Download presentation
Presentation is loading. Please wait.
1
Hyperledger Fabric 소개 및 튜토리얼
9월 오픈랩 세미나 It-chain committer 김주형
2
Contents Key Concept How Hyperledger Fabric Service Works?
What is happening underneath the Service? Tutorials
4
1 KEY CONCEPT
5
Permissioned vs Permissionless
6
Execute-Order-Validate
Hyperledger Fabric architecture for transactions: - in contrast with order-execute model Separate transaction flow into 3 steps Execute: execute transaction, validate then endorsing it Order: order transaction Validate: validate transactions with endorsement policy, then commit to ledger
7
A : Which peer nodes, How many of peers need to endorse
Execute-Order-Validate Q : Endorsement Policy?? Hyperledger Fabric architecture for transactions: - in contrast with order-execute model Separate transaction flow into 3 steps Execute: execute transaction, validate then endorsing it Order: order transaction Validate: validate transactions with endorsement policy, then commit to ledger A : Which peer nodes, How many of peers need to endorse for given smart contract.
8
How Hyperledger Fabric Service Works?
2 How Hyperledger Fabric Service Works?
9
2. How Hyperledger Fabric Service Works?
Scenario Client A wants to buy food from Client B
10
2. How Hyperledger Fabric Service Works?
Assumption Client A = The application user ‘Peers’ installed ‘chaincode’ ‘Channel’ instantiate chaincode Chaincode defines transaction instructions and food price
11
2. How Hyperledger Fabric Service Works?
Assumption Q : Application User? Client who invoke or query chaincode User should be registered & enrolled with Organization’s CA Client A = The application user ‘Peers’ installed ‘chaincode’ ‘Channel’ instantiate chaincode Chaincode defines transaction instructions and food price
12
2. How Hyperledger Fabric Service Works?
Assumption Q : Channel? Channel allows a group of participants to create a separate ledger Provide a mechanism for private communications and private data Client A = The application user ‘Peers’ installed ‘chaincode’ ‘Channel’ instantiate chaincode Chaincode defines transaction instructions and food price
13
2. How Hyperledger Fabric Service Works?
Client A initiates a transaction Client A send a request to purchase food SDK creates transaction proposal transaction proposal is a request to invoke a chaincode User credential produce a unique signature for this proposal
14
2. How Hyperledger Fabric Service Works?
Endorsing peers verify & execute transaction Endorsing peers verify transaction proposal Endorsing peers execute the transaction, but NOT UPDATE ledger Sent back proposal response(endorsing peer’s signature + delta set)
15
2. How Hyperledger Fabric Service Works?
Q : Endorsing Peer?, Peer? Endorsing peers verify & execute transaction Peer which install chaincode can be endorsing peer Endorsing peer create signed transaction response using its own chaincode All the peer in the channel is committing peer Committing peer receive blocks, validate then commit to ledger Endorsing peers verify transaction proposal Endorsing peers execute the transaction, but NOT UPDATE ledger Sent back proposal response(endorsing peer’s signature + delta set)
16
2. How Hyperledger Fabric Service Works?
Proposal responses are inspected Client B application verifies endorsing peer signatures and compares the proposal responses
17
2. How Hyperledger Fabric Service Works?
Client sends transaction to Ordering Service The application broadcast transaction proposal and response to Ordering Service Ordering Service receives transactions from all channels in the network Order transactions by channel, creates blocks per channel
18
2. How Hyperledger Fabric Service Works?
Transaction is validated Blocks are delivered to all peers on the channel Validate that there are no changes for delta set Transactions in the block are tagged as valid or invalid
19
2. How Hyperledger Fabric Service Works?
Ledger updated Each peer appends block to the channel’s chain For valid transactions the delta sets are committed to db
20
What is happening underneath the Service?
3 What is happening underneath the Service?
21
Create the Network 3. What will happen underneath the Service?
The network is formed when an orderer is started Orderer O4 is initially configured and started by administrator in org R4 Network configuration NC4 contains policies admin capabilities for the network N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA
22
Q : CA(Certificate Authorities)?
3. What will happen underneath the Service? Q : CA(Certificate Authorities)? Create the Network CA is used to issue certificates to administrators and network nodes Certificates uses to identify components belonging to R4 So different organizations usually use different CA Certificates also used to endorse & validate transaction. The network is formed when an orderer is started Orderer O4 is initially configured and started by administrator in org R4 Network configuration NC4 contains policies admin capabilities for the network N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA
23
Add Network Administrator
3. What will happen underneath the Service? Add Network Administrator Organization R1 is added to network as administrator, now R1 and R4 have equal rights We can see CA1 has been added, which is used to identify users from R1 organization Because both R1, R4 have admin rights, can update network configuration, to allow other organization to operate on network At this point ordering Service is a single node, but usually they are multi-mode N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1: R1 CA
24
Defining a Consortium 3. What will happen underneath the Service?
