Hyperledger and Hyperledger Fabric

CS8030: Blockchain Technology and Applications

Slides are based on the contents given in the official website of Hyperledger Fabric
 Hyperledger
• An open source collaborative effort created to advance
cross-industry blockchain technologies.

• It is a global collaboration, hosted by The Linux Foundation.

• Participants include leaders in finance, banking, Internet of

Things, supply chains, manufacturing and technology.

21-02-2024 Hyperledger and Hyperledger Fabric 2

 Why Hyperledger ?
• Let us go back to the concept of distributed ledger in Bitcoin
or Ethereum blockchain networks.
• Both are public blockchain networks where anyone can join
the networks and hence, has access to the common ledger.
• To meet the need of sharing information and records among
different companies and groups of people, the concept of
distributed databases emerged, where certain chunks of
data can be accessed by more than one person
simultaneously.
21-02-2024 Hyperledger and Hyperledger Fabric 3
 Why Hyperledger (Contd.) ?
• But shared databases raise several important questions and
issues –

• Whom to trust for sharing our data?

• Identity authentication of the person with whom we share our
data.
• Different types of databases access rights to various types of
entities in the network.
• Roles of different entities in performing operations in the ledger.
• Who settles any conflicts or disputes?

21-02-2024 Hyperledger and Hyperledger Fabric 4

 Why Hyperledger (Contd.) ?
• To deal with these issues, business ( enterprise level)
blockchains are evolved with the concept of permission to
view and operate on the common distributor ledger called
blockchain.
• This means a person needs to meet certain requirements to
perform specific actions on blockchain.
• Some permissioned blockchains restrict the access of the
blockchain to only pre-verified users.
• Others allow anyone to join, but only let trusted identities
verify transactions on the blockchain.
21-02-2024 Hyperledger and Hyperledger Fabric 5
 Hyperledger
• Hyperledger serves as a Greenhouse that brings together
users, developers, and vendors from many different sectors
and market-places.
• Common goal is to -
Deploy
Develop enterprise
blockchain
Learn

21-02-2024 Hyperledger and Hyperledger Fabric 6

 Blockchain with Customized Permissions and
Structure
• Every enterprise needs special features and modifications to help a
blockchain achieve its intended purpose.
• There can be many open source solutions for blockchains with
different features that provide a wide range of solutions across
many industries.
• Hyperledger provides an environment to incubate new ideas,
support each one with essential resources, and distribute the
results widely.
• Like a ‘greenhouse structure’ it can support many different varieties
while consuming far fewer resources.

21-02-2024 Hyperledger and Hyperledger Fabric 7

 Hyperledger
• Helps keeping up with developments.
• Benefit of better productivity through specialization.
• Provides collaborative platform to avoid duplicate efforts.
• Help better control over the quality of code.
• Provides easy handling of intellectual property.
• Hyperledger operates under an Apache 2.0 license for code and
Creative Commons Attribution 4.0 International license for
content.
• Both these licenses are known to be especially enterprise-
friendly.

21-02-2024 Hyperledger and Hyperledger Fabric 8

THE HYPERLEDGER
GREENHOUSE STRUCTURE

21-02-2024 Hyperledger and Hyperledger Fabric 9

 The Linux Foundation founded the
Hyperledger project in 2015 to advance cross-
industry blockchain technologies.

Instead of a single blockchain standard, it

Hyperledger encourages a collaborative approach to
developing blockchain technologies via a
Project community process, with intellectual
property rights that encourage open
development and adoption of key standards
over time.

21-02-2024 Hyperledger and Hyperledger Fabric 10

 Hyperledger Project Design Philosophy

21-02-2024 Hyperledger and Hyperledger Fabric 11

 Some Compelling Use Cases and Hyperledger Tools

• Banking—applying for a loan

• Financial services—post-trade processing

• Other important use cases

• Healthcare—credentialing physicians
• IT—managing portable identities
• Supply chain management—tracking fish from ocean to table

