I want to know whether Hyperledger composer SDKs (Node JS) out of the box provides any encryption over transaction data.
Let's assume that if I am writing following transaction to the Hyperledger Fabric through a following composer terminal command,
composer transaction submit -c admin#tutorial-network -d '{"$class":"net.biz.digitalPropertyNetwork.RegisterPropertyForSale","transactionId":"TRANSACTION_001","seller":"mae#biznet.org","title":"TITLE_001"}'
or submitting trasaction through hyperledger composer SDK as in following code snippet (extracted from : https://hyperledger.github.io/composer/v0.19/reference/composer.transaction.submit.html)
const TransactionSubmit = require('composer-cli').Transaction.Submit;
let options = {
card: 'admin#tutorial-network',
data: '{"$class":"net.biz.digitalPropertyNetwork.RegisterPropertyForSale","transactionId":"TRANSACTION_001","seller":"mae#biznet.org","title":"TITLE_001"}'
};
TransactionSubmit.handler(options);
I can see that card value (admin#tutorial-network) is provided in both of above cases. And I can also understand that card contains necessary details to properly authorize access to the smart contract (in this case, RegisterPropertyForSale) too.
The problem is, when we send transactions to hyperledger fabric (fabric peers) for processing, do they send in an encrypted form and signed by the card? or are they just sent in plain text format?
Fabric transactions are not encrypted; they are of course signed.
All of the SDKs sign the message using the private key associated with the client identity (including the identity cards used by Composer).
Encrypting the data in the transaction is left to the user. Note that if you do encrypt the data, then every peer which will endorse the chaincode / smart contract must have access to the encryption/decryption key. It's also possible to pass this in via the transient data field in the transaction message. You'd need to do this directly via the SDK as this is not built-in to the Composer client.
Related
Hyperledger has this wallet thing where a set of user identities are stored. I am trying to understand if this concept of wallet in Hyperledger is the same as the one used in Metamask. For example, when you want to use a dApp, you need to have Metamask extension installed in a chrome browser. Then the dApp use your Metamask address to identify you. How does that relate to Hyperledger wallet?
In case Hyperledger Fabric, the user/client application have to do two steps to commit a transaction to the blockchain ledger.
Get transaction endorsements from enough number of peers
Send the endorsed transaction to orderer to get the transaction included in a block.
The user has to sign these transaction endorsement and ordering proposal before sending to peers/orderer. The wallet stores the private key and certificate of the user for this signing purpose. This way, client authenticates the requests to peers/orderers. Usually, wallet is managed using the application SDKs. Refer HLF Node SDK wallet documentation for more details.
HLF official documentation of wallet.
In Hyperledger ledger, how could I list endorsing peers of a specific chaincode?
I have a channel with 5 peers but I need that only three of them endorse a transaction while the other two need only to access to same ledger.
You can use the discovery service to get the endorsing peer. Here you can find some information:
https://hyperledger-fabric.readthedocs.io/en/latest/discovery-overview.html
Hyperledger fabric has a CLI tool to query the discovery service:
https://hyperledger-fabric.readthedocs.io/en/latest/discovery-cli.html
For node.js applications, you can follow the tutorial here:
https://hyperledger.github.io/fabric-sdk-node/release-1.4/tutorial-discovery.html
With the latest Fabric Client SDKs (personally using GO client), you don't need to deal with endorsement policies. Client SDK already does this dirty work for you. It extracts:
Which organizations' endorsements are required for this chaincode, key (key level endorsement policy can be defined as well), etc.
Which peers currently exist in the system and what are their MSPs (from discovery service).
According to these information, client SDK builds a set of necessary peers then sends your transaction request to all. It waits response from requested endorsers. Once it collects all responses, it sends to orderer and so on.
If you have a special case which you need to manually set endorsing peers of your choice (I had one use case about private collections so I had to use this approach) check out discovery service API of your client SDK.
I am building a hyperledger fabric blockchain application where several users interact. It seems to be working. Using hyperledger explorer I can also view the blocks and transactions in the blockchain.
