A decentralized document management system built on the Movement Network that enables secure document upload, sharing, and digital signing with blockchain-based verification and IPFS storage.
The Secure Document Management smart contract provides a robust solution for managing sensitive documents on-chain. Documents are stored as IPFS hashes with metadata tracked on the blockchain, enabling:
- Decentralized Storage: Document content stored on IPFS, metadata on-chain
- Access Control: Owner-controlled permission management for document signers
- Digital Signatures: Blockchain-verified signatures with immutable audit trails
- Fee-Based Uploads: Small upload fee (0.05 MOVE) to prevent spam and abuse
- Event Tracking: Complete audit trail through on-chain events
This system is ideal for applications requiring document verification, such as contracts, agreements, certifications, legal documents, and any scenario where proof of signing is critical.
- Movement CLI installation script (from l1-migration branch)
- Secure Document Contract: Production-ready Move module with tests
- Helper Scripts: Easy commands for deployment and testing
- Project Structure: Standard Move project layout
No prerequisites needed! The installation script will download a prebuilt Movement CLI binary.
- Disk Space: ~50MB for the Movement CLI binary
- Platform: Linux x86_64 (Replit compatible)
- Time: Installation takes ~10 seconds
The installation script downloads a prebuilt Movement CLI binary from the l1-migration branch:
bash scripts/install-cli.shNote: This takes about 10 seconds. The script will attempt to configure your PATH automatically.
Set up your Movement CLI configuration for the testnet:
bash scripts/init.shYou'll be prompted to:
- Select custom network
- Enter REST URL:
https://testnet.movementnetwork.xyz/v1 - Enter Faucet URL:
https://faucet.testnet.movementnetwork.xyz/ - Generate a new private key (or provide your own)
Your configuration will be saved in .movement/config.yaml
.movement/config.yaml to git - it contains your private key!
Get testnet MOVE tokens to pay for transactions:
movement account fund-with-faucet --account defaultCompile the secure document management module:
bash scripts/build.shRun the unit tests:
bash scripts/test.shDeploy your module to the Movement testnet:
movement move publish --named-addresses document_management=defaultTo reduce gas costs (omit debug artifacts):
movement move publish --named-addresses document_management=default --included-artifacts noneNote If movement command fails and the cli is installed. install please run
export PATH="$HOME/bin:$PATH".
├── Move.toml # Move package configuration
├── sources/
│ └── document_management.move # Your Move module
├── scripts/
│ ├── install-cli.sh # Install Movement CLI
│ ├── init.sh # Initialize CLI configuration
│ ├── build.sh # Compile the module
│ ├── test.sh # Run tests
│ └── verify.sh # Verify setup
└── tests/ # Additional test files (optional)
Document Upload
- Store document metadata on-chain with IPFS hash
- Automatic timestamp recording
- 0.05 APT upload fee (prevents spam)
- Unique document ID enforcement
Access Control
- Owner-based permission system
- Granular signer management
- Owner can sign by default
Digital Signatures
- One signature per user per document
- Blockchain-verified signing
- Immutable signature records
Event System
- Upload events with full metadata
- Signature events for audit trails
- Share events for access grants
- upload_document: Upload a new document with metadata and IPFS hash (requires 0.05 MOVE fee)
- add_signer: Grant signing permission to an address (owner only)
- sign_document: Sign a document if you have permission
- get_document: Retrieve complete document details including name, IPFS hash, timestamps, owner, signatures, and allowed signers
- get_document_count: Get total number of uploaded documents
- is_signed_by: Check if a specific address has signed a document
- get_upload_fee: Query the current upload fee
movement move run \
--function-id 'default::secure_docs::upload_document' \
--args string:"Contract Agreement" \
--args string:"QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG" \
--args string:"doc_001"movement move run \
--function-id 'default::secure_docs::add_signer' \
--args string:"doc_001" \
--args address:"0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb1"movement move run \
--function-id 'default::secure_docs::sign_document' \
--args string:"doc_001"Modify sources/document_management.move or add new .move files to the sources/ directory.
Edit Move.toml to change dependencies. The default configuration uses the Aptos Framework.
The Move.toml file uses a placeholder address _ for document_management. When compiling or publishing:
# Use the default profile address
movement move compile --named-addresses document_management=default
# Or specify an explicit address
movement move compile --named-addresses document_management=0xYOUR_ADDRESSTip: Edit Move.toml and set document_management = "0xYOUR_ADDRESS" to avoid using --named-addresses every time.
The contract uses a resource account to manage state independently from the deployer:
- DocState: Stored under the resource account, contains all documents and counters
- ResourceAccountCap: Stored under deployer's address, holds signing capability
- Benefits: Cleaner separation, predictable addresses, better security
Upload fees are collected in the resource account's MOVE balance. This design:
- Prevents spam uploads
- Creates sustainable tokenomics
- Can be withdrawn by admin if needed (extend contract)
Documents store only the IPFS hash on-chain. Off-chain components should:
- Upload document content to IPFS
- Get IPFS hash (e.g.,
QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG) - Call
upload_documentwith the hash - Store the document ID for future reference
Essential Movement CLI commands for working with your contract:
# Check CLI version
movement --version
# Compile module
movement move compile --named-addresses document_management=default
# Run tests
movement move test
# Publish module
movement move publish --named-addresses document_management=default
# Check account balance
movement account list
# Fund account (testnet only)
movement account fund-with-faucet --account default- Only document owners can add signers
- Only allowed signers can sign documents
- Signatures are immutable once recorded
The contract includes comprehensive error checking:
E_NOT_AUTHORIZED: Caller is not the document ownerE_DOCUMENT_NOT_FOUND: Document ID doesn't existE_ALREADY_SIGNED: User already signed this documentE_NOT_ALLOWED_TO_SIGN: User not in allowed signers listE_DOCUMENT_ALREADY_EXISTS: Document ID collisionE_INSUFFICIENT_FUNDS: Not enough APT for upload fee
- Unique Document IDs: Use UUIDs or hash-based IDs
- IPFS Pinning: Ensure documents are pinned for availability
- Key Management: Securely store private keys
- Fee Awareness: Users need at least 0.05 MOVE + gas fees
- Movement Documentation: https://docs.movementnetwork.xyz/
- Movement CLI Guide: https://docs.movementnetwork.xyz/devs/movementcli
- First Move Contract Tutorial: https://docs.movementnetwork.xyz/devs/firstMoveContract
- Movement Testnet Explorer: https://explorer.movementnetwork.xyz/?network=bardock+testnet
- Movement Faucet: https://faucet.movementnetwork.xyz/
- IPFS Documentation: https://docs.ipfs.tech/
- RPC/REST URL: https://testnet.movementnetwork.xyz/v1
- Faucet URL: https://faucet.testnet.movementnetwork.xyz/
- Explorer: https://explorer.movementnetwork.xyz/?network=bardock+testnet
- Chain ID: Check with
movement info
Potential features to add:
- Document revocation
- Multi-signature requirements (N-of-M signing)
- Document expiration dates
- Admin fee withdrawal function
- Document transfer between owners
- Batch operations
- Document categories/tags
Contributions are welcome! Feel free to:
- Report bugs
- Suggest features
- Submit pull requests
- Share your implementations
Join the Movement community and help build the future of decentralized document management!