Category

网志

Developer showcase series: Nadeem Bhati, High School Technology Services

By | Blog, Developer Showcase

Back to our Developer Showcase Series to learn what developers in the real world are doing with Hyperledger technologies. Next up is Nadeem Bhati of High School Technology Services.

What advice would you offer other technologists or developers interested in getting started working on blockchain?

Blockchain is fairly new technology. You won’t find experts with 10+ years of experience. Everybody is learning and growing together, which makes this field very enjoyable onceyou get into it. Having a level playing field helps new entrants get confidence quickly. Some great way of getting started include enrolling in a certification program, attending community meet-ups and participating in hackathons. You meet new people, share ideas and learn from each other, which makes this journey more enjoyable.

Give a bit of background on what you’re working on, and let us know what was it that made you want to get into blockchain?

Working on blockchain is working on the cutting edge of technology right now.There are very passionate people backing blockchain technology because they are confident that it has the potential to start a revolution. From decentralized currency to business transaction between parties in a trustless environment, blockchain has a varied range of use cases.

What project in Hyperledger are you working on? Any new developments to share? Can you sum up your experience with Hyperledger?

I am currently working on a pharma-trading platform that resolves the issue of drug counterfeiting using Hyperledger Fabric. Previously, I worked on platforms for energy distribution on Hyperledger Fabric  in which group of households, or group of societies, connected by a power-grid form a network of nodes. These nodes can buy/sell energy generated by non-conventional ways such as solar. I have also worked on stocks-bonds trading proof of concept, on Hyperledger Fabric as part of my exploration of blockchain use cases. Many of my proofs of concept  are either in development or have seen their 1.0 releases.

What are the main differences between teaching Hyperledger to students and developing Hyperledger applications?

While teaching at High School Technology Services, I often get lots of questions from students that help me in looking at blockchain development differently. For example, in-depth discussions on sovereign identities, asynchronous cryptography and consensus algorithms have widened my perspective on how layman and new entrants as well as experts feel when they think of blockchain. This has helped me in my personal research into blockchain and making my developed platforms more user friendly.

What do you think is most important for Hyperledger to focus on in the next year?

Recently, FabToken was introduced in the latest release of Hyperledger Fabric. Further inclusion and improvement to make fabric more versatile should be expected.

I would personally like to see Hyperledger Composer development to be taken up again as it is a tool that has motivated many individuals, including me, to head towards Hyperledger

Other things on my wish list include pluggable interfaces and documentation.

Also, it would be interesting to see when we are able to easily integrate crypto-currencies into Hyperledger Fabric blockchains natively.

As Hyperledger’s incubated projects start maturing and hit 1.0 and beyond, what are the most interesting technologies, apps, or use cases coming out as a result from your perspective?

I have a list:

  • Sovereign Identity and inclusion of better identity solutions in current web infrastructure.
  • All sorts of registries published on chain for security and easy verifiability.
  • Cryptoeconomics, micropayment schemes to reward publishers of good content.
  • Testing ground for new market designs like frequent batch auctions, combinatorial auctions and automated market makers.

What’s the one issue or problem you hope blockchain can solve?

Blockchain is a revolution that promotes transparency. You build peer-to-peer self-sustaining applications that can stand its ground. From destabilized governments to supply chain vendors, use cases of blockchain are endless. Control over personal information is vital and can be successfully addressed using blockchain.

Where do you hope to see Hyperledger and/or blockchain in 5 years?

I have another list:

  • Many dapps replacing centralized applications.
  • Peer-to-peer marketplace for internet connections/incentivized mesh networks.
  • Identity, reputation and credit systems for those that currently have few resources such as refugees.
  • Decentralized DNS alternatives like ens.domains .
  • Blockchain flourishing in production environments across a range of use cases.

What is the best piece of developer advice you’ve ever received?

Software development never stops evolving. It’s important that one always keeps learning and evolving. Get comfortable with being uncomfortable and adapt the growth mindset as this will ensure that you never stagnate.

What technology could you not live without?

The internet.

This global computer network providing a variety of information and communication facilities has deeply affected my life and learning.

Developer showcase series: Alishba Imran, The Knowledge Society

By | 网志, Developer Showcase

Back to our Developer Showcase Series to learn what developers in the real world are doing with Hyperledger technologies. Next up is Alishba Imran, a 15-year-old machine learning and blockchain developer and nanotech researcher at The Knowledge Society. She’s interested in leveraging these tech and sciences to solve some really important problems with human reproduction and healthcare.

