Hyperledger Fabric

Github logo Edit on GitHub

Requirements for the enterprise uses of blockchain 1:

  • Participants must be identified / identifiable
  • Networks need to be permissioned
  • High transaction throughput performance
  • Low latency of transaction confirmation
  • Privacy and confidentiality of transactions and data pertaining to business transactions

Hyperledger Fabric is an open source enterprise-grade permissioned distributed ledger technology (DLT) platform, designed for use in enterprise contexts, that delivers some key differentiating capabilities over other popular distributed ledger or blockchain platforms.

Differentiating features of HL Fabric:

  1. Open governance: "It has a development community that has grown to over 35 organizations and nearly 200 developers since its earliest commits."

  2. Modular and configurable architecture, enabling innovation, versatility and optimization for a broad range of industry use cases

  3. First distributed ledger platform to support smart contracts authored in general-purpose programming languages such as Java, Go, and Node.JS

  4. Permissioned, meaning that participants are known to each other rather than anonymous and fully untrusted. This means that while the participants may not fully trust one another, a network can be operated under a governance model that is built off of what trust does exist between participants, such as a legal agreement or framework for handling disputes

  5. Pluggable consensus protocols

  6. Do not require native cryptocurrency

Modular components of Fabric:

  • A pluggable ordering service, which establishes consensus on the order of transactions and then broadcasts blocks to peers
  • A pluggable membership service provider, which is responsible for associating entities in the network with cryptographic identities.
  • An optional peer-to-peer gossip service for disseminating the blocks output by ordering service to other peers
  • Smart contracts (i.e., chain code) run within container environment for isolation. They do not have direct access to the ledger state.
  • The ledger can be configured to support a variety of DBMSs
  • A pluggable endorsement and validation policy enforcement that can be independently configured per application.

A permissioned blockchain provides a way to secure the interactions among a group of entities that have a common goal but which may not fully trust each other.

...

Additionally, in such a permissioned context, the risk of a participant intentionally introducing malicious code through a smart contract is diminished. First, the participants are known to one another and all actions, whether submitting application transactions, modifying the configuration of the network or deploying a smart contract are recorded on the blockchain following an endorsement policy that was established for the network and relevant transaction type. Rather than being completely anonymous, the guilty party can be easily identified and the incident handled in accordance with the terms of the governance model.

Three key points that apply to smart contracts, especially when applied to a platform:

  • Many contracts run concurrently in the network
  • Contracts may be deployed dynamically (maybe by anyone)
  • Application code should be treated as untrusted, potentially even malicious

Fabric introduces a new architecture for transactions called execute-order-validate. This architecture separates the transaction flow into three steps:

  1. Execute a transaction and check its correctness, thereby endorsing it
  2. Order transactions via a pluggable consensus protocol
  3. Validate transactions against an application-specific endorsement policy before committing them to the ledger

Application-specific endorsement policies specify which peer nodes, or how many of them, need to vouch for the correct execution fo a given smart contract. Thus, each transaction need only be executed (endorsed) by the subset of the peer nodes necessary to satisfy the transaction's endorsement policy.

Examples why confidentiality is important in business / enterprise use cases:

For example, in a network of supply-chain partners, some consumers might be given preferred rates as a means of either solidifying a relationship, or promoting additional sales. If every participant can see every contract and transaction, it becomes impossible to maintain such business relationships in a completely transparent network — everyone will want the preferred rates!

As a second example, consider the securities industry, where a trader building a position (or disposing of one) would not want her competitors to know of this, or else they will seek to get in on the game, weakening the trader’s gambit.

Limitations of the existing confidentiality techniques:

  1. Encryption: "In a permissionless network leveraging PoW for its consensus, the encrypted data is sitting on every node. Given enough time and computational resource, the encryption could be broken."
  2. Zero Knowledge Proofs (ZKP): "Computing a ZKP requires considerable time and computational resources. Hence, the trade-off in this case is performance for confidentiality."

Fabric enables confidentiality through its channel architecture and private data feature:

  • In channels, participants on a Fabric network establish a sub-network where every member has visibility to a particular set of transactions. Thus, only those nodes that participate in a channel have access to the smart contract (chaincode) and data transacted, preserving the privacy and confidentiality of both.
  • Private data allows collections between members on a channel, allowing much of the same protection as channels without the maintenance overhead of creating and maintaining a separate channel.

Fabric is used to keep track of assets.

Assets can range from the tangible (real estate and hardware) to the intangible (contracts and intellectual property). Hyperledger Fabric provides the ability to modify assets using chaincode transactions.

Assets are represented in Hyperledger Fabric as a collection of key-value pairs, with state changes recorded as transactions on a Channel ledger.

Assets can be represented in binary and / or JSON form.

