I did not find a good tutorial or article answering this question so far, maybe you can help. What I want to do is the following:
Peer A in Org 1 calls chaincode, this chaincode has access to data only available in Org 2 and Peer A never gets access to the full information.
I know that Hyperledger Fabric supports private channels and private data, is it possible to achieve this requirement? If yes can you point me in the right direction to do this?
Yes, it is possible. below are the steps to accomplish.
By using private data, you can accomplish your requirements, but little work needed. you an also follow the fabric documentation, i have provided the links here.
The client application submits a proposal request to invoke a chaincode function (reading or writing private data) to endorsing peers which are part of authorized organizations of the collection. The private data, or data used to generate private data in chaincode, is sent in a transient field of the proposal.
The endorsing peers simulate the transaction and store the private data in a transient data store (a temporary storage local to the peer). They distribute the private data, based on the collection policy, to authorized peers via gossip.
The endorsing peer sends the proposal response back to the client with public data, including a hash of the private data key and value. No private data is sent back to the client.
Check this for endorsement: https://hyperledger-fabric.readthedocs.io/en/release-1.4/private-data-arch.html#endorsement
The client application submits the transaction to the ordering service (with hashes of the private data) which gets distributed into blocks as normal. The block with the hashed values is distributed to all the peers. In this way, all peers on the channel can validate transactions with the hashes of the private data in a consistent way, without knowing the actual private data(This is what you need to accomplish).
At block-committal time, authorized peers use the collection policy to determine if they are authorized to have access to the private data(For reading the block data). If they do, they will first check their local transient data store to determine if they have already received the private data at chaincode endorsement time. If not, they will attempt to pull the private data from another peer. Then they will validate the private data against the hashes in the public block and commit the transaction and the block. Upon validation/commit, the private data is moved to their copy of the private state database and private writeset storage. The private data is then deleted from the transient data store.
Resources: https://hyperledger-fabric.readthedocs.io/en/release-1.4/private-data/private-data.html
Related
Let's say I manage a Hyperledger Fabric Network and I have control on the orderer peers of the orderer organization. Is it possible for me to submit data to a PDC of another org, using an orderer peer to do it?
Do the policies of the PDC allow that?
Thanks.
I haven't tried. I'm just curious about that possibility.
TL;DR: No, the orderer nodes cannot insert information into private data collections.
Data to be added to private collections is stored by peers in a transient data store during endorsement. A signed transaction proposal containing the private data is sent by the client to the endorsing peers with no involvement from the orderer.
The endorsed transaction is then sent to the orderer to be committed in a block, but that does not contain the private data. The block containing the transaction is distributed (by the orderer) to peers, which then validate the transaction (including checking it has sufficient peer endorsements) and, if they have access to the private data collection it updates, apply the data from their transient store to the private data collection.
The orderer never sees the private data and cannot insert information into private data collections.
This documentation page provides more detailed information:
https://hyperledger-fabric.readthedocs.io/en/latest/private-data/private-data.html
I want to use implicit private data collection for a private transaction between 2 Organizations.
From the "asset transfer" fabric sample, I understand an Organization can write into the implicit data collection of another Organization.
Can an Organization read the implicit PDC of another Organization in some way?
A user from OrganizationA can in theory read an OrganizationB PDC when calling chaincode on OrganizationB peer. It is the responsibility of OrganizationB to have access control logic in the chaincode running on their peer to indicate which users may read their private data.
In the secured agreement sample, you can see access control that checks that user org matches peer org in the getClientImplicitCollectionName() utility function that is called in most chaincode functions. This ensures that only users from the peer's org can access the peer's private data.
in Fabric, can an asset created in a private data collection be transferred to another private data collection at a later point in time? How is confidentiality/privacy handled here?
Yes, an asset can be transferred from one private data collection to another private data collection. Assuming the chaincode logic retrieves the state of the asset before transferring it, the chaincode would have to be executed and endorsed on a peer that has access to the prior private data collection. The endorsing peer doesn't necessarily need access to the future private data collection (it is up to the chaincode logic to enforce this or not).
Let's say you have a private data collection per organization. Assume there is an asset in OrgA's private data collection. Chaincode can be written with access control logic such that only an OrgA client can transfer the OrgA asset to a private data collection of OrgB. The client would have to send the proposal to an OrgA peer to execute and endorse this transaction.
For more details, see the tutorial that demonstrates transferring private assets across collections.
Is it possible to encrypt the data directly inside the chaincode?
What I'm trying to do is to hide data between participants without using the channels.
For example:
The network have three participants A,B,C
The chaincode holds the public key of B which is used to encrypt the data.
A and C send data to the chaincode which store the data encrypted with the public key of B.
B with his private key can decrypt the data retrieved.
Is this way a secure way to encrypt the data? Could work?
Thanks.
There is a Fabric example for symmetric key encryption, see the doc and an example.
A similar mechanism could also be used for asymmetric encryption as you propose. However you may want to encrypt the data on the client side, and then pass the encrypted data into the chaincode.
Alternatively, you could use the private data feature to pass the private data to peers of authorized organizations. The other organizations would only receive a hash of the private data in the block transaction. For more details see the private data documentation.
Is there any way to copy private data from one collection to another? For e.g. consider a case when you have private data and you are selling it to someone, so it goes into their collection.
The documentation says:
"Collection members may decide to share the private data with other > parties if they get into a dispute or if they want to transfer the asset to a third party. The third party can then compute the hash of the private data and see if it matches the state on the channel ledger, proving that the state existed between the collection members at a certain point in time."
However, I can't seem to find an API to do it.
I think the answer is in this thread link.
The private data collection can be "copied" by updating the collection policy on the chaincode. Which then allow the previously unauthorized member to access it.
After chaincode updating, the private data from your peer can now be distributed to the buyer peer via gossip protocol. Since private data are stored in the private statedb of peers rather than in the blockchain. Only the hash of that data is stored in the blockchain. Then, your buyer need to "compute the hash of the private data and see if it matches the state on the channel ledger" to make sure that you sold him a valid private data.
I hope that I understand it correctly. More detail could be found here link