OpenShift Commons Paris - Choose Your Own Observability Adventure
Â
Blockchain - HyperLedger Fabric
1. đ=1
đ
đ(đ) =
3
đđđ đ3 đ2 đ 3D
BlockChain
HyperLedger Fabric
ARAF KARSH HAMID
Co-Founder / CTO
MetaMagic Global Inc., NJ, USA
@arafkarsh
arafkarsh
World Blockchain Technology Conclave
Bangalore, March 22 â 23, 2018
2. Agenda
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
2
1. Why do we need Blockchain?
o Problem Statement
o How Blockchain solves this problem
o Business Requirement
o Distributed Ledger
o HyperLedger Fabric
1 4. Fabric Internals
o Transaction Flow
3
6. Summary
o Ethereum Vs. Fabric
o Blockchain Benefits
o References
4U HyperLedger Architecture
o Fabric Key Components
o Microservices Architecture
o 3 Components of Fabric
o Fabric Models (Assets, Chaincode..)
o Fabric Channels
o Gossip Protocol
2
3. Problem Statement
3/23/2018 3
1
Customer A
Records
Insurer
Records
Bank
Records
Regulators
Records
Auditors
Records
Merchant A
Records
Expensive, Vulnerable & Inefficient
Source:BuildingBlockchainAppsforNode.JSdevelopers
withHyperLedgerComposerâSimonStoneIBM
4. How Blockchain Solves this ProblemâŚ
3/23/2018 4
1
Customer A
Records
Insurer
Records
Bank
Records
Regulators
Records
Auditors
Records
Merchant A
Records
Blockchain Ledger
A shared, replicated, permissioned ledger
ďź Consensus
ďź Immutability
ďź Provenance
ďź Finality
Source: Building Blockchain Apps for Node.JS developers with HyperLedger Composer â Simon Stone IBM
5. Business Requirements
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
5
Shared Ledger
Append only
immutable
database
shared across
the business
network.
Business logic
is embedded
within the
database and
executed to
validate and
store the
transactions.
Smart Contract
Transactions are
secure,
authenticated
and access
controls are
enabled for
granular access.Privacy Trust
All the
transactions
are verified
and endorsed
by the trusted
relevant
parties
1
6. Properties of a Distributed Ledger
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
6
o Decentralized, replicated across many
participants, each of whom collaborate in
its maintenance.
o Information recorded is append-only.
Immutable.
o Immutability makes it simple to
determine the provenance of the
information.
o These properties makes it called as
âSystems of Proofâ
1 - - - - - - - - - - - n
1
7. How it differs from Bitcoin
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
7
1
HyperLedger Fabric Bitcoin
Provides Identity Anonymity
Selective Endorsement Proof of Work
Assets Cryptocurrency
Bitcoin is a specific implementation of Blockchain technology
8. HyperLedger Fabric Key Features
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
8
1
Source: http://hyperledger-fabric.readthedocs.io/en/latest/functionalities.html
o It is private and permission based
o Members of HyperLedger Fabric enrolls
thru MSP - Membership Service
Provider
o Different MSPs are supported
o Ledger data can be stored in multiple
formats.
o Consensus mechanisms can be
switched in and out
o Ability to create channels - Allowing a
group of participants to create a
separate ledger of transactions.
o Provides Membership Identity
Service that manages User IDs
and authenticates all participants
on the network.
o Access control lists can be used
to Provide additional layers of
permission.
o A Specific user ID could be
permitted to invoke a Chaincode
application but blocked from
deploying a Chaincode.
Identity Management
9. HyperLedger Fabric Key Features
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
9
1
Source: http://hyperledger-fabric.readthedocs.io/en/latest/functionalities.html
o Transaction execution is
separated from
transaction ordering and
commitment.
o Division of labor un
burdens ordering nodes
from the demands of
transaction execution and
ledger maintenance,
o while peer nodes are
freed from ordering
(consensus) workloads.
Efficient Processing
o Chaincode Applications
encode logic that is
invoked by specific
types of transactions on
the channel.
o System Chaincode is
distinguish as
Chaincode that defines
operating params for
the entire channel.