What advice would you offer other young technologists or developers interested in getting started working on blockchain?

I would highly recommend taking courses, replicating projects, and talking to industry leaders in blockchain. The blockchain community is still fairly new, but you’d be shocked to see that there are so many resources out there for youth to get started. There’s still lots of work to do, but resources like IBM’s cloud service built on Hyperledger Fabric are very helpful. I think the best way to start learning is by replicating work that has already been done by other people. Once you have enough knowledge and sophistication in the topic, you can move to start creating your own projects. In this stage, I would highly recommend speaking with companies that are working in the space and setting up meetings. People are always willing to help, so just take initiative and reach out. The blockchain community is a small group, but it’s also a very interesting technology that can be used to solve some really big problems in our world.

Give a bit of background on what you’re working on and how you got into blockchain?   

I’m a 15-year-old innovator from The Knowledge Society. I got introduced to blockchain through The Knowledge Society (TKS), which is a human accelerator program for youth where we are learning about emerging tech/sciences and leveraging them to solve really important problems in our world. Through this program, I got to learn about blockchain and the mindsets and skills to start making my own projects. One of my most recent initiatives is called Honestblocks, which is a clockchain platform I developed using Hyperledger Fabric/Hyerpledger Composer that allows people in developing countries to manage their healthcare data and track their products. A huge issue in these countries is counterfeit medicine. Around 30-40% of medicine in many markets is counterfeit. I wanted to solve this issue by tracking medicine in the supply chain before it reaches the consumer. I partnered with a doctor in India to help develop the pharma side of the project. The platform is set to be tested in a few clinics in India. I also won Youth Innovator for this project at the Enterprise Blockchain Awards (EBA) this year!

Where do you hope to see Hyperledger and/or blockchain in 5 years?

Let’s say you just immigrated to a new country. In today’s world you would have to go through a lengthy process and paperwork to get your passport and documents. Even after you get them, there’s a chance that any of the online form of identification can be manipulated/tampered with. But in the blockchain world, governments will give out identities. This will enable anyone to have their own blockchain identity. There will only be one per person, giving every person one tamper-proof way to  access to all the services. Then, when you need to go to the doctor, all your medical records will be stored on a blockchain. You can grant access to required information to hospitals, insurers, or your doctor. All your money transactions are completely done by cryptocurrencies. I imagine all companies and corporations would be decentralized. We would enter a self-sovereign society where you own all of your information. This is the type of world that is possible using blockchain. This is the future that excites me.

What is the best piece of developer advice you’ve ever received?

The best piece of advice I’ve ever received is to always keep pushing out content and moving forward. You need to be oriented for other people’s success. You can have the most knowledge in the world, but, if you aren’t building stuff and putting out useful content, no one would know. Drive and ambition are very important, but it’s vital to have a really good ratio between thinking and doing. My overall goal is to be the next female Musk or Jobs. I want to break down stereotypes that still exist for females in this industry and use technology to solve really important problems in our world.

Announcing Hyperledger Aries, infrastructure supporting interoperable identity solutions!

By | 网志, Hyperledger Aries

Identity is commonly cited as one of the most promising use-cases for distributed ledger technology. Initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials will benefit from a shared, reusable, interoperable tool kit. Hyperledger Aries, the newest Hyperledger project (the13th!), is a shared infrastructure of tools that enables the exchange of blockchain-based data, supports peer-to-peer messaging in various scenarios, and facilitates interoperable interaction between different blockchains and other distributed ledger technologies (DLTs).

Hyperledger Aries intends to:

  • Provide code for peer-to-peer interaction, secrets management, verifiable information exchange, and secure messaging for different decentralized systems.
  • Foster practical interoperability in support of ongoing standards work and extend the applicability of technologies developed within Indy beyond its current community components from the Hyperledger stack into a single, effective business solution.

What is Aries?
Hyperledger Aries is infrastructure for blockchain-rooted, peer-to-peer interactions. It’s not a blockchain and it’s not an application.

It includes:

  • A blockchain interface layer (known as a resolver) for creating and signing blockchain transactions.
  • A cryptographic wallet for secure storage (the secure storage tech, not a UI) of cryptographic secrets and other information used to build blockchain clients.
  • An encrypted messaging system for off-ledger interactions between clients using multiple transport protocols.
  • An implementation of ZKP-capable W3C verifiable credentials using the ZKP primitives found in Ursa.
  • An implementation of the Decentralized Key Management System (DKMS) specification currently being incubated in Hyperledger Indy.
  • A mechanism to build higher-level protocols and API-like use cases based on the secure messaging functionality described earlier.

