Link management, superscript/subscript
- Character and word count
- Import/export HTML
-
Approval Workflow:
- Status: Draft → Review → Approved → Published → Archived
- Approval history with notes
- Version control with content hashing
-
Template System:
- Pre-built GDPR, CCPA, PIPEDA templates
- Variable substitution (company name, jurisdiction, etc.)
- Customizable sections
-
Professional Export:
- PDF with custom branding, table of contents, metadata
- HTML with embedded styles and company logo
- Preview before download
-
Compliance Dashboard:
- Overall compliance score calculation
- Category breakdown (Transparency, Rights, Security, etc.)
- Trend indicators (improving/stable/declining)
- Recommended actions
-
GDPR Checklist:
- 13 GDPR articles with 70+ checkpoints
- Interactive tracking per article
- Category filtering
- Progress visualization
-
Embeddable Widgets:
- Consent collection widget
- Customizable styling
- iframe and JavaScript embed codes
- Event callbacks for integration
-
REST API:
- Full policy CRUD operations
- Consent management
- Compliance metrics
- Proof bundle generation
Database connection failed:
# Check PostgreSQL is running
sudo systemctl status postgresql
sudo systemctl start postgresql
# Test connection
psql -U sushiii_user -d sushiii -h localhostPort already in use:
# Find process on port 3005
lsof -i:3005
# Kill it
kill -9 <PID>Nodes won't start:
# Check Docker has enough resources
docker system df
docker stats
# Stop and destroy
cd ~/Desktop/euclid-development-environment
./scripts/hydra destroy
# Rebuild
./scripts/hydra build
./scripts/hydra start-genesisCan't reach L0 or L1:
# Check if containers are running
docker ps
# View logs
./scripts/hydra logs l0-1
./scripts/hydra logs data-l1-1
# Restart specific node
./scripts/hydra restart l0-1Port already in use:
# Kill processes on port 3003
lsof -ti:3003 | xargs kill -9
# Restart
PORT=3003 npm run devAPI connection failed:
# Check API is running
curl http://localhost:3005/health
# Check CORS settings in api/.env
CORS_ORIGIN=http://localhost:3003Reset database:
cd ~/Desktop/sushiii/api
# Reset and re-migrate
npx prisma migrate reset
# Re-seed
npm run setup-dbPostgreSQL won't start:
# Check logs
sudo journalctl -u postgresql -n 50
# Restart service
sudo systemctl restart postgresqlsushiii/
├── api/ # TypeScript API
│ ├── src/
│ │ ├── routes/ # REST endpoints
│ │ ├── services/ # Business logic
│ │ ├── middleware/ # Auth, rate limiting
│ │ └── utils/ # Helpers
│ ├── prisma/ # Database schema
│ └── package.json
│
├── app/ # Next.js frontend
│ ├── app/ # App router pages
│ │ └── (demo)/ # Demo pages
│ │ ├── admin/ # Admin dashboard
│ │ ├── compliance/ # Compliance center
│ │ ├── auditor/ # Audit interface
│ │ └── demo/ # Public demo
│ ├── components/
│ │ ├── common/ # Shared components
│ │ ├── compliance/ # Compliance widgets
│ │ ├── consent/ # Consent management
│ │ └── demo/ # Demo components
│ ├── lib/ # API client, utilities
│ └── package.json
│
└── README.md # This file
- Frontend: Next.js 14, React 18, TypeScript, TailwindCSS, Shadcn UI
- Backend: Node.js 18, Express, TypeScript, Prisma ORM
- Database: PostgreSQL 15, Redis 7
- Blockchain: Constellation Network, Tessellation SDK, Scala 2.13
- Rich Text: TipTap editor with extensive extensions
- PDF Generation: jsPDF with custom formatting
- Authentication: JWT with refresh tokens
- Constellation Network: https://docs.constellationnetwork.io
- Euclid SDK: https://github.com/Constellation-Labs/euclid-development-environment
- Tessellation: https://github.com/Constellation-Labs/tessellation
- Faucet (IntegrationNet): https://faucet.constellationnetwork.io
- Discord: https://discord.gg/constellationnetwork
MIT License - See LICENSE file for details
✅ Production Ready
- Frontend: Professional UX with advanced policy editor
- API: Fully secured with 222+ tests
- Blockchain: Complete Constellation Network integration
- Compliance: GDPR checklist and dashboard implemented
Last Updated: January 2025