Consortium defines the set of organizations in the network who share a need to communicate each other Because R1, R4 have administrative rights, only R1 and R4 can make new consortium The “consortium” world literally means “a group with a shared destiny” It really makes sense to group organizations together if they have a common goal. N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
25
Creating a channel for a consortium
3. What will happen underneath the Service? Creating a channel for a consortium The concept of channel can be thought of key part of Fabric blockchain network A channel is a primary communication mechanism which the members of a consortium can communicate with each other Channel C1 provides a private communication mechanism for the consortium X1 It is helpful to mention that R4 also allowed R1 to create channels C1 has a completely separate configurations CC1 CC1 contains the policies that R1, R2 have rights over channel C1 Organizations other than R1, R2 cannot interact with C1 Other organization cannot add itself to the channel C1, it must be authorized by R1 or R2 Channel is useful because they provide a mechanism for private communications between the members of consortium. It is in a very sense “free from the network” Organizations that are explicitly specified in a channel configuration have control over channel. The data in a channel is completely isolated from the rest of the network, including other channels. R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium C1: channel CC1: channel configuration N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA
26
Peers and Ledgers 3. What will happen underneath the Service?
Peer nodes are network components where copies of the blockchain ledger are hosted First CA1 should issue certficates for P1 identity, which associates P1 with organization R1. Once P1 is started, it can join channel C1 using the orderer O4. When orderer O4 receives join request, it uses channel configuration CC1 to determine P1’s permissions on this channel. For example, CC1 determines whether P1 can read or write information to the ledger L1 R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA
27
Applications and Smart Contract chaincode
3. What will happen underneath the Service? Applications and Smart Contract chaincode We can start connecting client applications to consume some of the services provided by the ledger In diagram, we can see that client application A1 can use channel C1 to connect to specific network resources Through connected C1, A1 now can connect to both peer node P1 and orderer node O4 Just like peers, a client application will have an identity that associates it with an organization. In this example, client application A1 is associated with organization R1 A1 is outside the Fabric network, it is connected to it via the channel C1 It might now apper that A1 can access the ledger L1 directly via P1, but all access is managed via a smart contract chaincode, S5 Think of S5 as all the common access patterns to the ledger S5 provides set of ways by which the ledger L1 can be queried or updated. In short, client application A1 has to go through smart contract S5 to get to ledger L1 Chaincodes developed in each organization to implement a business logic shared by the consortium members. Chaincodes are used to help generate transactions which can be subsequently distributed to the every node C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
28
Installing a smart contract
3. What will happen underneath the Service? Applications and Smart Contract chaincode install Installing a smart contract After S5 developed, administrator in organization R1 must install onto peer node P1 After installation P1 has full knowledge of S5 Specifically, P1 can see the implementation logic of S5 When organization has multiple peers in a channel, it can choose the peers which it installs smart contracts It does not need to install a smart contract on every peer. Instantiating a smart contract However the other components connected to channel C1 are unaware of it, it must first be instantiated on channel C1 C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
29
Instantiating a smart contract
3. What will happen underneath the Service? Applications and Smart Contract chaincode install instantiate Instantiating a smart contract However the other components connected to channel C1 are unaware of it, it must first be instantiated on channel C1 In this example, administrator in organization R1 must instantiate S5 on channel C1 using P1. After instantiation, every component on channel C1 is aware of the existence of S5 And in our example, it means that S5 can now be invoked by client application A1 * Note that although every component on the channel can now access S5, they are not able to see its program logic R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA
30
Applications and Smart Contract chaincode
3. What will happen underneath the Service? Applications and Smart Contract chaincode install Endorsement Policy instantiate Endorsement Policy Important piece of additional information supplied at instantiation is an endorsement policy It describes which organizations must approve transactions before they are accepted The act of instantiation places the endorsement policy in channel configuration Invoking a smart contract Once a smart contract has been installed on a peer node and instantiated on a channel, it can be invoked by a client application Client applications do this by sending transaction proposals to peers owned by the organizations specified by the smart contract endorsement policy. C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
31
Complete R2 network infrastructure
3. What will happen underneath the Service? Complete R2 network infrastructure Organization R2 has added a peer node, P2, on channel C1 P2 also hosts a copy of the ledger L1 and smart contract S5 R2 has also added client application A2 which can connect to network via channel C1 Administrator in org R2 has created P2 and joined it to channel C1, in the same way as an administrator in R1 At this stage in network development, we have a channel in which org R1, R2 can fully communicate with each other Specifically, this means that A1, A2 can generate transactions using smart contract S5 and L1 on channel C1 C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application A2: Client application P2: peer node N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
32
Complete R2 network infrastructure
3. What will happen underneath the Service? Complete R2 network infrastructure install Install not instantiate Organization R2 must install smart contract S5 onto its peer node P2. That’s obvious, if applications A1 or A2 wish to use S5 on peer node P2 to generate transactions, it must first be present Installation is the mechanism by which this happens However, in contrast to org R1, org R2 does not need to instantiate smart contract S5 on channel C1. That’s because S5 has already been instantiated on the channel by R1. Instantiation only needs to happen once, any peer which subsequently joins the channel knows that smart contract S5 is available to the channel C1 connects two client applications Since there is only one channel, there is only one logical ledger C1: channel CC1: channel configuration P1: peer node L1: copy of the ledger S5: smart contract A1: Client application A2: Client application P2: peer node N: network O4: ordering service NC4: network configuration R4: organization CA4: R4 CA R1: organization CA1 R1 CA R2: organization CA2: R2 CA X1: R1, R2 consortium
33
4 Tutorials
34
9월 오픈랩 세미나 It-chain committer 김주형
감사합니다 9월 오픈랩 세미나 It-chain committer 김주형
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.