Chaincode Functionality
o Private channels are
restricted messaging paths
that can be used to provide
transaction privacy and
confidentiality for specific
subset of network members.
o All data including transaction,
member and channel
information, on a channel are
invisible and inaccessible to
any network members not
explicitly access to that
channel.
Privacy & Confidentiality
10. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
10
HyperLedger Fabric
Deployment Model
Customer A
Application
Merchant B
Application
Bank
Application
Insurer
Application
RESTful Services (SDK Java, Node.JS..)
HyperLedger Fabric â Endorser / Committer / Submitter
Smart Contracts (Chaincode) â Programmable Ledger
Persistence Layer - Ledger
External Integration
GetPut
Blockchain
Tx Tx Tx Tx Tx
Events
CouchDB
Block
Cached
State
History, Tx
Peer
2
Gossip Protocol for P2P Communication
CA
Registration of
identities.
Orderer
Verifies and
Creates Blocks
11. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
1111
Monolithic / Micro Services Architecture
Traditional Monolithic App using
Single Technology Stack
Micro Services with Multiple Technology Stack
Event Stream
API Gateway (Zuul Edge Server)
Load Balancer (Ribbon)
Circuit Breaker (Hysterix)
Service Discovery (Eureka)
Load Balancer (Ribbon)
Circuit Breaker (Hysterix)
Load Balancer (Ribbon)
Circuit Breaker (Hysterix)
UI Layer
Web Services
Business Logic
Database Layer
Database
UI Layer
Web Services
Business Logic
Database Layer
Micro
Service
1
EE 7
Container
UI Layer
Web Services
Business Logic
Database Layer
Micro
Service
2
Container
SE 8
UI Layer
Web Services
Business Logic
Database Layer
Micro
Service
4
Container
UI Layer
Web Services
Business Logic
Database Layer
Micro
Service
3
Container
2
12. 3 Components of Fabric
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
12
2
o Registration of identities, or
connects to LDAP as the
user registry
o Issuance of Enrollment
Certificates (ECerts)
o Certificate renewal and
revocation
o Every Single operation
MUST be signed with a
Certificate.
o Certificates are per user.
Certificate Authority
o Before anything is committed to
the Ledger it must pass thru
Orderer Service.
o Provides Order of
Transactions.
o It creates the Blocks for the
Blockchain.
o Block size can be based on no.
of transactions and / or timeout
value.
o Orderer in two modes - Solo for
the Dev environment and Kafka
for the Production environment.
Orderer
o Can update or Query the
ledger.
o One Peer can be part of
multiple channels.
o Peer Endorse the
transaction.
o All the Peers find each other
and synchronizes
automatically.
o Peer manages the Ledger
which consists of the
Transaction Log (Blockchain)
and World State.
o Peer has two roles
Endorser and Committer.
Peer
Source: http://hyperledger-fabric-ca.readthedocs.io/en/latest/users-guide.html
13. HyperLedger Fabric Model â Assets / Chaincode
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
13
2
o The exchange of almost anything with monetary value over the network, from whole foods
to antique cars to currency futures.
o Represented as a collection of key-value pairs, with state changes recorded as transactions
on a Channel ledger.
o Assets can be represented in binary and/or JSON form.
Assets
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/fabric_model.html
o It defines an asset or assets, and the transaction instructions for modifying the asset(s). Its the
business logic.
o It enforces the rules for reading or altering key value pairs or other state database information.
o It execute against the ledgerâs current state database & are initiated through a transaction proposal.
o Itâs execution results in a set of key value writes (write set) that can be submitted to the network
and applied to the ledger on all peers.
Chaincode / Smart Contract
14. HyperLedger Fabric â Ledger
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
14
2
o The ledger is the sequenced, tamper-resistant record of all state
transitions in the fabric.
o State transitions are a result of Chaincode invocations
(âtransactionsâ) submitted by participating parties.
o Each transaction results in a set of asset key-value pairs that are
committed to the ledger as creates, updates, or deletes.
o The ledger is comprised of a Blockchain (âchainâ) to store the
immutable, sequenced record in blocks,
o As well as a state database to maintain current fabric state.
