2. 2
• An implementation of blockchain technology that is
intended as a foundation for developing blockchain
applications for the enterprise
• Key characteristics:
– Permissioned
– Highly modular:
• Pluggable consensus, ledger, membership
services, endorsement and validation
– Smart contracts in general purpose languages
– Privacy
– No “mining” or native crypto-currency required
for consensus
– Execute-order-validate vs order-execute
3. 3
Hyperledger Fabric V1 architecture recap
Client
Application
SDK
(HFC)
Membership
Services
Peer
Endorser
Ledger
(Per channel)
Committer
A
Chaincode B
!Events
Ordering-Service
O
O O
O
ü
Fabric-CA
ü
External-CA
Hyperledger Fabric Network
optionaloptional
Admin
4. Based on https://wiki.hyperledger.org/projects/fabric/roadmap - Dates determined by the Hyperledger community - (*) Subject to change
v1.1 v1.2 v1.3 v1.4
§ Network administration:
⁃ Node.js connection profile
§ Smart contract:
⁃ Node.js smart contracts
⁃ Encryption library
⁃ Attribute Based Access Control
§ Performance & scale:
⁃ More orderers at scale
⁃ Parallel txn validation
⁃ CouchDB indexes
§ Events:
⁃ Per channel vs global
⁃ Block info minimal events
§ Membership services:
⁃ CSR for secure certificates
§ Serviceability:
⁃ Upgrade from 1.0
§ Network administration:
⁃ ACL mechanism per channel
⁃ Service discovery
§ Consensus:
⁃ Pluggable endorsement and
validation
§ Smart Contract:
⁃ Private Data Collections
(SideDB)
§ Documentation:
⁃ Improved documentation and
tutorials
§ Serviceability:
⁃ Improvements and bug fixes
§ Network administration:
⁃ SDK improvements
⁃ Service Discovery remaining
items
§ Consensus:
⁃ State based endorsement
§ Smart Contract:
⁃ Java chaincode
⁃ Burrow EVM support
⁃ Private Data remaining items
⁃ Chaincode query result
pagination
§ Membership services:
⁃ Identity Mixer
§ Serviceability:
⁃ Improvements and bug fixes
§ Network administration:
⁃ CLI redesign
§ Consensus:
⁃ RAFT Consensus
§ Smart Contract:
⁃ Higher level programing model
§ Membership services:
⁃ Identity Mixer Node.js SDK +
revocation
§ Serviceability:
⁃ Operational Metrics for Fabric
runtime components
⁃ Monitor health for Fabric runtime
components
⁃ Improve troubleshooting for
Fabric components
March 2018 June 2018 Oct 2018 Dec 2018* (quarterly)
Roadmap
** To be 1st LTS!! **
Over 291 developers, 41 companies, over 8,00 change sets!
5. 5
Fabric 1.1 new features overview (1/2)
• Rolling Upgrade Support
– Allows components of the blockchain network to be updated independently, via capabilities
• Channel Events
– Peers now deliver events per channel
• Couch DB Indexes
– Indexes can be packaged with chaincode to improve query performance
• Node.js Chaincode
– Node.js chaincode support
• Client Application – Common connection profile
– Includes all blockchain network end-points and connection parameters
• Application Level Encryption
– Fabric includes an encryption library for use by chaincode
• Transport Layer Security (TLS)
– All communications within a Hyperledger Fabric network can be secured using mutual TLS
• Attribute Based Access Control
– Include identity attributes in enrollment certificates for chaincode
6. 6
Fabric 1.1 new features overview (2/2)
• Generate a Certificate Revocation List (CRL) from Fabric CA server
– Support for both revoked and expired timeframes
• Dynamic update of identities
– Dynamically update Fabric CA Identities and Affiliations
• Performance and Scale Improvements
– Improvements in CouchDB (indexes), Orderer optimisations, Peer asynchronous updates
to the ledger, Cache MSP identity validations.
7. 7
Fabric 1.2 new features overview
• Channel Private Data / Side DB
– Keep chaincode data confidential among a subset of channel members
• Access control for peer functions
– Configure which client identities can interact with peer functions, per channel
• Pluggable endorsement and validation
– Utilize pluggable endorsement and validation logic per chaincode
• Service Discovery
– Discover network services dynamically, including orderers, peers, chaincode, and endorsement
policies, to simplify client applications.