The generic interface of Aries will initially support the Hyperledger Indy resolver but is flexible enough so that someone could build a pluggable method using other DID method resolvers such as Hyperledger Fabric, Ethereum, or another DID method resolver they wish. These types of resolvers would support the resolving of transactions and other data on other ledgers.

Additionally, Hyperledger Aries will provide features and functionality outside of the scope of the Indy ledger to be planned and fully supported. We have reached out to other groups, including Ethereum-based decentralized identity efforts and others participating at the W3C to contribute to this code base.

With all of these capabilities, the open source community will now be able to build core message families that are necessary to facilitate interoperable interactions a wide variety of use cases involving blockchain-based identity.

Where did Aries come from?
Hyperledger Aries is related to both Hyperledger Indy, which provides a resolver implementation, and Hyperledger Ursa, which it uses for cryptographic functionality. Aries will consume the cryptographic support provided by Ursa to provide both secure secret management and hardware security modules support.

One of the main purposes of this project is to change the client layers in Hyperledger Indy to be interoperable with other identity projects. Hyperledger Indy has been incubating protocol work for peer interactions between identity owners for some time but as the development community has grown, it has become clear that the scope of that work extends beyond the functionality provided by Indy for support of other systems and networks.

With the main wallet and cryptographic code moving to its own project, it makes sense to move the pieces necessary to support that process with them in order to support a standards-driven approach and avoid cross dependencies between Indy and Aries.

What’s next for Aries?
The ultimate goal of Hyperledger Aries is to provide a dynamic set of capabilities to store and exchange data related to blockchain-based identity. These capabilities will range from the secured, secret storage of data such as private keys, up to the capability of globally accessible data that can be viewed and accessed by anyone. An example of such support is the creation of a secure storage solution similar to the wallet available in Hyperledger Indy today.

Other Aries functionality that would be in scope for a 1.0 project release would be a Decentralized Key Management Solution (DKMS) which would add key recovery, social recovery, and wallet backup and restore functionality. Using DKMS, clients will need a way to interact with one another peer to peer that is currently in development within Hyperledger Indy. Much of this work would be based on the DKMS documents outlined in the Indy-HIPE dkms design folder. This would be capable of storing verifiable credential data, private keys, relationship state data, and functionality that could perform operations with this data without having to extract this data.

We also hope to eventually have a scalable, searchable storage layer which is capable of storing other associated data necessary for identity maintenance. Examples of such data would be pictures, health records, or other personal information.

Who’s Involved?
The Sovrin Foundation has been the primary contributors to this initial initiative, but endorsements and possible contributions are in flight from several other organizations. Hyperledger has proven to be a collaborative and open environment for growing the community and has helped attract a variety of contributors. We are excited by the enthusiastic response from like-minded members of the community and look forward to collaborating further.

Want to Learn More?
If you’re interested in learning more about Aries, Indy, or Ursa, consider visiting https://wiki.hyperledger.org/display/HYP/Hyperledger+Aries+Proposal or #Aries on Hyperledger chat at https://chat.hyperledger.org/channel/aries

We welcome interest from all groups and organizations, including enterprises and standards organizations.  We are looking forward to hearing from you!

When Hyperledger Sawtooth Met Kubernetes – Simplifying Enterprise Blockchain Adoption

By | 网志, Hyperledger Sawtooth

Blockchain Technology Partners has teamed up with Digital Asset to deliver DAML Smart Contracts for Hyperledger Sawtooth deployed and managed on Kubernetes using its blockchain management platform Sextant.

One of the great things about being a member of the Linux Foundation is that you are part of a vibrant global community that is home to open source projects in a wide range of ecosystems and host to an impressive array of events worldwide.

  • A global community where you are actively encouraged to participate in meetups and events specific to your ecosystem as well as contribute to broader open source summits
  • A global community where there is the opportunity to collaborate not just within your own ecosystem but with ecosystems that complement yours – this is at the heart of the open source ethos

A case in point is Blockchain Technology Partners (BTP) which, like a number of our Hyperledger members, is also an active participant in the CNCF, aka Cloud Native Computing Foundation. Its founding team recognized early on that the only way to make blockchain technology more accessible and easier to adopt was to address the operational challenges that they could see lying in wait for enterprises. With their team’s  background in open source, operations and cloud, BTP quickly realised that CNCF’s Kubernetes was the perfect match for Hyperledger Sawtooth. This led to the creation of Sextant, their blockchain management platform that radically simplifies the development, deployment and ongoing management of blockchain-based enterprise applications.