Chaincode is the software that is used to defined and interact with assets

Chaincode is software defining an asset of assets. Transactions are instructions for modifying assets.

Chaincode enforces the rules for reading or altering key-value pairs or other state database information.

Chaincode functions execute against the ledger's current state database and are initiated through a transaction proposal.

The Fabric ledger, as other distributed ledgers, is the sequenced, tamper-resistant record of all state transactions in the Fabric. Each Fabric channel has one ledger. Each member of the channel holds a copy of the ledger.

Feature of a Fabric ledger include:

  • Query and update ledger using key-based lookups, range queries, and composite key queries
  • Read-only queries using a rich query language
  • Read-only history queries (query ledger history for a key, enabling data provenance scenarios)
  • Transactions consists of the versions of keys/values that were read in chaincode (read set) and the keys/values that were written in the chaincode (write set)
  • Transactions contains signature of every endorsing peer and are submitted to ordering service
  • Transactions are ordered into blocks and are delivered from an ordering service to peers on a channel
  • Peers validate transactions against endorsement policies and enforce the policies
  • Prior to appending a block, a versioning check is performed to ensure that states for assets that were read have not changed sicne chaincode execution time
  • There is immutability once a transaction is validated and committed.
  • A channel's ledger contains a configuration block defining policies, access control lists, and other pertinent information.
  • Channels contain membership service provider instances allowing for crypto materials to be derived from different certificate authorities.

Consensus is defined as the full-circle verification of the correctness of a set of transactions comprising a block.

Consensus is achieved ultimaetly when the order and results of a block's transactions have met the explicit policy criteria checks.

A blockchain network is a technical infrastructure that provides ledger and smart contract (chaincode) services to applications

Primarily, smart contracts are used to generate transactions which are subsequently distributed to every peer node in the network where they are immutably recorded on their copy of the ledger.

A Fabric network is formed when an orderer is started.

Certificate Authority (CA) plays a key role in a Fabric network because it dispenses X.509 certificates that can be used to identify components as belonging to an organisation. These certificates can be ued to sign transactions to indicate that an organization endorses the transaction result.

  • There is usually more than one CA supporting a blockchain network
  • The mapping of certificates to member organizations is achieved by a structure called Membership Services Provider. Essentially, CA tells that this public key belongs to this particular member in real life. The membership service provider tells how certificates are mapped into organisations in a blockchain network.

There’s a resource, the network N, accessed by a set of users defined by a Certificate Authority CA4, who have a set of rights over the resources in the network N as described by policies contained inside a network configuration NC4. All of this is made real when we configure and start the ordering service node O4.

Consortium: a group with a shared destiny.

A consortium defines the set of organizations in the network who share a need to transact with one another, in this case R1 and R2.

======= Smart contracts:

To support the consistent update of information — and to enable a whole host of ledger functions (transacting, querying, etc) — a blockchain network uses smart contracts to provide controlled access to the ledger.

Smart contracts are not only a key mechanism for encapsulating information and keeping it simple across the network, they can also be written to allow participants to execute certain aspects of transactions automatically.

While it is jarring at first, to think about it, the way Fabric defines smart contracts is also very reasonable. The UTXO model itself, for instance, is a smart contract that is shared between every participant who trades bitcoin, so the idea that every consistent update of information on the ledger happens via smart contracts is not wrong.

Consensus:

The process of keeping the ledger transactions synchronized across the network — to ensure that ledgers update only when transactions are approved by the appropriate participants, and that when ledgers do update, they update with the same transactions in the same order — is called consensus.

Pre-blockchain systems of record

The members of a business networktransact with each other, but they maintain separate records of their transactions. And the things they’re transacting — whether it’s Flemish tapestries in the 16th century or the securities of today — must have their provenance established each time they’re sold to ensure that the business selling an item possesses a chain of title verifying their ownership of it.

...

  • Unified systems for managing the identity of network participants do not exist,

  • establishing provenance is so laborious it takes days to clear securities transactions (the world volume of which is numbered in the many trillions of dollars),

  • contracts must be signed and executed manually, and

  • every database in the system contains unique information and therefore represents a single point of failure.

Blockchain-based systems of record:

What if, instead of the rat’s nest of inefficiencies represented by the “modern” system of transactions, business networks had standard methods for establishing identity on the network, executing transactions, and storing data? What if establishing the provenance of an asset could be determined by looking through a list of transactions that, once written, cannot be changed, and can therefore be trusted?

In addition to ledger information being shared, the processes which update the ledger are also shared.

Fabric ledger comprises two components:

  • The world state is the database of the ledger that describes the state of the ledger at a given point in time.
  • The transaction log component records all transactions which have resulted in the current value of the world state; it's the update history for the world state.
  1. Hyperledger Fabric Documentations
Previous
Blockchain for Software Engineering
Next
Design Patterns of Blockchain Applications