21-02-2024 Hyperledger and Hyperledger Fabric 12

 • Use case “Banking: Applying for a loan”
• Banks want to lend to only those people with whom banks have low
risks of repayment failure. Only people with high credit rating are
given loans by banks.
• To determine credit rating, banks collect detailed personally
identifiable information (PII) from everyone who applies for a loan,
such as date of birth, annual income, Aadhar ID, source of income etc.
• Sharing of PII increases vulnerability of cyber attacks.
• Hyperledger Indy helps manage information in a secure and efficient
21-02-2024
way. Hyperledger and Hyperledger Fabric 13
 • How is this done with Indy ?
• Instead of sharing the complete PII, persons seeking loans
can apply to different financial institutions by sharing only
relevant information that is critical to decide eligibility of
loan, and credibility of the applicant, such as a credit score
and all previous loan repayment history etc.
• Since this forms a part of immutable ledger, information can
be extracted by all the financial institutions with greater
trust and reliability.
21-02-2024 Hyperledger and Hyperledger Fabric 14
 Financial Services: Main Step
in Post-Trade Processing
Trade
validation

Clearing

Settlement

Custody
activities

Reporting
21-02-2024 Hyperledger and Hyperledger Fabric 15
 Financial Services with
Blockchain
• Special features required.

• Immediate finality:
• Future-proof confidentiality
• Streamlined performance
• Which Hyperledger projects can
be helpful ?
• Hyperledger Fabric, Hyperledger
Sawtooth and Indy.

21-02-2024 Hyperledger and Hyperledger Fabric 16

 Hyperledger Fabric
• Hyperledger Fabric is a platform for distributed ledger solutions.
• It provides a modular and configurable architecture delivering
high degrees of confidentiality, resiliency, flexibility, and
scalability.
• It is designed to support pluggable implementations of different
components and accommodates the complexity and intricacies
that exist across the economic ecosystem.
• It enables innovation, versatility and optimization for a broad
range of industry use cases including banking, finance, insurance,
healthcare, human resources, supply chain and even digital
music delivery.
21-02-2024 Hyperledger and Hyperledger Fabric 17
 Hyperledger Fabric
• Designed for use in enterprise contexts, that delivers some key
differentiating capabilities over other distributed ledger or
blockchain platforms such as Ethereum or Bitcoin.
• The first distributed ledger platform to support smart contracts
written in general-purpose programming languages such as Java,
Go and Node.js.
• Fabric platform is permissioned, meaning that, unlike a public
permission-less network, the participants are known to each
other.
• It support for pluggable consensus protocols that enable the
platform to be more effectively customized to fit particular use
cases and trust models.
• Does not require a native cryptocurrency
21-02-2024 Hyperledger and Hyperledger Fabric 18
 Hyperledger Fabric: Main Functionality

Membership
Privacy and Efficient
and Identity
confidentiality processing
Management

Chaincode Modular
functionality design

Let us see how these functionalities are realized in Hyperledger Fabric.

21-02-2024 Hyperledger and Hyperledger Fabric 19

 Hyperledger Fabric Architecture
Hyperledger Fabric Network

External Membership Fabric

Certificate service Certificate
Authority Authority

Admin

Peer
Event

Ordering
Endorser Committer service

SDK
21-02-2024
Client application
Hyperledger and Hyperledger Fabric 20
 Smart Contract: New Approach
• execute a transaction and check its correctness, thereby
endorsing it.
• order transactions via a (pluggable) consensus protocol, and
• validate transactions against an application-specific
endorsement policy before committing them to the ledger.

21-02-2024 Hyperledger and Hyperledger Fabric 21

 Components of Hyperledger Fabric Architecture

• Certificate Authority (CA): Can be external or internal. Each

participating organization can have its own certificate
authority. For different roles also, the same organization can
have different certificate authorities.
• Membership Service: This service takes services of CA to
provide a unique ID to every participant of its organization in
the network.

21-02-2024 Hyperledger and Hyperledger Fabric 22

 Components of Hyperledger Fabric Architecture

• Client Application: One or more organizations may be

participating in the same network for some application.
• For example, the client application can be sharing and
updating information on development of some product
jointly by multiple organization.
• Client applications can be implemented in any language.
• There is a set of SDKs to facilitate client application do its
business on the Hyperledger Fabric network.
• These SDKs are available in node.js, and Java.