However, it is not clear to me how to see get the transaction history for 1 user (based on his / her identity key)?
Basically, like for a customer of a bank, I would like to get only the transactions relevant to a particular user to provide him/her with a transaction overview.
Is there a tool for this? Is it integrated into Fabric?
There are several different ways to go about this.
On-chain: You'd write a chaincode function to return the corresponding transactions. To do this you need to keep track of each user's submitted transactions by storing the transaction UUIDs in the chaincode state (stub.PutState). With stub.getState you can later retrieve the state and return the transaction list. (inspired by this StackOverflow answer)
Peer SDK: As far as chaincode-independent transaction history goes I'm not aware of any API calls that support this. You can only get a transaction by its UUID.
Off-chain: Since you're already using Hyperledger Explorer, you should have a Postgres database containing indexed transaction data. You can query the transactions table from your application by filtering for the creator_id_bytes. Since Hyperledger Explorer needs to fetch new transactions from the peer first, there is some additional latency with this approach compared to 1/2.
Does Hyperledger Fabric support possibility to create a cryptocurrency like well know Bitcoin/Ethereum?
I don't mean tokens which I can implement by chaincode.
You can implement any business logic by using Hyperledger Fabric chaincode, which essentially a simple program. Chaincode manages ledger state by operation on transactions submitted by application and ensure to have it consistent across network peers.
Hyperledger Fabric currently supports chaincodes written in Go, while in a future will be added support for nodeJS and Java. Chaincode interface defined as following:
// Chaincode interface must be implemented by all chaincodes. The fabric runs
// the transactions by calling these functions as specified.
type Chaincode interface {
// Init is called during Instantiate transaction after the chaincode container
// has been established for the first time, allowing the chaincode to
// initialize its internal data
Init(stub ChaincodeStubInterface) pb.Response
// Invoke is called to update or query the ledger in a proposal transaction.
// Updated state variables are not committed to the ledger until the
// transaction is committed.
Invoke(stub ChaincodeStubInterface) pb.Response
}
So you can implement your cryptocurrency into chaincode. To get an inspiration on how you can implement it, you might want to take a look on following demo application of balance-transfer.
There is a Token feature in the alpha release of 2.0, you can check it out: https://hyperledger-fabric.readthedocs.io/en/latest/whatsnew.html#fabtoken
Also check here for
Can we create non-fungible tokens with Hyperledger?
The platform-neutral Token Taxonomy Initiative overseen by the Enterprise Ethereum Alliance (EEA) has announced the publication of the Token Taxonomy Framework (TTF) V 1.0, which enables businesses and developers to universally understand and define what a token is in non-technical terms, regardless of how it is implemented.
I have a question on participants in the composer. We have API to add participants to the network and I have seen in some samples we add those participants using the API using the connection profile of an Admin. When you are forming the network for real use case and especially in v1.0 and also I have seen in the HSBN service, you have to invite participants to the network and they can join and it automatically creates the peers for those participants. How do you map those participants to the participants in composer model. Are you still expected to create the participants in the ledger using the composer SDK. In v1.0 and even 0.6, when you add a participants, it provides an enrollment id. How do you map that with the participant information that you create in the ledger using the composer API to the enrolled participants in the ledger. Also when you add the participants in the ledger, is it really registering the participants ?
Composer participants are modeled entities in the business network, whereas Hyperledger Fabric members are really represented by ECerts (enrollment certificates) used to access the Fabric.
So, each Fabric member can access the Fabric using their own certificate. Composer allows you to map an ECert to a Composer participant using an encrypted attribute in the ECert. This allows Composer to know what participant is performing an action, and to apply appropriate access control.
You should use the Composer APIs to create a participant, and then issue an identity for that participant. The act of issuing an identity will create an ECert with the appropriate encrypted attribute to map the ECert to the participant id. If you want to break that link you can revoke the identity for the participant using Composer APIs.
Doc links:
https://fabric-composer.github.io/managing/participant-add.html
https://fabric-composer.github.io/managing/identity-issue.html
https://fabric-composer.github.io/managing/identity-revoke.html