Even with a straightforward login use‑case, real‑world business constraints turn “just add 2FA” into a minefield.
The technology landscape in 2018 presented limited viable options. Public blockchain networks with Proof-of-Work consensus were both energy-intensive and cost-prohibitive for sustained enterprise operation. Intel SGX offered a pragmatic starting point – hardware-secured execution with reasonable operational costs, despite the inherent vendor dependency.
This calculated trade-off prioritized rapid market entry while maintaining a migration path to more open alternatives as the ecosystem matured.
Classic 2FA servers live in one data‑centre; a single breach or outage can lock out every user.
The platform had to pass independent security audits and meet Kazakhstan data‑residency rules so it could later be offered to government buyers.
The idea started as a blockchain‑notary demo at Reactor.ua. Spotting real demand, we turned it into a convincing blueprint and pitch for a full 2FA engine within one week—showing the client it could be delivered with ease.
Target customers still use SOAP through the ShEP gateway; we had to plug in without forcing them to rewrite their stack.
These hurdles shaped the blueprint for a lean, blockchain‑backed 2FA platform that fixes them once and for all.
Outcome: a vendor‑agnostic, high‑performance platform that stays cheap to run and plugs into legacy government stacks without code rewrites.
| Nodes | API Accept TPS* | Blockchain Commit TPS** | Avg Latency |
|---|---|---|---|
| 4 | 1 250 | ≈ 60 | 1.8 s |
| 8 | 850 | ≈ 80 | 1.5 s |
(TPS – transactions per second.)
* – API Accept TPS – rate of batch acceptance via REST API
** – Blockchain Commit TPS – actual transaction finality rate
Optimal batch size: 100‑200 tx per request.
OPEX per auth ≈ $0.0027 (8 × €10 Hetzner nodes ≈ 30 k logins / month) after PBFT migration.
Take‑away: Beats the 50 TPS & < 2 s latency targets while staying 70 % cheaper than SGX hosting.
A quick snapshot of the concrete, business‑level wins already achieved:
Signed with the client in Feb 2018, moving from prototype to paid engagement within 30 days.
Over 1 k active users protected from day one; UX and capacity tuned for steady growth.
Pay‑per‑auth SaaS model (~$0.04 per login) delivers predictable B2G income.
Passed full government security audit; 0 security incidents since launch.
Confirmed 99.98 % SLA via external monitoring over 12 months.
Architecture supports new auth channels & white‑label roll‑outs without downtime.
Together, these numbers show a secure, revenue‑positive platform with room to scale and evolve alongside client needs.
Below is the distilled tech stack that keeps the platform performant yet easy to operate. All components are open‑source, battle‑tested, and can be deployed on‑prem or in any cloud.
* – PBFT (Practical Byzantine Fault Tolerance) lets the cluster confirm transactions even if up to one‑third of the nodes fail or act maliciously. It gives us sub‑2 second finality without the heavy energy cost of Proof‑of‑Work. Learn more
Take‑away: the backbone is fully containerised, fault‑tolerant, and DevOps‑friendly — new auth channels or extra nodes spin up in minutes, not days.
Logical architecture of the 2FA platform: native clients → 2FA API → message queue → delivery channels → PBFT cluster → admin portal.
We navigate strict compliance, legacy tech & high‑stakes audits.
4‑month MVP path proved in production.
Deep distributed‑systems know‑how & performance tuning playbook.
Angular
Docker
FCM
Java
JavaScript
Kotlin
MongoDB
Nginx
Redis
UX/UISpecialties: Blockchain Development • Conceptualization • Development • Integrations • Mobile Development • Product Development • Project Management • UX & UI Design
All Cases 