8. 8
Private Data Collections
Allows data to be private to only a set of authorized peers
Fabric 1.0 & 1.1 Fabric 1.2
• Data privacy across channels only
• Transaction proposal and worldstate read/write
sets visible to all peers connected to a channel
• Ordering service has access to transactions
including the read/write sets
• Data privacy within a channel
• Transaction proposal and worldstate read/write sets
available to only permissioned peers
• Ordering service has only evidence of transactions
(hashes)
• Complements existing Fabric channel architecture
• Policy defines which peers have private data
https://jira.hyperledger.org/browse/FAB-8718
9. 9
Private Data Collections - Explained
https://jira.hyperledger.org/browse/FAB-1151
1. Private data:
1. Excluded from transactions by being sent as ‘transient data’ to endorsing peers.
2. Shared peer-to-peer with only peers defined in the collection policy.
2. Hashes of private data included in transaction proposal for evidence and validation.
1. Peers not in the collection policy and the Orderer only have hashes.
3. Peers maintain both a public worldstate and a private worldstate.
4. Private data held in a transient store between endorsement and validation.
10. 10
ACL mechanism per channel
https://jira.hyperledger.org/browse/FAB-8727
Support policy based access control for peer functions per channel
• Access control defined for channel and peer resources:
– User / System chaincode
– Events stream
• Policies specify identities and include defaults for:
– Readers
– Writers
– Admins
• Policies can be either:
– Signature : Specific user type in org
– ImplicitMeta : “All/Any/Majority” signature types
• Custom policies can be configured for ACLs
Peer
Admin
(Org1)
Channels
Policies: &SampleOrgPolicies
….
MyPolicy: Type: Signature Rule: "OR(Org1.admin’)”
Application: &ApplicationDefaults
ACLs: &ACLsDefault
….
event/Block: /Channel/Application/MyPolicy
Config Block
11. 11
Pluggable endorsement and validation
https://jira.hyperledger.org/browse/FAB-8779
• Supports alternative transaction models for: State based
endorsement, UTXO etc
• No need to recompile peer, core.yaml specifies additional
golang plugins
• Support for custom:
– ESCC : Endorsement System Chaincode
– VSCC : Validation System Chaincode
– QSCC : Query System Chaincode
– CSCC : Configuration System Chaincode
– LSCC : Lifecycle System Chaincode
• Chaincode associated with custom ESCC and VSCC at
instantiation
Support for custom transaction endorsement and validation plugins
Chaincode
Custom
ESCC
Custom
VSCC
Ledger
Propose - Execute - Respond
Order - Deliver
Validate - Commit
Sign
Policy
Endorsing Peer
Committing Peer
P
12. 12
Service Discovery
https://jira.hyperledger.org/browse/FAB-8779
• Network metadata is shared between peers over GOSSIP
• Peers dynamically compute the following:
– Configuration : MSP for all orgs in a channel
– Peers : Peers that have joined a channel
– Endorsers : Endorses for a specific channel/chaincode
• SDK sends dynamic query to peer to establish service
connection information (including: endorsement policy, peers
endpoints, TLS, CA and orderer endpoints).
• Administrator uses discover CLI to discover service
information
Peer
Client
Application
SDK
(HFC)
Admin
discover
Applications can dynamically query peers to discover network service
information
discover /
endorse
13. 13
Fabric 1.3 new features overview
• State-based endorsement policies
– Provides for finer grain endorsement / validation
• Idemix Java SDK
– Tcerts - Transaction Certificates to prevent correlations between transactions
• Java Chaincode
– Finally back!
