Im fairly new to the hyperledger scene and i'm doing a research project regarding DLT apps. In the scenario i'm researching it would be preferred for two parties to be able to sign a contract. I know this is possible in the raw hyperledger SDK in the form of signed chaincode but i would also like to make use of the modelling language end ease of composer.
My question:
is it possible to generate, sign, deploy, instantie and call chaincode from within composer apps? If not what would be an alternative solution for doing so within composer? I'm thinking about defining a contract model but i'm not sure how to make sure both parties sign and attain ownership of said contract 'asset'; considering the nature of assets on the ledger.
Thanks in advance.
If you model a signature transaction, then your transaction processor function can consider your contract asset "signed" when it has 2 signatures, each submitted by different participants to the contract.
E.g. something like (not tested):
asset Contract {
Participant[] parties
Participant[] signatories
}
transaction Signature {
--> Contract contract
}
Pseudo code for TP function:
When a Signature is received, if the currentParticipant() is in the set of parties for the contract, and is not in the signatories, then add them to the signatories.
A contract is signed when all elements in the parties array are also in the signatories array.
Related
Let me know if I am on the right train of thought. I'm currently building a dapp that will be based on my own parachain, and I was wondering if by adding this pallet, it would be a way to allow users in my dapp to pay for membership.
Obviously I would have to have some extrinsic functions that are exposed through my dapp so that when they click and pay for membership, in the runtime, the membership pallet will add that user as a member. Can anyone confirm my thoughts on this?
This leads up to another question. Should I just create a smart contract to handle membership logic and deploy it on edgeware or some other parachain that already exists?
obviously I would have to have some extrinsic functions that are exposed through my dapp so that when they click and pay for membership, in the runtime, the membership pallet will add that user as a member. Can anyone confirm my thoughts on this?
You can easily do this. pallet_membership is just a container for members. As you will find in the pallet_membership::Config, there are special origins that can be defined as those who have the authority to add or remove a member.
You need a new pallet that will handle the payment to join new members. Let's call this pallet_membership_payment. Once pallet_membership_payment has received the correct payment, it can call into pallet_membership::add_member with whatever origin is required to satisfy it. Not that even if the origin requirement of add_member is EnsureRoot, pallet_membership_payment can still practically get over it, if it is coded as such.
Should I just create a smart contract to handle membership logic and deploy it on edgeware or some other parachain that already exists.
The answer to this really depends on how much further logic does your application have next to handling this membership via fees. Also, it depends on the smart contract payment model (end user pays the fees) works for you If this is it, then it is pretty simple. You might have an easier time in a smart contract model. But, if you need certain optimisations, less fees, more performance etc. you will probably have to consider being your own (para)chain.
In the Hyperledger Fabric Docs, while reading about private data collections I came accross this sentence regarding memberReadOnly:
Utilize a value of false if you would like to encode more granular access control within individual chaincode functions.
If I understand this correctly, this allows me to code into the smart contract specifications that will allow me to limit control to eg. specific clients of one organization instead of all peers of member organizations.
If that is so, I am curious as to how this can be done in the contract. Is there a specific way to handle access control or is it at my own discretion to write code that will enforce it? If you can provide me with any examples it would be very helpful.
To clarify what I mean, I come from Ethereum and what I am essentially asking is whether there is something like the require method in solidity, or would I just use a simple if.
Thanks for any help. If you close question for wrong site, please point me to the right place as I have not been able to find somewhere more relevant.
You didn't understand correctly.
Setting this value (memberOnlyRead) to true means that if a client sends a proposal to a peer, and the client is not in the collection, then if the peer is in the collection and has access to the data - it will refuse with an error automatically no matter the smart contract says.
If it's false, then the peer won't enforce such a thing, and then you have more freedom to code any access control logic you want for the clients.
I'm working with Hyperledger Fabric, and developing Chaincode in Golang. I have the following use case and am not sure how to implement this in Fabric.
