Understanding the blockchain solution architecture

Unit 03

IBM Skills Academy

V1.0, July 2018

Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
What you should be able to do

Upon completion of this unit, you should be able to:

• Explain the components of a typical blockchain solution, and the key roles in building a
blockchain solution.

• Explain the architecture of Hyperledger Fabric and Hyperledger Composer.

• Explain security and integration with existing systems at a high level.

3
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
Business considerations for the blockchain network

As a B2B system, blockchain has many aspects that are not typical in other projects:
• Who pays for the development and operation of the network?
• Where are the blockchain peers hosted?
• When and how do new participants join the network?
• What are the rules of confidentiality in the network?
• Who is liable for bugs in (for example) shared smart contracts?
• For private networks, what are the trusted forms of identity?

5
Components in a blockchain solution
A ledger stores the blockchain and the world state data. It is maintained by each peer on the channel.
Ledger …

f(abc); Software that encodes assets, and transaction instructions (business logic) for modifying the assets.
Smart contract

A network of nodes that are distributed among the participants. The nodes reach consensus on the
Peer
order and correctness of transactions within a block.
network

E E Membership Services authenticates, authorizes, and manages identities on a permissioned blockchain

Membership
E network.

Creates notifications of significant operations on the blockchain (such as a new block), and notifications
Events ! that are related to smart contracts.

Systems Used to create, change, and monitor blockchain components.

i
management

Wallet Securely manages a user’s security credentials.

Systems Responsible for integrating the blockchain bi-directionally with external systems. Not part of the blockchain,
integration but used with it.

6
Blockchain system context
R Regulator
B2B U
transactions Blockchain
Performs user
A oversight.
Blockchain
architect

Designs. 

Membership
services
D Blockchain Accesses
security
Blockchain
certificates.
developer Creates
applications.

Access to
data
Operates. Traditional
data sources

Access to logic
O
Blockchain
network Traditional
operator processing
platforms

7
Roles and key components

D
Blockchain Application Smart Ledger
developer contract
f(abc); …

Traditional Systems
processing Traditional
data sources Events integration
platforms
O
!
Blockchain
operator

Peers Consensus Security

A
Blockchain
architect

8
The blockchain architect
A
Blockchain
architect

For a successful solution, blockchain architects must have a good understanding of the
many development and operational concerns that are discussed in this unit.

Applications Smart contracts Events and integration

Peers Consensus Security

However, there are more considerations for architects to bear in mind from the outset. For example:

Business Design
concerns Tradeoffs
$
9
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
Overview of Hyperledger Fabric: Design goals

• Reflect business processes by specifying who endorses transactions.

• Support broader regulatory requirements for privacy and confidentiality.
• Scale the number of participants and transaction throughput.
• Eliminate nondeterministic transactions.
• Support rich data queries of the ledger.
• Dynamically upgrade the network and chaincode.
• Supports multiple credential and cryptographic services for identity.
• Supports ”bring your own identity”.

11
Hyperledger Fabric architecture
Admin
External-CA Fabric-CA
Membership Optional
 Optional 
services

Endorser
Client SDK
application (HFC)*
Committer
O O
Ledger
A
Chaincode B

O O
Events !

Ordering service
*HFC = Hyperledger Fabric Client Peer network
Hyperledger Fabric Network
12
Network architecture

User
Hyperledger Runs presentation
Fabric logic, for example, on
a mobile device or
dashboard.

App
Runs
O O Peer 1 Peer 2 … Peer n server and
App
Business Integration Application
APIs logic APIs

O O
Ordering service
MSP 1 MSP 2 MSP n
Peer network and certificate authorities

Data layer | Business application layer | Presentation layer

13
Transaction lifecycle

Client application

SDK (HFC)*
1. Gets the endorsement of
the transactions’ proposal.
2. Submits
transactions.

O O …
Peer 1 Peer 2 Peer 3 Peer 1 Peer 2 Peer n
Endorser & Endorser & Endorser & Endorser & Endorser & Committer
committer committer committer
committer committer O O
Endorsing peers in peer network Peer network

Endorsing peers decide that 3. Ordering service creates 4. Committing peers (all peers) validate each
the proposal is valid. the block of transactions, transaction in the block, and commit the block.
and sends it to all the peers.
*HFC = Hyperledger Fabric Client

14
Recap: Blockchain technical concepts

Peers are the networked services The Ordering Service agrees on the
that maintain the ledger state and transaction sequence and distributes
run smart contracts. blocks to peers.

✓ ✓ ✓
Smart contracts constitute the Consensus is the process by
transaction logic whose output is which agreement is obtained on
agreed upon by the peer network. the peer network.

15
Blockchain reference architecture

BLOCKCHAIN SERVICE 5

16
Hyperledger Fabric component overview

Blockchain User Security

EVENTS
Application Gateway

17
Sample operational model
VM VM VM VM
Container Container Container Container Container
Container

Composer
REST Server
Container Container Container Container Container
Client
Peer1-0 Peer1-1 Peer2-0 Peer2-1 Peer-n-0
application
Container
Container Container Container Container Container
Composer
Playground CA1-1 CA1-2 CA2-1 CA-n-1 CA-n-2

Member / Org 1 Member / Org 2 Member / Org n

VM
Container Container Container

Orderer-1 Orderer-2 Orderer-n

Orderers
Hyperledger Fabric components

18
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
Hyperledger Composer

• A suite of high-level application abstractions for business networks.

Business application
• Emphasis on a business-centric vocabulary for quick solution creation.
• Reduce risk, and increase understanding and flexibility.
Hyperledger Composer

Blockchain (Hyperledger Fabric)

• Features:
o Model the business networks, and test and expose through APIs.
o Applications invoke APIs transactions to interact with business network.
o Integrate existing systems of record by using LoopBack/REST.