Ledger
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/fabric_model.html
15. HyperLedger Fabric â Ledger
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
15
2
o There is one ledger per channel.
o Each peer maintains a copy of the ledger for each channel of
which they are a member.
o Read-only queries using a rich query language (if using CouchDB
as state database)
o Read-only history queries - Query ledger history for a key,
enabling data provenance scenarios.
o Transactions contain signatures of every endorsing peer and are
submitted to ordering service.
Ledger
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/fabric_model.html
16. HyperLedger Fabric â Ledger
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
16
2
o Peers validate transactions against endorsement policies and
enforce the policies
o Transactions are ordered into blocks and are âdeliveredâ from an
ordering service to peers on a channel
o Prior to appending a block, a versioning check is performed to
ensure that states for assets that were read have not changed
since Chaincode execution time.
o There is immutability once a transaction is validated and
committed
Ledger
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/fabric_model.html
17. HyperLedger Fabric Channels
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
17
2
o A Hyperledger Fabric channel is a private âsubnetâ of communication between two or
more specific network members, for the purpose of conducting private and confidential
transactions.
o Channel is a completely separate instance of HyperLedger Fabric. Every Channel is
completely isolated and will never talk to each other.
o To create a new channel, the client SDK calls configuration system Chaincode and
references properties such as anchor peer**s, and members (organizations). This
request creates a **genesis block for the channel ledger, which stores configuration
information about the channel policies, members and anchor peers.
o The consensus service orders transactions and delivers them, in a block, to each
leading peer, which then distributes the block to its member peers, and across the
channel, using the gossip protocol.
Why Channel is unique to Fabric?
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/channels.html
18. Gossip Protocol
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
18
2
o Manages peer discovery and channel membership, by continually
identifying available member peers, and eventually detecting peers
that have gone offline.
o Disseminates ledger data across all peers on a channel. Any peer
with data that is out of sync with the rest of the channel identifies
the missing blocks and syncs itself by copying the correct data. A
state reconciliation process synchronizes world state across peers
on each channel. Each peer continually pulls blocks from other
peers on the channel, in order to repair its own state if
discrepancies are identified
o Bring newly connected peers up to speed by allowing peer-to-peer
state transfer update of ledger data.
Source: http://hyperledger-fabric.readthedocs.io/en/release-1.0/gossip.html
19. Fabric: Transaction Flow
19
3 Source:
http://hyperledger-fabric.readthedocs.io/en/release-1.0/txflow.html
1
2
Customer wants to order Red Roses
from Merchant for a new price.
Scenario
Customer Merchant
Customer
PeerBPeerA
Tx Proposal
⢠Endorsement Policy in the Chaincode states
proposal must be accepted by all parties.
⢠Proposal includes the function of the Chaincode
that needs to be triggered and other params.
⢠The SDK packages the transaction proposal into
the properly architected format (protocol buffer
over gRPC) and takes the userâs cryptographic
credentials to produce a unique signature for this
transaction proposal. Endorsing Peers
2.1 The Endorsing Peers : Verification
1. The transaction Proposal is well formed
2. It has not been submitted already in the past (replay attack protection)
3. The signature is valid using (MSP) and the
4. Submitter (Customer) is properly authorized to perform the proposed operation on the Channel.
20. Fabric: Transaction Flow
20
3 Source:
http://hyperledger-fabric.readthedocs.io/en/release-1.0/txflow.html
2
3
2.2 The Endorsing Peers : Execute
1. The endorsing peers take the transaction proposal
inputs as arguments to the invoked chaincodeâs
function It has not been submitted already in the
past (replay attack protection)
2. The chaincode is then executed against the current
state database to produce transaction results
including a response value, read set, and write set.
⢠No updates are made to the ledger at this point. Signed Proposal
Proposal Responses are inspected
1. App verifies the endorsing peer signatures.
2. Checks if the Endorsement policy is fulfilled (ie.
Customer and the Merchant Peer both endorse the
proposal).
21. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
21
Fabric: Transaction Flow3
Convert Endorsement to transaction
1. The App âbroadcastsâ the transaction proposal and
response within a âtransaction messageâ to the
Ordering Service
2. The transaction will contain the read/write sets. The
endorsement signatures and Channel ID.