21-02-2024 Hyperledger and Hyperledger Fabric 23

 Elements of Hyperledger Fabric Architecture
• Peers: peers are nodes performing different task. There are
different types of peers.
• Committing peers: they commit transactions, they hold ledger
and states. They may hold chaincodes.
• Endorsing peers: They receive transactions for endorsement.
They may endorse or deny transactions. They must hold
chaincodes.
• Ordering peers: They approve inclusion of transaction blocks
and order them. They notify the peers. They do not keep
chaincodes or ledger.

21-02-2024 Hyperledger and Hyperledger Fabric 24

 Peers and Client Application Interaction
• As we know, peers are fundamental elements of the
network. They host ledgers and chaincodes (smart
contracts). They are responsible for endorsing, committing
and ordering transactions .
• Chaincodes and ledgers are used to encapsulate the
shared processes and shared information in a network,
respectively.
• A peer can host more than one ledger, depending on the
requirement. For example, it may take part in two different
channels having different ledgers.
21-02-2024 Hyperledger and Hyperledger Fabric 25
 Peers and Client Application Interaction…
• Through SDK, a client application interacts with peers.
• Applications can execute chaincodes to query or update a
ledger.
• In case of a query, the application connects to the peer and
invokes a chaincode to query a ledger.
• Peer invokes the chaincode to generate the query result.
• Application receives the query result and the process is
completed.

21-02-2024 Hyperledger and Hyperledger Fabric 26

 Peers and Client Application Interaction…
• For an update proposal, an individual peer cannot perform a
ledger update until other peers in the network agree to the
change through consensus.
• So the update process starts exactly the same way as the query
proposal and then peers return to the application a
proposed update — one that this peer would apply subject to
other peers’ prior agreement.
• After this, the application sends proposed updates to all the
peers in the network as a transaction for commitment to their
respective ledgers.

21-02-2024 Hyperledger and Hyperledger Fabric 27

 Peers and Client Application Interaction…
• Applications use ordering service to package transactions
into blocks and distributing them to the entire network of
peers.
• Peers verify those transactions, before applying to local copy
of the ledger of each peer.
• This ordering or order processing takes some time to
complete, the application is notified asynchronously.

21-02-2024 Hyperledger and Hyperledger Fabric 28

 Transaction Flow: An Application Scenario
• Suppose there are two clients A and B, who are buying and
selling radishes.
• They each have a peer ( peer A and peer B) on the network
through which they send their transactions and interact with
the ledger.

21-02-2024 Hyperledger and Hyperledger Fabric 29

Image source: hyperledger.org
 Transaction Flow: An Application Scenario
• Suppose the channel is set up and running.
• The application user has registered and enrolled with the
organization’s Certificate Authority (CA).
• The chaincode is installed on the peers and instantiated on the
channel.
• The chaincode contains logic defining a set of transaction
instructions and the agreed upon price for a radish.
• An endorsement policy has also been set for this chaincode,
stating that both peerA and peerB must endorse any transaction.
21-02-2024 Hyperledger and Hyperledger Fabric 30
 Endorsement Policy
• Endorsement policy defines the peer nodes on a channel that
must execute transactions attached to a specific chaincode
application and the required combination of responses
(endorsements).
• For example, an application may require that atleast 3/4th of the
total peers must endorse the transaction request.
• Policies can be curated based on the application and the desired
level of resilience against misbehavior (deliberate or not) by the
endorsing peers.
• A transaction that is submitted must satisfy the endorsement
policy before being marked as valid by committing peers.

21-02-2024 Hyperledger and Hyperledger Fabric 31

 Transaction Flow: An Application Scenario …
• When Client A initiates a transaction, requesting for purchase of
radish, the request proposal goes to both the peers in the
channel.
• The proposal is a request to invoke a chaincode function with
certain input parameters, with the intent of reading and/or
updating the ledger.

