CVeri

CVeri —— Resume Verification System

Inspiration

As a group of recent graduates, my teammate, Dylan, and I have been actively searching for job opportunities. However, we've noticed a prevalent issue in today's job market: many candidates exaggerate or even falsify their resumes. This widespread problem creates a challenge for recruiters, who often spend a significant amount of time verifying the authenticity of resumes. As honest job seekers, we frequently face delays in the hiring process because recruiters need to investigate our credentials, causing us to miss out on valuable interview opportunities.

Frustrated by these inefficiencies, we came up with an idea to address this issue: creating a decentralized, transparent, and reliable resume verification solution. By leveraging blockchain technology's immutability and transparency, we aim to build a platform that allows recruiters to quickly verify candidates' credentials while ensuring data integrity and privacy. This vision inspired the creation of CVeri, a system designed to foster trust and efficiency for both recruiters and job seekers.

What it does

CVeri is a decentralized application (DApp) designed to streamline resume verification using blockchain technology. It empowers users to submit their professional experiences, which are securely stored on IPFS (InterPlanetary File System) and referenced on the Polygon blockchain. Authorized certifiers can validate these experiences, adding a layer of credibility, while anyone can check the certification status using a unique verification hash.

Key Features

Submit Resumes: Users input their name and experience details, generating a unique verification hash for verifying and certifying.

IPFS Storage: Data is stored on the Polygon blockchain, with content hosted on IPFS for immutability and transparency.

Experience Certify: Authorized certifiers validate experiences using the provided hash.

Verification System: Any verifier can check an experience’s certification status by entering its hash.

Admin Panel: Administrators can authorize certifiers and add more admins within the system.

How we built it

Frontend: We used Next.js, a React framework, to build a responsive and performant user interface. Tailwind CSS was integrated for rapid UI styling and consistent design across pages. Animations and transitions were added to improve user experience and visual engagement.

Blockchain Infrastructure: The DApp operates on the Polygon Mainnet, chosen for its low transaction fees and high throughput. Our smart contract, written in Solidity, is deployed to the network and handles all core logic, including resume submissions, certifications, and permission management.

Data Storage: We store resume content on IPFS via Pinata, ensuring decentralized, tamper-proof, and permanent data availability. The use of content-addressable storage helps verify data integrity directly through hashes stored on-chain.

Wallet Integration: We use MetaMask for wallet connectivity, account management, and transaction signing. The app includes real-time network checks and prompts users to switch to the Polygon Mainnet if needed.

Challenges we ran into

IPFS-Blockchain Sync: Integrating IPFS-stored data with blockchain references required careful handling of content hashes and smart contract interactions. Ensuring that the IPFS content identifiers (CIDs) were correctly referenced in our smart contracts and that the data remained accessible was a complex process that demanded precision.

Frontend Interact with Blockchain Testing: We needed to successfully test our smart contracts on the Amoy testnet before deploying to the mainnet. However, the network instability of the Amoy testnet, combined with a tight timeline of only 30 hours, introduced significant challenges and uncertainties to our testing process. This made it difficult to ensure consistent and reliable results within the limited timeframe.

Access Control & Role Enforcement Challenges: One of the most significant challenges was implementing secure, fine-grained role-based access control both in our smart contract and the frontend. On-chain, we had to enforce strict permission checks using Solidity mappings for admins and authorizedCertifiers, ensuring only authorized accounts could call critical functions like addAdmin() or addCertifier(). Any mistake could result in irreversible privilege escalation. On the frontend, we needed to reflect role-based access in real-time by fetching a user's role upon wallet connection and updating the UI accordingly. This involved managing React state changes, disabling actions for unauthorized users, and displaying appropriate warnings.

Accomplishments that we're proud of

Efficient Blockchain and IPFS Integration: We strategically stored only lightweight data such as addresses, CIDs, and hashes on the smart contract, while keeping the detailed resume content on IPFS. This approach significantly reduces the gas fees for each contract interaction. Additionally, even if we need to redeploy the contract, the resume data remains intact and accessible via Pinata's API, ensuring data persistence and cost efficiency.

User-Friendly Frontend Optimization: We iteratively refined the frontend UI, addressing numerous potential user pain points. By leveraging Tailwind CSS, we streamlined the design process, creating a visually appealing and responsive interface that enhances usability. Through continuous testing and feedback, we resolved issues that could have hindered the user experience, making the platform intuitive and accessible for all users, regardless of their technical background.

Seamless Online Deployment with Vercel: We deployed our platform online using Vercel, enabling users to access CVeri directly through a browser without needing to clone the GitHub repository or install dependencies locally. This simplifies the user experience significantly. Moreover, we securely stored our database API key and secret as environment variables in Vercel. This not only prevents the exposure of sensitive credentials but also ensures database consistency across different users, facilitating seamless submission, certification, and verification processes.

What we learned

While each of us had prior experience using IPFS, deploying smart contracts, and building frontends with Next.js individually, CVeri marked our first attempt at integrating all these technologies to create a complete DApp. This process was incredibly rewarding and taught us a great deal. We gained deep insights into the integration of the frontend with IPFS and smart contracts, particularly in determining how to structure interactions—deciding when to call smart contract functions and when to upload data to IPFS. This required careful and patient design within a limited timeframe. The time constraints also pushed us to develop more efficient teamwork and collaboration skills, enabling us to work cohesively and deliver under pressure.

What's next for CVeri

Certifier Register: We plan to design a dedicated page for companies or educational institutions to submit applications to become authorized certifiers on our platform. This will allow us to assign certification rights to qualified organizations, ensuring that only credible entities can verify resumes and enhancing the trustworthiness of the system.

Mobile Friendly: Currently, our website is not user-friendly on mobile devices. Our next step is to optimize the mobile experience, potentially by developing a dedicated mobile app. This will make it easier for users to access and manage their verified credentials on the go, improving accessibility and convenience.

Expanded Credentials: We’ll extend support to verify additional credentials, such as certifications, publications, patents, and more, broadening the scope of verifiable information and making CVeri a more comprehensive solution for credential validation.