The power of open source collaboration doesn’t end there as BTP have now teamed up with Digital Asset to bring DAML Smart Contracts to Hyperledger Sawtooth – integrating their open source DAML runtime with Sawtooth, similar to the way the Sawtooth Ethereum (SETH) project integrates the Burrow EVM with Sawtooth, and handling its deployment and management with Sextant.

For the full story behind the creation of Sextant to deploy and manage Hyperledger Sawtooth on Kubernetes and BTP’s collaboration with Digital Asset to bring DAML to Sawtooth, read our case study.

Welcome Hyperledger Iroha 1.0: Flattening the DLT learning curve

By | 网志, Hyperledger Iroha

My first experience running a blockchain was when I first launched a Bitcoin node about six years ago. I got into Bitcoin out of curiosity and because the idea of sending value as digital data across the Internet was a very compelling idea.

Since those early days of experimentation, blockchain and DLT have emerged and found its place in enterprise — companies, individuals, consortiums want to get rid of non-transparent resource allocation, corruption, and fraud. Today, diamonds are registered on a blockchain, insurance companies know if you registered your MacBook at several places, and cross-border payments can operate more efficiently.

While blockchain technology has passed its longevity test, the software in general is still far from being integrator-friendly, developer-oriented, and straightforward; specifically when it comes to using distributed ledger technology instead of a database. This is where Hyperledger Iroha is different. With Hyperledger Iroha, it took me about 10 minutes to start building a blockchain. And now the Hyperledger Iroha team is releasing its first production-ready version, offering a faster, less complex path to DLT deployment. Welcome Hyperledger Iroha v1.0!

When it comes to solutions for business, it is critical that the technology is fit for the task and easy to integrate. Moreover, it must be reliable and safe so a business can trust it. Hyperledger Iroha provides safety with its decentralized consensus algorithm and reliability with a tested set of commands and queries. With them you can be sure that the code will do exactly what it is supposed to do — whether you want to add information to, or get information from, the ledger.

For this release the team prepared a special set of improvements:

  • New native client libraries deliver cross-application support for desktop/server (on Java, Python, C++) or mobile (iOS, Android (Java)) applications. You only need to get an idea of the client application and you are ready to go! Take a look at desktop and mobile application examples: on Java or JS: https://github.com/soramitsu/iroha-wallet-js
  • Novel, asynchronous consensus algorithm supporting one step agreement on votes with vote collection optimizations included (Yet Another Consensus; YAC). This means that even if a node is faulty, your decentralised ledger will still be up and running correctly. You can now focus on implementing your business application, leaving the question of whether you can trust partners’ nodes to Hyperledger Iroha.
  • Multi-signature transactions, or as we call them, MST, are now ready for production use. What does it mean for your business? It means that you can set a quorum, such that transactions from your company’s wallet will need several signatories instead of just one — just like in traditional banking, but quicker and more secure. This can also be used to model complex business processes in a secure and automatic way.
  • New backwards-compatibility allows you to integrate Hyperledger Iroha into your business and be sure that no breaking changes will affect it.

Hyperledger Iroha is already gaining strong traction with the community and enterprises:

Alexander Yakovlev from Moscow Exchange Group’s National Settlement Depository is using Hyperledger Iroha in D3 Ledger, and he said: “Global business is always terrific, and we looked for a solution that fits our requirements and is 100% open-sourced and oriented for the specific needs of our task. Features such as Iroha’s account management and supportive community, in addition to Soramitsu’s KYC application, were key factors in our decision to use Iroha for D3 Ledger. Iroha’s existing adoption in several countries and the practical use case with the Cambodian central bank were additional benefits.”

Hyperledger Iroha is already used in asset management, identity management, and payment systems. From simple asset transfers to secure information exchange about customers, Hyperledger Iroha can be used to empower a multitude of use cases, all without the need to program custom smart contracts.

Last year, I wrote a paper about Sora Identity, an implementation of a self-sovereign identity protocol using Hyperledger Iroha. Since then, we have worked on expanding this app and now we have a working product for KYC, targeted towards financial institutions. We are now expanding this to be at the core of the Sora decentralized autonomous economy, an exciting new type of economic system, geared towards empowering the creation of new goods and services.

Try it – simplicity and friendly support from the community will surely help you find your own way of improving your project with Hyperledger Iroha blockchain. You can find the Hyperledger Iroha 1.0 documentation here: https://iroha.readthedocs.io/en/latest/. Follow the “Getting Started” guide to create your first Iroha network in 10 minutes.

