2_Hyperledger Fabric Model

Hyperledger Fabric Model

本节概述了Hyperledger Fabric中的关键设计特点,这些特点实现了其全面但可定制的企业区块链解决方案的承诺:

  • Assets — Asset的定义使得在网络上交换几乎任何有货币价值的东西成为了可能,从食品到古董车再到货币期货
  • Chaincode — chaincode(链码)的执行与交易排序分开,限制了跨节点类型所需的信任和验证级别,并优化了网络的可伸缩性和性能。
  • Ledger Features — 不可变的共享账本对每个通道的整个交易历史进行编码,并包含类似SQL的查询功能,以实现高效的审计和争议解决。
  • Privacy — 通道和私人数据收集使私人和保密的多边交易成为可能,这些交易通常是竞争企业和受监管行业在公共网络上交换资产所必需的
  • Security & Membership Services — 许可成员资格提供了一个可信的区块链网络,参与者知道所有交易都可以由授权的监管机构和审计师检测和跟踪
  • Consensus — 一种独特的一致性方法可以实现企业所需的灵活性和可伸缩性

Assets

Assets可以从有形资产(房地产和硬件)到无形资产(合同和知识产权)。Hyperledger Fabric提供了使用chaincode(链码)交易修改资产的功能。

资产在Hyperledger Fabric中表示为键值对(key-value pairs)的集合,状态更改记录为通道账本上的交易。资产可以用二进制(binary)和/或JSON形式表示。

Chaincode

Chaincode is software defining an asset or assets, and the transaction instructions for modifying the asset(s);

  1. defining an asset or assets
  2. modifying the asset(s)

换句话说,它是业务逻辑(business logic)。Chaincode强制执行(读取/更改)键值对 或其他state database information 的规则。

Chaincode functions execute against the ledger’s current state database and are initiated through a transaction proposal.

chaincode(链码)函数针对账本的当前状态数据库执行,并通过交易提案启动。

Chaincode execution results in a set of key-value writes (write set) that can be submitted to the network and applied to the ledger on all peers.

chaincode(链码)执行会产生一组键值写入(写入集),这些键值写入可以提交到网络并应用于所有peer结点的账本。

Ledger Features

The ledger is the sequenced, tamper-resistant record of all state transitions in the fabric.

账本是结构中所有状态转换的有序、防篡改的记录

State transitions are a result of chaincode invocations (‘transactions’) submitted by participating parties.

状态转换是由参与方提交的chaincode(链码)调用(“交易”)的结果

chaincode(链码)调用会导致账本的状态改变

Each transaction results in a set of asset key-value pairs that are committed to the ledger as creates, updates, or deletes.

每个交易都会产生一组asset key-value pairs ,这些asset key-value pairs 在创建、更新或删除时提交到ledger

The ledger is comprised of a blockchain (to store the immutable, sequenced record in blocks) and a state database (to maintain current fabric state.)

ledger由两部分组成:

  1. a blockchain(在区块中存储不可改变的有序的记录)
  2. a state database(保存当下Fabric的状态)

There is one ledger per channel.

每个channel有一个ledger

Each peer maintains a copy of the ledger for each channel of which they are a member.

每个peer节点都会存储他所加入的channel的ledger的副本

Fabric 账本的一些Features:

    1. Query and update ledger using key-based lookups
    2. range queries
    3. composite key queries
  • Read-only queries using a rich query language

    if using CouchDB as state database

  • Read-only history queries — Query ledger history for a key, enabling data provenance scenarios

  • Transactions consist of the versions of keys/values that were read in chaincode (read set) and keys/values that were written in chaincode (write set)

  • Transactions contain signatures of every endorsing peer and are submitted to ordering service

  • Transactions are ordered into blocks and are “delivered” from an ordering service to peers on a channel

  • Peers validate transactions against endorsement policies and enforce the policies

  • Prior to appending a block, a versioning check is performed to ensure that states for assets that were read have not changed since chaincode execution time

  • There is immutability once a transaction is validated and committed

    一旦交易被验证和提交,就存在不变性

  • A channel’s ledger contains a configuration block defining policies, access control lists, and other pertinent information

  • Channels contain Membership Service Provider instances allowing for crypto materials to be derived from different certificate authorities

See the Ledger topic for a deeper dive on the databases, storage structure, and “query-ability.”