3. The ordering service doesn't need to inspect the
content of the transaction.
4. It receives transactions from all the channels from
the network and orders them chronologically by the
Channel and
5. Creates blocks of transactions per channel.
4 Ordering
Service
Channels
22. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
22
Fabric: Transaction Flow3
Transaction Validated and Committed
1. The blocks of transactions are delivered to all Peers
in the network based on the Channel ID.
2. Validate the transaction based on Endorsement
policy.
3. Ensure that no change in the Ledger state based on
the Read-set variables since the read-set was
generated by the transaction execution.
4. Transactions in the block are tagged as being Valid
or Invalid.
5
Ordering
Service
Peers
23. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
23
Fabric: Transaction Flow3
6
Ledger Updated
1. Each Peer appends the Block to the
Channels chain.
2. For Each VALID transactions the write-set is
committed to the World State Database.
3. An Event is emitted to Notify the Client
Application.
4. Transactions in the block are tagged as being
Valid or Invalid.
Block
appended
to Tx Chain
Sends Notification
24. Ethereum Vs. HyperLedger Fabric
24
4
Characteristics Ethereum HyperLedger Fabric
Foundation Date July 2015 July 2017
Currency Ether None
Governance
Ethereum Developers
Enterprise Ethereum Alliance
Linux Foundation
IBM
Consensus Proof of Work (POW) Selective Endorsement
Network Permissionless, Public or Private Permissioned, Private
State Account Data Key-value Database
Smart Contracts Solidity, Seperant, LLL Chaincode (GoLang)
Development
Languages
GoLang
C++
Python
Java
Node.JS
Python (Post 1.0)
Hyperledger Fabric SDKs
Hyperledger Fabric intends to offer a number of SDKs for a wide variety of programming
languages. The first two delivered SDKs are the Node.js and Java SDKs. Python and Go SDKs
soon after the 1.0.0 release.
25. Summary â Benefits of Blockchain Technologies
3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
25
4
Saves Time
Immutable
transaction across
parties done at the
same time.
Remove Cost
Overheads on
maintaining and
synchronizing silos.
Increases Trust
Through shared process
and unified Systems of
Record. For end
consumers itâs a System
of Proof.
Reduces Risk
Tampering of data,
fraud and cyber crime
is avoided.
26. 3/23/2018
(C)COPYRIGHTMETAMAGICGLOBALINC.,NEWJERSEY,USA
26
1. HyperLedger Architecture Volume 1
2. Karame, Androulaki, & Capkun. (2012). Double spending fast payments in bitcoin. ACM Conference on
Computer and communications security, (pp. 906-917).
3. King, N. (2012). PPCoin: Peer to peer cryptocurrency with proof of stake.
4. Kwon. (2014). Tendermint: Consensus without Mining. Cornell Edu.
5. Mazieres, D. (2015). The Stellar Consensus Protocol: Federated Model for Internet level consensus. Stellar
Development Foundation.
6. Narayanan, B. F. (2016). Bitcoin and cryptocurrency technologies. Princeton: Princeton University Press.
7. O'Dwyer, & Malone. (2014). Bitcoin mining and its energy footprint. Irish Signals and Systems Conference,
pp. 280-285
8. Byzantine Fault Tolerance : https://en.wikipedia.org/wiki/Byzantine_fault_tolerance
9. Building Blockchain Apps for Node.JS developers with HyperLedger Composer â Simon Stone IBM
References
My Slide share Presentations
1. Enterprise Software Architecture - http://www.slideshare.net/arafkarsh/software-architecture-styles-64537120
2. Microservices â Part 1: https://www.slideshare.net/arafkarsh/micro-services-architecture-80571009
3. Event Storming and Saga Design Pattern â Part 2 : https://www.slideshare.net/arafkarsh/event-storming-and-saga
4. Docker and Linux Containers : https://www.slideshare.net/arafkarsh/docker-container-linux-container
5. Function Point Analysis : http://www.slideshare.net/arafkarsh/functional-reactive-programming-64780160