An overview of Self-Sovereign Identity: the use case at the core of Hyperledger Indy

By | 网志, Hyperledger Indy

In the real world, most identity interactions are self-sovereign. We collect and hold various credentials that we keep in our possession and present at our discretion to prove things about ourselves. These could be collections of cards, certificates, or paperwork that prove various things about someone or something. Some credentials are obvious, like birth certificates, licenses to drive, employee ID cards, passports, university diplomas…the list goes on. We hold and present these to any anyone we want, without the permission of the organization who issued them. These credentials are kept and controlled by the holder, and only taken from her wallets and revealed with her expressed consent.

This is not what happens on the internet. Like the famous cartoon says – “On the Internet, nobody knows you’re a dog,” illustrating the very real issue with the lack of an easy, secure, standardized system for a person to collect, hold, and ultimately present trustworthy, verifiable credentials online.

Unfortunately, online identity is very clearly broken. This is due to the fact that the internet was created without any way to identify the people who used it. Initially, it was a fairly small network of machines. Internet protocols are designed to identify machines and services, not people. People used the Internet through some institution (usually their company or university) and were part of that institution’s administrative identity system. This can still be seen in the format of email addresses that identify both recipient and sender as someone@someplace.

As the internet grew to include people who weren’t formally associated with an institution, every website and service created its own administrative identity domain. The result is the fractured profusion of identifiers, policies, and user experiences that constitute digital identity in 2019. Where early internet users had a handful of credentials and logged in occasionally, modern internet users typically have dozens, even hundreds, of usernames and passwords. Security has made these harder to use by encouraging or even forcing users to use more cryptic passwords and not share them between sites. And now multi-factor authentication adds to the cognitive burden. And then there’s the inconvenience of supplying the same information to application after application, all the while suffering the dangers that they might lose it or expose it to hackers.

One attempt to solve this problem is single-source or ‘federated logins.’ Social login systems from Google, Facebook, and others expedite logging into various websites, but these systems are limited in the kinds of attributes they use and the trustworthiness of those attributes. As a result, they aren’t as widely used as one might hope. Many companies don’t or can’t use social login and so the system of fractured administrative identity systems remains.

Traditional, identity systems have a single identity provider (IdP) administering an identity system for their own purposes. The rights of the so-called “identity subject” are subordinate to those of the identity provider. These systems are siloed, meaning the attributes you’ve shared with one organization are difficult to use with another. Each company asks for the same information, like your name, credit card, address, and so on. Users are required to provide that information to use the service – whether they like it or not. This single entity determines what information will be collected, decides who can participate, and how their data is stored – and that data is only as secure as the company or organization that keeps it.

Consequently, until now, the internet has lacked a universally available digital identity system that lets individuals collect and hold trustworthy verifiable credentials and present them to whoever they want, whenever they want – without the reliance on a third-party managing access.

What is SSI

Self-sovereign identity (SSI) gives individuals or organizations agency to control their identity information. SSI acknowledges that identity is about much more than logging in. Identity can be expanded to other uses by using verifiable attestations, called credentials, to prove things about yourself. SSI uses verifiable, trustworthy credentials. Identity owners autonomously use those credentials wherever they want. Privacy is a critical feature of SSI because, without privacy, there is no control. In SSI, the identity owner must be in control of who sees what. This represents a monumental shift in how identity functions on the internet.

Credential issuers, holders, and verifiers are peers on an SSI network. Any person or organization can play any or all of the roles, creating a decentralized system for the exchange of trustworthy, digital credentials.

  • Credential issuers determine what credentials to issue, what the credential means, and how they’ll validate the information they put in the credential.
  • Credential holders determine what credentials they need and which they’ll employ in workflows to prove things about themselves.
  • Credential verifiers determine what credentials to accept, and which issuers to trust.


In SSI, players independently determine the role they’ll play, who they trust, and what they will believe. While credentials can be revoked individually, the identity owner still controls her own identity wallet and all the other credentials she has collected. The result is an internet identity system that is more flexible, more secure, more private, less burdensome, and less costly.

About the author: Dr. Windley, an expert in decentralized digital identity and IoT and event-driven systems, is Chair of the Board of Trustees, Sovrin Foundation. The Sovrin Foundation open sourced the codebase used to create the Sovrin Network and contributed the initial code for Hyperledger Indy to Hyperledger, a project dedicated to blockchain hosted by the Linux Foundation.