Suppose i have Bank1, Bank2, and Bank3 peer organizations. I want to design a system where they each store Client information (where client is a bank account holder). Typically, I wouldn't want Bank2 to have acess to Bank1's clients -- but if the client invokes a certain function call somehow, bank2 should be able to fetch that client's information over from bank1 (given all banks share a channel)
How can I achieve something like this in chaincode?
I've looked at ABAC, im not sure how i can update the attribute of an org to allow access to a specific client based on them having taken an action
Thank You
One solution could be to have private information outside of blockchain, and enable each bank to query it's private information by an API, directly from your chaincode, and have a shared channel among all the banks that share information through chaincode calls. Of course all APIs must be secured to be only queryble by it's own bank.
Another solution without having to implement things out of your blockchain would be to use private data collections, which is an improvement made to Fabric in version 1.2. More information here: https://hyperledger-fabric.readthedocs.io/en/release-1.2/private-data/private-data.html
Update:
Is it safe to call external apis from the chaincode? How would I maintain secret keys/tokens?
Yep, it's safe as far as you secure your communications and your endpoints. An easy solution would be to have your node and your private data store inside the same network, inside a firewall. In that way you wouldn't have to worry about security inside your applications.
To implement this using Private Data, is it possible to maybe have an array of strings which are identifiers for the banks in the Client struct, and the client can invoke functions to allow more banks, and when banks try to query a Client the code checks that array if the bank's identifier is included there or not?
It seems to me that you are in the right direction, but I would implement it as a JSON file, more than an array with access rules, stating that for BankA, BankB has access to this and that functions and so on, and also you can set levels of visibility in the information, and then implement the logic that reads and uses that config in your chaincode. In production, each node will have to have its own config file, but for development you can have a single config file with all the rules.
Update 2:
Is it possible for someone from an organization to 'query' the ledger or read it's state directly and NOT through the chaincode?
Short answer: yes, it is possible. Whatever gets written in the blockchain, would be readable by administrators of peers, and anybody who has control over private keys. BUT here is where architecture comes into play: if you don't need something written in the blockchain, just don't write it. It depends on what you want the blockchain for. If it's just to attest that an information has been shared, just save the necessary information: 'bankA shared info about userB with bankC'. The actual info doesn't have to be saved in the blockchain. If you need to have the info in the blockchain and you want to keep it private, I think the best solution is using private data collections, and be awared that in fact private data is not subject to consensus, because private data gets saved in a side DB only in the peers/organizations involved in the private transaction, not in every peer.
I would like to retrieve all transactions from the Hyperledger fabric netwrok for assurance. Please guide me to how retrieve transactions from all the peers to validate and completness of the transactions ?
Thanks in advance.
I think it depends on your business requirement. For audit purpose, it's more likely you want to know transactions about a specific asset(key/value). You can query history of a specific key using the GetHistoryForKey() shim API. A transactionId is contained in the response. Then you can query the detail by the transactionId.
In addition, there are some query apis provided from the Fabric SDKS. For instance, the NodeSDK. In the Channel class, there are a bunch of apis like queryInfo, queryBlockByID, queryBlock, and queryTransaction etc. The fabcar sample provides some NodeJS code you can follow up to create your own queries.
Finally, you can also inspect the ledgers (file based) directly from peer node. By default the path is /var/hyperledger/production/ledgersData/chains, within which there are ledger files per channel. To inspect the files, you may need to investigate the FileLedger impl. With some initialization work, you can inspect every block, the hash, the transactions and the Read/Write sets in detail. Hope this is helpful to you.
I'm looking at knowing, In order to update a asset,
When should I need to write Transaction in lib/script.js
vs.
when should I be using composer-client code using bizNetworkConnection.getAssetRegistry?
I see that I cant use the feature of event emission in later case, Is there any other reason why I should be using it?
Please help me know.
The important thing about writing a Transaction is that it becomes part of the Agreed Smart Contract. So the creation of one or more assets or participants in the same transaction with the associated logic is agreed. This Transaction is a class and can have a specific ACL rule associated with it (also in the smart contract), whereas if you use composer-client you would add individual assets or participants using a generic system transaction AddAsset or AddParticipant.
So writing your code in a Transaction provides a 'better' Blockchain app with a stronger Smart Contract and improved security.