Privacy

Hyperledger Fabric的每一个channel里都有

  1. 一个不可更改的ledger

  2. 一个可以操纵和修改assets当前状态的chaincode

    也就是可以更新Asset状态(键值对)的chaincode

A ledger exists in the scope of a channel

  1. it can be shared across the entire network (assuming every participant is operating on one common channel)
  2. or it can be privatized to include only a specific set of participants.

账本存在于一个通道的范围内

  1. 它可以在整个网络中共享(假设每个参与者都在一个公共通道上运行)
  2. 或者它可以私有化,只包括一组特定的参与者。

在后一种情况下,这些参与者将创建一个单独的通道,从而隔离/分离他们的交易和账本。为了解决既满足透明性又满足隐私性的情况,chaincode(链码)只能安装在这样的peer节点上,这些peer节点,这些peer节点需要去获取Asset的state从而执行read和write操作(换句话说,如果chaincode(链码)没有安装在peer节点上,它将无法与这个peer的ledger衔接)。

When a subset of organizations on that channel need to keep their transaction data confidential, a private data collection (collection) is used to segregate this data in a private database, logically separate from the channel ledger, accessible only to the authorized subset of organizations.

Thus, channels keep transactions private from the broader network whereas collections keep data private between subsets of organizations on the channel.

To further obfuscate the data, values within chaincode can be encrypted (in part or in total) using common cryptographic algorithms such as AES before sending transactions to the ordering service and appending blocks to the ledger. Once encrypted data has been written to the ledger, it can be decrypted only by a user in possession of the corresponding key that was used to generate the cipher text.

See the Private Data topic for more details on how to achieve privacy on your blockchain network.

Security & Membership Services

Hyperledger Fabric underpins a transactional network where all participants have known identities. Public Key Infrastructure is used to generate cryptographic certificates which are tied to organizations, network components, and end users or client applications. As a result, data access control can be manipulated and governed on the broader network and on channel levels. This “permissioned” notion of Hyperledger Fabric, coupled with the existence and capabilities of channels, helps address scenarios where privacy and confidentiality are paramount concerns.

See the Membership Service Providers (MSP) topic to better understand cryptographic implementations, and the sign, verify, authenticate approach used in Hyperledger Fabric.

Consensus

In distributed ledger technology, consensus has recently become synonymous with a specific algorithm, within a single function. However, consensus encompasses more than simply agreeing upon the order of transactions, and this differentiation is highlighted in Hyperledger Fabric through its fundamental role in the entire transaction flow, from proposal and endorsement, to ordering, validation and commitment. In a nutshell, consensus is defined as the full-circle verification of the correctness of a set of transactions comprising a block.

Consensus is achieved ultimately when the order and results of a block’s transactions have met the explicit policy criteria checks. These checks and balances take place during the lifecycle of a transaction, and include the usage of endorsement policies to dictate which specific members must endorse a certain transaction class, as well as system chaincodes to ensure that these policies are enforced and upheld. Prior to commitment, the peers will employ these system chaincodes to make sure that enough endorsements are present, and that they were derived from the appropriate entities. Moreover, a versioning check will take place during which the current state of the ledger is agreed or consented upon, before any blocks containing transactions are appended to the ledger. This final check provides protection against double spend operations and other threats that might compromise data integrity, and allows for functions to be executed against non-static variables.

In addition to the multitude of endorsement, validity and versioning checks that take place, there are also ongoing identity verifications happening in all directions of the transaction flow. Access control lists are implemented on hierarchical layers of the network (ordering service down to channels), and payloads are repeatedly signed, verified and authenticated as a transaction proposal passes through the different architectural components. To conclude, consensus is not merely limited to the agreed upon order of a batch of transactions; rather, it is an overarching characterization that is achieved as a byproduct of the ongoing verifications that take place during a transaction’s journey from proposal to commitment.

Check out the Transaction Flow diagram for a visual representation of consensus.

posted @ 2021-01-17 23:14  TR_Goldfish  阅读(123)  评论(0编辑  收藏  举报