Research Paper: Validating Confidential Blockchain Transactions with Zero-Knowledge Proof

By | 网志, Hyperledger Indy

By: Carlo Gutierrez and Alex Khizhniak, Altoros

A new document explains how blockchain transactions can be verified without having to reveal the details. Some of the model’s implementations include Idemix and Hyperledger Indy.

Transparency is considered by many to be one of blockchain’s most important traits. However, there are businesses, such as those in finance, which deal with sensitive information. In these situations, transparency takes a step behind privacy. For organizations operating with confidential information, implementing blockchain transactions with zero-knowledge proof (ZKP) is a solution to consider.

Altoros, a General Member of Hyperledger and an expert in blockchain development and training, has released a research paper exploring how to ensure privacy while still providing transparency on a blockchain.

Who can benefit from ZKP?

In a nutshell, ZKP is a method in cryptography where a prover can convince a verifier that it knows a secret value, without actually disclosing any information apart from the fact that it knows the secret value. While this requires some input from the verifier (e.g., challenging a response), there is also a form of this model called noninteractive ZKP, which does not require such an interaction between the two parties.

Avoiding linkability between certificates using ZKP protocols such as Idemix (Image credit)

Applications that benefit from ZKP are those that require a measure of data privacy. Some of these example applications include:

Authentication systems. The development of ZKP was inspired by authentication systems, where one party needed to prove its identity to a second party through some secret information, but without revealing the secret altogether.

Anonymous systems. ZKP can enable blockchain transactions to be validated without the need to reveal the identity of the users making a transaction.

Confidential systems. Similar to anonymous systems, ZKP can instead be used to validate blockchain transactions without revealing pertinent information, such as financial details.

ZKP implementations: Idemix and Hyperledger

In Hyperledger Fabric, privacy-preserving authentication and transfer or certified attributes can be done using Identity Mixer (Idemix), a ZKP-based cryptographic protocol. Its implementation consists of the three components:

  • A core Idemix cryptopackage (in Golang), which implements basic cryptographic algorithms (key generation, signing, verification, and zero-knowledge proofs)
  • MSP implementation for signing and verifying transactions using the Identity Mixer cryptopackage
  • A CA service for issuing ECert credentials using the Identity Mixer cryptopackage

The Idemix architecture within Hyperledger Fabric

This combination provides:

  • anonymity (sending transactions without having to reveal your identity)
  • unlinkability (sending multiple transactions without revealing that all the transactions come from the same source)

Based on Idemix, the Hyperledger Indy project was built for managing decentralized, independent digital identity. It utilizes the so-called Indy-anoncreds to cryptographically secure credentials. Just a couple of days ago, it was announced that The Hyperledger Technical Steering Committee (TSC) had approved Indy to graduate from incubation to the active status.

For more details on ZKP, the zkSNARK protocol, and noninteractive ZKP implementations (such as Idemix and Indy), check out the full research paper.

Developer showcase series: Juan Navarro, Biztribution

By | 网志, Hyperledger Fabric

Back to our Developer Showcase Series to learn what developers in the real world are doing with Hyperledger technologies. Next up is Juan Navarro of Biztribution.

What advice would you offer other technologists or developers interested in getting started working on blockchain?

First, I recommend having a look at Anders Brownworth’s website “how blockchain works”. It’s a very easy way to understand how and why blockchain works. Next, add some PKI infrastructure reading to know who did what and… congratulations! Now, you know the foundations of blockchain.

When it comes to Hyperledger Fabric, don’t let the seeming complexity make you reluctant to dive in. At first sight, Hyperledger Fabric may look a bit overwhelming  with a lot of different technologies and configuration files.. However, to quote Albert Einstein: “Learning is experience. Everything else is just information.” Don’t be afraid of the vast amount of documentation you can find about Hyperledger. Instead, I recommend, start with the Fabric demo. Then, watch Chaincode for developers and some of the other online examples. Suddenly, everything will begin to make sense and you will start to understand the architecture and its beauty.

Give a bit of background on what you’re working on, and let us know what was it that made you want to get into blockchain?

Our project is related to giving governance of content distribution back to airlines. Airlines are competitors and partners at the same time. For that reason, they have to share some information continuously and keep other information private. In order to achieve that today, they rely on third parties that centralize all their data to retail their contents, specifically over indirect channels. We have identified blockchain as the answer to solve this puzzle, and Hyperledger Fabric as the technology the industry needs.

What project in Hyperledger are you working on? Any new developments to share? Can you sum up your experience with Hyperledger?