• Fully open and part of Linux Foundation Hyperledger.

20
Hyperledger Composer architecture

21
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
Security: Real-world versus digital identity

• Consider real-world identity documents:

o The issuers of the identity documents are trusted third parties.
o There is a chain of trust.
o Identity documents are often stored in wallets.

• In the digital world, identities consist of public/private key pairs that

are known as certificates. Identity documents are issued by trusted
third parties that are known as certificate authorities (CAs).
R
CA

• Private blockchain networks also require CAs so that network U

members know with whom they are dealing. CAs may sit within a
regulatory body or a trusted subset of participants. CA

23
Identity and Access Management

Company A Company B Organization identity Blockchain identity

Enterprises have user
IDs. (People and systems) (CA enrollments)
Enterprise system Enterprise system
Provided by Provided by
The blockchain solution
has roles. identity provider. Fabric CA

Blockchain solution
The blockchain network
has CA enrollments.
Solution identity
Blockchain network
(Role)
Blockchain platform Provided by
solution design.
Hyperledger Fabric

Identity Management structure on blockchain Identity Management on blockchain

24
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
User roles in a blockchain project
– Network service provider:
NSP
– Governs the network: channels, membership, and others.
– A consortium of network members or designated authority.

– Network service consumer:

– Operates a set of peers and certificate authorities on the network.
– Represents an organization on the business network.

– Business service provider:

– Develops blockchain business applications.
– Includes transaction, app server, integration, and presentation logic.

Business service consumer: Hosts application and User: Runs presentation logic on, for example,
integration logic that invokes blockchain a mobile device or dashboard.
transactions.

A single organization may play multiple roles!

How the architecture fits with enterprise services and processes
Business service
consumer User
Hosts application and Runs presentation
integration logic, which logic, for example,
invokes blockchain on a mobile
transactions. device or a
dashboard.

Composer
IBM
Blockchain
Fabric Smart contracts Hosts Runs
Platform

App
O O
Enterprise API
O O Events applications management
Secure
cloud Device IoT

Existing
systems
of record Enterprise Enterprise
user directory data

Data layer | Business application layer | Presentation layer

Integrating with existing systems

Endorser & Committer

Peer Nodes 2. Blockchain events
1. System events
Event Existing
Event systems

…
3. Call into blockchain network from existing systems

Transform

Existing
Blockchain network systems

28
Learning objectives

Overview

Hyperledger Fabric architecture

Hyperledger Composer architecture

Security

Integration

Summary
Unit summary

This unit defined the blockchain architecture at high level and described the following concepts:

• The components and roles that are required to build a blockchain solution.

• The Hyperledger Fabric and Hyperledger Composer components and architecture.

• A high-level view of Hyperledger Fabric security and integration with existing systems.

30
Checkpoint questions

1) The blockchain network operator makes design tradeoffs based on the business concerns of the network
participants.

a) True

b) False

31
Checkpoint questions

2) Which of the following items runs the smart contract (or chaincode)?

a) Client

b) Orderers

c) Composer

d) Peer nodes

32
Checkpoint questions

3) Who decides that transactions follow the business logic that is defined in the smart contract?

a) Endorsers

b) Committers

c) Ordering service

d) Certificate authorities

33
Checkpoint questions

4) Which component handles authentication in Hyperledger Fabric?

a) Client SDK

b) Security Gateway

c) Membership Services

d) Identity and Access Management

34
Checkpoint questions

5) What is an integration option that is provided by Hyperledger Fabric?

a) Wallet

b) Events

c) Ledger

d) Consensus

35
Checkpoint answers

List the correct answer for each question.

1) b

2) d

3) a

4) c

5) b

36
Exercise objectives

This exercise explores the different parts of the sample application to highlight the different artifacts in
design and run time: peers, certificate authority, ordering services, database, and the Docker image.

Your learning objectives are:

• Deploy and explore a blockchain sample and understand its different parts.

• Modify the artifacts of the sample (assets, participants, and transactions).

37
References

• Gaur, N., et al, Blockchain Solution Architecture, Academy of Technology Initiative, IBM, 2017

• Hyperledger Fabric documentation http://hyperledger-fabric.readthedocs.io/en/release-1.1

• Blockchain educator guide https://developer.ibm.com/academic/resources/blockchain-educator-guide/

• Cloud Customer Architecture for Hybrid Integration - 2017 Cloud Standards Customer Council:
http://www.cloud-council.org/deliverables/CSCC-Cloud-Customer-Architecture-for-Hybrid-
Integration.pdf

• Blockchain reference architecture – IBM Cloud Garage method:

https://www.ibm.com/cloud/garage/architectures/blockchainArchitecture/reference-architecture

38
Thank you.
IBM Skills Academy

www.ibm.com/blockchain

developer.ibm.com/blockchain

www.hyperledger.org

© Copyright IBM Corporation 2017. All rights reserved. The information contained in these
materials is provided for informational purposes only, and is provided AS IS without warranty
of any kind, express or implied. Any statement of direction represents IBM's current intent, is
subject to change or withdrawal, and represents only goals and objectives. IBM, the IBM
logo, and other IBM products and services are trademarks of the International Business
Machines Corporation, in the United States, other countries or both. Other company, product,
or service names may be trademarks or service marks of others.
 © Copyright IBM Corporation 2018. All rights reserved. The information contained in these
materials is provided for informational purposes only, and is provided AS IS without warranty
of any kind, express or implied. Any statement of direction represents IBM's current intent, is
subject to change or withdrawal, and represents only goals and objectives. IBM, the IBM
logo, and other IBM products and services are trademarks of the International Business
Machines Corporation, in the United States, other countries or both. Other company, product,
or service names may be trademarks or service marks of others.