• Chaincode query results pagination with CouchDB
– Makes it easier to deal with large results
• Burrow EVM contracts and web3 proxy
– Support for Solidity contracts and common development tools through user code extension
15. 15
EVM - Burrow
• EVM Web3.js proxy support in Fabric (FAB-10273)
⁃ Integration of Hyperledger Burrow in Hyperledger Fabric
⁃ Support for JSON-RPC API wrapped by Web3.js library
⁃ Expected to have one EVM per channel
⁃ Ethereum’s Contract Accounts mapped to chaincode
⁃ Gas limit set arbitrarily high
⁃ Actually independent from Fabric release because runs as user
chaincode
⁃ Design:
https://docs.google.com/document/d/1xZfdtFiIFvHI7UZAze2xbm5hhgaDHGRBMusozKfpOck/edit#
heading=h.xf6b8qykmhxw
(#) Ethereum’s VM is LGPL-3.0
16. 16
Hyperledger Fabric w/EVM chaincode
O
O O
O
Ordering Service
Web3 proxy Go SDK
Membership
Services
Provider
Peer
Endorser
Ledger
Committer
evmcc
!Events
Web3 client
17. 17
Fabric 1.4 planned features overview (not fully settled)
• Programming Model - Higher level chaincode and client APIs for Node.js
– Brings to Fabric some of the Composer functionality and simplicity
• Idemix Node.js SDK
– Improve support for Identity Mixer in other SDKs
• Identity Revocation
– Adds support for Idemix revocation, and make revocation easier/automatic with fabric-ca
• RAFT Consensus
– Eliminates dependency on KAFKA and confirms pluggability of consensus
• Serviceability - Operational Metrics for Fabric runtime components
– Provides runtime metrics so that operators can actively monitor the health and status of each component
• Serviceability - Monitor health for Fabric runtime components
– Makes easier to confirm services are alive and working correctly.
• Improve troubleshooting for Fabric components
– Improves ability to debug and trace gRPC interactions
** Fabric First Long Term Support (LTS) release **
18. 18
Fabric 2.0+ planned features overview (not settled)
• Programming Model - Higher level chaincode and client APIs for Go and Java
– Brings to Fabric some of the Composer functionality and simplicity
• Idemix Go SDK
– Completes support for Identity Mixer in all SDKs
• SBFT Consensus
– Provides Byzantine Fault Tolerant consensus
• Zero-Knowledge Asset Transfer (ZKAT) & Unspent Transaction Output (UTXO)
– Privacy preserving asset/token transfer
• Enhanced MVCC / Post Order Execution transactions
– For increased throughput
• Fabric CLI Redesign
– Support for more Fabric features leveraging Go SDK
• Other possible developments:
– Kubernetes friendly chaincode containers
– Trusted Chaincode with Intel Software Guard Extensions (SGX)
– Archive and Pruning
– ????
19. 19
Fabric main axes of development
• Increasing Privacy and Confidentiality
– Channels – provides for segmentation of the network
– Private Transactions / SideDB – provides for greater privacy on a channel
– Idemix – provides for anonymous transactions – no correlation
– ZKAT – Zero Knowledge Asset Transfer – Idemix + UTXO
• Improving Consensus
– KAFKA – Crash Fault Tolerant
– RAFT – Crash Fault Tolerant without dependencies
– SBFT – Byzantine Fault Tolerant
• Improving Serviceability - More dynamic, less out of band data, easier to monitor & debug
– Rolling upgrades & capabilities, service discovery, monitoring
• Improving Programming Model
– Higher level chaincode and client APIs
20. 20
Bringing Hyperledger Composer capabilities into Fabric
• IBM is de-emphasizing its investment in Composer
• Focus shifting to bringing similar functionality directly into Fabric
• Developing a new programming model and set of development tools for Fabric
– Will simplify application development (less to know)
– Will simplify chaincode development (higher level data model, less boiler plate code)
– Will be backwards compatible with Fabric but not Composer
• Composer continues as a Hyperledger project for now, IBM will keep maintaining compatibility with
Fabric and fix critical bugs, the community may choose to pick it up in some way.
21. 21
IBM Blockchain Platform
IBM Blockchain Platform is a fully integrated enterprise-
ready blockchain platform designed to accelerate the
development, governance, and operation of a multi-
institution business network
– Developer tools that make use of Hyperledger
Composer to quickly build your blockchain application
– Hyperledger Fabric provides the ledger, which is
managed through a set of intuitive operational tools
– Governance tools for democratic management of
the business network
– Flexible deployment options, including a highly
secure and performant IBM Cloud environment
DeveloperTools
IBM Cloud
OperationalTools
GovernanceTools
Blockchain application
Hyperledger Fabric
Hyperledger Composer
DeveloperTools
IBM Cloud
OperationalTools
GovernanceTools
Blockchain application
Hyperledger Fabric