We are mainly working with Hyperledger Fabric. At the moment, we have successfully done several lab proofs-of-concept with millions of routes, availabilities, fares, geographic data, etc. It is amazing to see how the information flows among peers.

What do you think is most important for Hyperledger to focus on in the next year?

  • Pluggable interfaces and documentation.
  • Performance metrics as a function of transactions/sec, peers, consensus, channels, participants, orderers, etc. It would be great to get an answer to the white paper published by the Performance and Scalability Working Group.
  • Guidelines about how many orderers we need to deploy as a function of organizations, transactions, peers, performance, etc.

As Hyperledger’s incubated projects start maturing and hit 1.0s and beyond, what are the most interesting technologies, apps, or use cases coming out as a result from your perspective?

Sovereign ID initiatives. I am very careful about sharing my personal data. I have always asked myself “why do I have to give my ID when I subscribe to a service, in hotels, shops, etc.?” Are there other alternatives that fulfill regulatory requirements and preserve my privacy at the same time?

What’s the one issue or problem you hope blockchain can solve?

Well, our goal is to reinvent an  industry by creating a new revolutionary, automated and simple distribution model for the travel and tourism ecosystem. Based on Distributed Ledger Technology, we enable airlines to regain control over their contents. This creates a shift towards a fully decentralized scenario in which flexibility and de-commoditization are achieved, translating into more efficient operations and a significant reduction in  distribution costs.

Where do you hope to see Hyperledger and/or blockchain in 5 years?

I hope to see Hyperledger in a lot of interactions on a daily basis where  end users are not even able to perceive that Hyperledger is working behind the scenes. That’s the magic of technology!

What is the best piece of developer advice you’ve ever received?

Don’t write a single line of code until you have a clear understanding of what you want to get done.

What technology could you not live without?

Short answer: Linux and… Linux!

At home, I’m a big fan of Raspberry Pi because you have a great computer with a very low energy consumption and no noise. With it, I have IPTV, home automation, VPN and content filtering for kids.

At work, micro services architecture! Once you try it, you can’t live without it!

Hyperledger Sawtooth: Improving the Devops CI Workflow with Kubernetes

By | 网志, Hyperledger Sawtooth

Every devops engineer knows the importance of continuous integration (CI) testing. It’s vital to prevent regressions, as well as maintain performance, security, and supportability. At Bitwise IO, we are experimenting with Kubernetes as an automated CI deployment tool. We like the simplicity of extending tests with deployments on Kubernetes. We think Kubernetes has compelling potential for use in the CI workflow.

Figure 1: The main tools in our CI workflow

This blog post explains how Kubernetes fits into our CI workflow for Hyperledger Sawtooth. We don’t go into detail, but we provide links so you can learn more about Kubernetes and the other tools we use.

Building Sawtooth

Hyperledger Sawtooth uses Jenkins to automate builds of around 20 GitHub repositories. Each new or merged pull request in the master branch initiates a build that contains project-specific tests. The next logical step is to deploy into a test environment.

We have two deployment methods: Debian packages and Docker images. We install the Debian packages inside the Docker deployment image to ensure both that the binaries are tested and that the packages are installable.

Using Docker’s multi-stage build capability, an intermediate build container makes the deployment image smaller and narrows its exposed attack surface (possible vulnerabilities).

Handing off Docker Images with Docker Registry

Jenkins is a great place for build artifacts, but Docker has its own way to easily retrieve images. Docker Registry allows you to push your newly created images and easily retrieve them with Docker, Kubernetes, or anything else that uses the Docker Registry model.

This example shows how to tag an image with the URL of an internal registry, then upload the image to that registry.

$ docker build -f Dockerfile -t registry.url/repo/image_name:${tag} .
$ docker push registry.url/repo/image_name:${tag}

We also use Portus, because Docker Registry does not provide user and access management on its own. The Portus project makes it simple to place an authentication layer over Docker Registry. Now, any authenticated user can pull and deploy the same images that are being deployed into the test environment.

Kubernetes: Simulating Scaled Deployments

Kubernetes excels at creating deployments within and across abstracted infrastructures. We have done our experiments on local (“on-prem”) hardware with a cluster of small Kubernetes nodes dedicated to Sawtooth deployments. Each deployment consists of several pods partitioned in a namespace, which allows us to run multiple networks based on the same deployment file. (Without namespaces, Kubernetes would think we are updating the deployment.) A pod represents a Sawtooth node and contains several containers, each running a specific Sawtooth component: validator, transaction processor, REST API, and so on. Each namespace can have independent quotas for resources such as CPU time, memory, and storage, which prevents a misbehaving network from impacting another network.

