I am working on a dapp project only using Hyperledger Fabric. The situation is, a bank transfers money from account A to account B. This transaction is recorded in the blockchain. The thing is there will be a role similar to a supervisor. I just want the supervisor to know there was such a transaction and know some detail while some other details are hidden to the supervisor. Can HL Fabric achieve this? Or how can I achieve this?
You can use Hyperledger Fabric 'private data collections’ when participants need to transact on the same blockchain, but keep data private to a subset of transactors (and potentially regulators/auditors). Private data is shared peer-to-peer, with hashes stored on the blockchain as evidence so that all peers can validate transactions.
With private data collections, you can keep the entire state private, or make part of the state public, and part of the state private.
See the Fabric private data documentation and a tutorial.
Related
I am using Hyperledger Fabric 2.3. I have added 50+ Orgs in a channel. An Org1 wants to choose Org(i) dynamically to perform a transaction, but transaction details should be visible to only Org1 and Org(i) only.
What are the possible ways to achieve it?
The solution to this kind of scenario is already available in fabric. You can use Private Data Collection(PDC) to keep the transaction data private between the two or more Orgs.
When you have PDC in place the data is shared only among the required Orgs and other Orgs that are not part of that transaction will just hold the transaction hash.
you can refer to this for more details on PDC's
I am trying to design fabric architecture for my organization and not able to find answers to following issue.
There are multiple organizations which will communicate over multiple channels along with private data in each peer of organization. Main organization wants to access all ledger data along with private data. Is there any possible way to get access to all existing ledger as well as private data?
Can someone please help with this.
That main org should be part of every channel in network and as well part of all private data collection, I think that's way to fulfill your requirements
What happens if the ledger is taken out and attached to a new fabric network? especially in the below case
1 Fabric is used for storing confidential data among 3 parties.(via chaincode abac, chaincode multi ownership among 3 parties so there are three ledgers synced)
2 One party(party A) takes out the ledger and setup a new hlf behind and attaches the ledger to the new hlf and changes the chaincode in order to see all the data.......
In this scenario what can be implemented to prevent the party A from seeing the data.....isn't it true that the ledger is taken out so the ledger is just a chuck of file(impossible to function as long as it is not in the original HLF setup(the orginal hlf network.......even ip change blow up all the ledger and setting......).....
Look forward to your replies
For any given peer or orderer that is part of a Fabric "network", some person or entity will inevitably have physical access to the platform on which it is hosted. They will be able to physically read the ledger file(s) as well as the state database(s). So if they are not supposed to have access to the data, then you either need to encrypt the payloads at the application layer or you can use private data collections.
I am trying to implement my composer bna in go chaincode. I want private data feature in the chaincode.
BNA structure:
1 asset
3 participant (Manufacturer, Seller, Consumer)
2 transaction
I successfully created the go chaincode as per above requirement but now I want price information of asset to be private between Manufacturer and Seller.
The documentation states that link
starting in v1.2, Fabric offers the ability to create private data collections, which allow a defined subset of organizations on a channel the ability to endorse, commit, or query private data without having to create a separate channel.
It mentioned subset of organisations
Here I stuck as how to achieve this and what changes will be require in chaincode? What are the possible ways?
Thanks!
Manufacturer, Seller, Consumer should be 3 organization in your business network.
Private data collection distributes based on private data collection policy definition link. So the one who is allowed to persist the data is expressed using the Signature policy syntax. Four roles are supported: member, admin, client, and peer. link
So I think it means, you can create private data between member of 2 Orgs.
It mentioned subset of organisations
This means that private data collection could be created between for example subset (Org1, Org2) in a set of (Org1, Org2, Org3) on the same channel.
Correct me if I am wrong.
I am new to the area of DLTs or "blockchain" and I am trying to create an application on top of Hyperledger Fabric. Before I describe my use case, I need to mention that due to my use case's nature I need a private & permissioned "blockchain" which justifies the choice of Fabric (I am aware of other platforms e.g. Corda, private Ethereum, but Fabric seems to match my use case better).
Use Case
My use case consists of two different types of participants. A number of organizations (which upload and share information about individuals on the distributed ledger) and a client who can query information about an individual.
The client should not be able to see the transactions uploaded by the organizations and will not have write rights on the DL. He has read-only rights. Moreover, the organizations trust each other and there is also a level of trust between them and the client.
Design thoughts
Based on what I've read, I was thinking of creating a DL network that includes all of these parties and use channels which, based on the documentation, can be used to create a grouping among a number of participants (the organizations in my case) thus "hiding" the transactions from the parties which are not included in this group (the client in my case).
However, later I read about chaincode (a.k.a. smart contracts) which:
can be invoked by an application external to the blockchain when that
application needs to interact with the ledger
which confused me since if the "blockchain" can be queried from an external entity, that probably means that the client should not be included in the trusted network.
Am I headed in the wrong direction (design-wise)?
Based on your description, Hyperledger Fabric channels sound like a good solution. You should also familiarise yourself with private data collections, as this is another way of hiding some of the data from some peers. Which option is best for your scenario will depend on how your datasets are structured, and whether you also need to keep the data private from the orderer.
Clients are not part of the network. They query the blockchain by connecting to a peer and then requesting data from that peer. They can then only access the data visible to that peer (which is stored locally by that peer). So, it is not possible for a client to access more data than is available to the peer the client is connected to.
In your example, you would have a "client" organisation, with at least one peer. This peer would be part of the network, and your client application would then connect to it for access to data on the ledger (typically using the Hyperledger Fabric Node SDK).
There are two types of chaincode in Hyperledger Fabric.
User Chaincode (often just referred to as "chaincode") is used to update the ledger for a channel, and is only installed on those peers which require it (i.e. endorsing peers). Since your "client" peer would not be an endorsing peer, it would not have access to the user chaincode for the channel.
System Chaincode which all peers have access to, provides (among other things) an interface to allow queries to be run against the ledger.