Data Privacy among Organizations: Channel and Private Data in Hyperledger Fabric

Overview

Permissioned blockchain platforms differ in various aspects from permissionless ones. One of them is on data privacy. While data privacy is a broad topic, in this article we only focus on how to avoid organizations accessing unauthorized data (or avoid unauthorized organizations access certain data).

Consortium

Hyperledger Fabric is always used in a consortium environment. Here consortium is a number of business entities coming together with common business goals. We can immediately think of partners forming a consortium. By bringing partners together, certain workflows can be streamlined, or a trustworthy resource of information can be made available to all members. Consortium can be formed even among competitors. In such cases, the business goal must bring value as incentives such that it is better to have a consortium than not to have. For example, banks can form a consortium to reduce risk when making loans.

A consortium of three organizations: forming a business network.

Channel

Overview

Channel is an important concept in Hyperledger Fabric. It is a group of organizations sharing business goals by implementing the same business application and maintaining a same and consistent data store.

Demo Setup

In our demonstration, we will create two channels

  • channel-12: org1 and org2
  • channel-all-up.sh and channel-12-up.sh: create channel and join those member organizations to the channel.
  • deploy-sacc.sh and deploy-personalinfo.sh: install and instantiate the chaincode, with proper initial value or setting.
  1. bring up channel-all: ./channel-all-up.sh
  2. bring up channel-12: ./channel-12-up.sh
  3. deploy sacc on both channels: ./deploy-sacc.sh
  4. chaincode invoke/query and observation
  5. clean up: ./network-down.sh

Demo and Observation

Perform steps 1–4 above. Note that in the deploy-sacc.sh, an initial value is provided when instantiating the chaincode. For channel-all, it is [“name”:”alice”], and for channel-12, it is [“name”:”bob”].

docker exec <peer node> peer channel list
Showing what channel each organization has joined.
docker exec cli peer chaincode query -C channel-all -n mycc -c '{"Args":["get","name"]}'docker exec cli peer chaincode query -C channel-12 -n mycc -c '{"Args":["get","name"]}'
Org1 can reach both channels.
docker exec -e CORE_PEER_LOCALMSPID=Org3MSP -e CORE_PEER_ADDRESS=peer0.org3.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin@org3.example.com/msp cli peer chaincode query -C channel-all -n mycc -c '{"Args":["get","name"]}'docker exec -e CORE_PEER_LOCALMSPID=Org3MSP -e CORE_PEER_ADDRESS=peer0.org3.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin@org3.example.com/msp cli peer chaincode query -C channel-12 -n mycc -c '{"Args":["get","name"]}'
Access denied for Org3 in channel-12.
docker exec peer0.org1.example.com peer channel getinfo -c <channelid>
Two channels are created in this business network, each of which has its own ledger.

Private Data

Overview

We have seen in the demonstration above that all peer nodes in the same channel keep the same set of state data. It is by all means a nature of distributed ledger technology, that every participant keeps a set of data with assurance of consensus algorithm behind. Channel provides a mechanism to limit both applications and data to a designated group of organizations in Hyperledger Fabric.

Demo Setup

In our demonstration, we just set up channel-all, and all organizations join channel-all.

  • queryRecord: return the personal record excluding PII
  • queryPiiRecord: return the PII of the a personal record
  1. bring up channel-all: ./channel-all-up.sh
  2. deploy personalinfo: ./deploy-personalinfo.sh
  3. chaincode invoke/query and observation
  4. clean up: ./network-down.sh

Demo and Observation

Perform steps 1–3 above. Note that we have specified the collection configuration when chaincode is instantiated (see the file deploy-personalinfo.sh).

docker exec cli peer chaincode invoke -o orderer.example.com:7050 -C channel-all -n mycc -c '{"Args":["createRecord","ID001","alice","alice@alice.com","H123456"]}'
docker exec cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryRecord","ID001"]}'docker exec cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryPiiRecord","ID001"]}'
docker exec -e CORE_PEER_LOCALMSPID=Org2MSP -e CORE_PEER_ADDRESS=peer0.org2.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryRecord","ID001"]}'docker exec -e CORE_PEER_LOCALMSPID=Org2MSP -e CORE_PEER_ADDRESS=peer0.org2.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryPiiRecord","ID001"]}'
docker exec -e CORE_PEER_LOCALMSPID=Org3MSP -e CORE_PEER_ADDRESS=peer0.org3.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin@org3.example.com/msp cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryRecord","ID001"]}'docker exec -e CORE_PEER_LOCALMSPID=Org3MSP -e CORE_PEER_ADDRESS=peer0.org3.example.com:7051 -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin@org3.example.com/msp cli peer chaincode query -C channel-all -n mycc -c '{"Args":["queryPiiRecord","ID001"]}'
Edited by combining the couchdb of org1, org2 and org3, respectively.
  • channel-all_mycc$$hcollection$private, which keeps the hash of the private data. This information is also seen in all organizations in a channel, serving as a proof of “some data exist”.
  • channel-all_mycc$$pcollection$private, which keeps the actual private data. The data is only seen in org1 and org2.
One channel with private data collection defined for org1 and org2.

A Note about Sending Private Data in Proposal

You may notice in personalinfo chaincode the private data “passport” is passed in createRecord proposal as an argument. In Hyperledger Fabric, this proposal is included in a transaction the client sends to orderer, and finally included in a block. This block is broadcast to all organizations, including org3, the organization who is outside the collection. As a result, though the actual data is not found in world state in org3, org3 can still see the data in this transaction in the blockchain.

Private data passed in chaincode invoke is still visible in the block.

Discussion: Channel vs. Private Data

Channel is a concept in the infrastructure level (network level). A channel is created and joined by peer nodes of organization. A ledger is dedicated to each channel created. Besides, we can deploy one or more chaincodes at channel level. That means we have the great flexibility to design chaincode and application specific to channel. Of course, we still can deploy the same chaincode on different channels.

--

--

Visit http://www.ledgertech.biz/kcarticles.html for all my works. Reach me on https://www.linkedin.com/in/ktam1/ or follow me @kctheservant in Twitter.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store