Figure 2: Containerized services grouped together in pods.

Because we use Kubernetes, these deployments are portable. We can use them on any cloud infrastructure that supports Kubernetes.

Kubernetes also allows us to scale the number of CI test deployments. With an elastic cloud infrastructure, Kubernetes provides effortless testing on a large number of virtual systems (limited only by the cost of cloud hosting). This solves the issue of limited hardware resources, where each additional deployment will stress existing deployments when they share a node’s resources.

Workload Generation: Deploying Changes Under Load

Deploying Sawtooth is the first step, but you need to give it something to do—better yet, lots to do. Sawtooth includes several workload generators and corresponding transaction processors. In our Kubernetes environment, we deploy intkey_workload and smallbank_workload at rates slightly above what we think the hardware can handle for shorter runs.

Modifying workload rates is as simple as editing the deployment file, changing the rate settings, and reapplying with kubectl. When Kubernetes detects that the pod’s configuration has changed, it terminates the existing workload pod and creates a new one with the changed settings.

This example shows a container definition for an intkey workload pod.

containers:
  - name: sawtooth-intkey-workload
    image: registry.url/repo/sawtooth-intkey-workload:latest
    resources:
      limits:
        memory: "1Gi"
    command:
      - bash
    args:
      - -c
      - |
         intkey-workload \
           --rate 10 \
           --urls ...

Retaining Data with Kubernetes: Logging and Graphing

All this testing isn’t much use if you can’t troubleshoot issues when they arise. Kubernetes can streamline deployments, but it can also frustrate your attempts to gather logs and data embedded inside Docker containers after a pod has failed or stopped. Luckily, Sawtooth provides real-time metrics (which we view with Grafana) and remote logging through syslog. We actively collect logs and metrics from the Sawtooth networks, even down to syslog running on the hardware, then carefully match the logging and metrics artifacts to the testing instance. In the end, we can provide a comprehensive set of log data and system metrics for each code change.

Try It Out!

The Sawtooth documentation can help you get started: See Using Kubernetes for Your Development Environment and Kubernetes: Start a Multiple-node Sawtooth Network.

To configure Grafana, see Using Grafana to Display Sawtooth Metrics.

See these links for more information about each tool in our CI workflow:

About the Authors

Richard Berg is a Senior Systems Engineer at Bitwise IO. He has several years’ experience in sysadmin and devops roles. When not behind a terminal, Richard can be found in the woods with his snow-loving adventure cat.

Ben Betts is a Senior Systems Engineer at Bitwise IO. Ben has lots of experience with deploying, monitoring, coordinating, and supporting large systems and with writing long lists of experiences. He only uses Oxford commas because he has to.

 

 

Forbes Blockchain 50: Half of the biggest companies deploying blockchain use Hyperledger

By | 网志

Hyperledger, “the gold standard for corporate blockchain projects,” powers half of the “Forbes Blockchain 50,” according to a new set of articles deep diving into the state of enterprise blockchain.

This week, Forbes took on the challenge of chronicling “the rise of so called ‘enterprise’ blockchain” with the creation of its inaugural Blockchain 50, a list of 50 of the biggest companies deploying DLT technology within their operations. Forbes also captured the blockchain platforms at work in each of the 50 companies on its list. Half of the companies on the list, including Amazon, Cargill, CVS, IBM, Seagate, Visa and more, are using Hyperledger technologies.

The list was accompanied by the in-depth, case study-filled feature “Blockchain Goes to Work,” which welcomes readers to “the brave new world of enterprise blockchain, where corporations are embracing the technology underlying cryptocurrencies like bitcoin and using it to speed up business processes, increase transparency and potentially save billions of dollars.”

Hyperleger has focused exclusively on enterprise blockchain and DLT solutions, applying rigorous standards to how open source blockchain is developed. The recognition that some of the world’s largest organizations are building on Hyperledger is validation for the course set three years ago by Executive Director, Brian Behlendorf, to be the premiere community advancing the commercial adoption of blockchain tech.

The Forbes articles solidified Hyperledger technologies’ position as the de facto infrastructure for enterprise blockchain. Or, as Forbes says, “the gold standard for corporate blockchain projects.”

The transition from possibility to reality is well underway, which makes it more important than ever that we push ahead with a transparent, rigorous community-driven development across all our current and future projects. Our community is conceiving, building and deploying foundational technologies that are forever changing the way global companies, customers and communities interact.