21-02-2024 Hyperledger and Hyperledger Fabric 32

Image source: hyperledger.org
 Transaction Flow: An Application Scenario …
• The endorsing peers verify the following.
1. that the transaction proposal is well formed.
2. it has not been submitted already in the past (replay-attack
protection).
3. the signature is valid (using the MSP).
4. that the submitter is properly authorized to perform the proposed
operation on that channel.
• Each endorsing peer ensures that the submitter satisfies the
channel’s Writers policy.
• The “proposal response” is sent back to the SDK of the
application by endorsing peers. In this example peerA and peerB.
21-02-2024 Hyperledger and Hyperledger Fabric 33
 Proposal Response

21-02-2024 Hyperledger and Hyperledger Fabric 34

Image source: hyperledger.org
 Transaction Flow: An Application Scenario …
• The client application verifies the endorsing peer signatures
and compares the proposal responses to determine if the
proposal responses are the same.

• If the chaincode is only querying the ledger, the application

would only inspect the query response and would typically not
submit the transaction to the ordering service.

21-02-2024 Hyperledger and Hyperledger Fabric 35

 Transaction Flow: An Application Scenario …
• If the client application intends to update the ledger, it submits
the transaction to the ordering service.
• Before submitting the proposal for updating, the client
application checks if the specified endorsement policy has
been fulfilled before submitting (in the example, did peerA
and peerB both endorse ?).
• The architecture is such that even if an application chooses not
to inspect responses or otherwise forwards an unendorsed
transaction, the endorsement policy will still be enforced by
peers and upheld at the commit validation phase.
21-02-2024 Hyperledger and Hyperledger Fabric 36
 Proposal for Updating Ledger

21-02-2024 Hyperledger and Hyperledger Fabric 37

Image source: hyperledger.org
 Ordering Service
• The application broadcasts the transaction proposal and
response within a transaction message to the ordering
service.
• The transaction will contain the read/write sets, the
endorsing peers signatures and the Channel ID.
• The ordering service simply receives transactions from all
channels in the network, orders them chronologically by
channel, and creates blocks of transactions per channel.

21-02-2024 Hyperledger and Hyperledger Fabric 38

 Ordering Service…

• The blocks of transactions are delivered to all peers on the channel.

• The transactions within the block are validated to ensure that
• endorsement policy is fulfilled
• there have been no changes to ledger state for read set variables since the
read set was generated by the transaction execution.
• Transactions in the block are tagged as being valid or invalid.

21-02-2024 Hyperledger and Hyperledger Fabric 39

Image source: hyperledger.org
 Update Process
• Each peer appends the block to the channel’s chain.
• For each valid transaction the write sets are committed to
current state database.
• An event is emitted by each peer to notify the client application
that the transaction (invocation) has been immutably appended
to the chain.
• Peers also notify whether the transaction was validated or
invalidated.
• This is how “endorse, order, validate, commit” process
completes in HF model.
21-02-2024 Hyperledger and Hyperledger Fabric 40
 Membership and Identity Management
• In permissioned blockchain networks, every participants has
a unique identity to make transactions or perform different
tasks, like endorsement, commitment, event notification.
• HF provides a membership identity service to manage user
IDs.
• It authenticates all participants on the network.
• Access control feature provides additional layers of
permissions for specific network operations.

21-02-2024 Hyperledger and Hyperledger Fabric 41

 Identity Management
• Main actors in a blockchain network are client applications,
peers, orderers, and administrators.
• Each of these actors has a digital identity encapsulated in a digital
certificate.
• Each identity specifies the exact permissions over resources and
access to information that the actor with that identity has in a
blockchain network.
• Hyperledger Fabric uses special digital identities called principals.
• A principal is a digital identity with some attributes to determine
permissions.
21-02-2024 Hyperledger and Hyperledger Fabric 42
 Membership Service Provider
• A membership service provider (MSP) is a trusted authority
in Fabric that is responsible for issuing a verifiable digital
identity.
• MSP defines the rules that govern valid identities for an
organization.
• The default MSP implementation in Fabric uses X.509
certificates as identities, adopting a traditional Public Key
Infrastructure (PKI) hierarchical model.

21-02-2024 Hyperledger and Hyperledger Fabric 43

 A Scenario to Explain MSP and PKI Roles

Example. Inspite of having a valid credit card, a store

may not accept your card, as it may accept cards that
you don’t possess.
21-02-2024 Hyperledger and Hyperledger Fabric 44
Image source: hyperledger.org
 Membership Service Provider
• A Public Key Infrastructure Authority is like a card provider —
it dispenses many different types of verifiable identities.

• An MSP, on the other hand, is like the list of cards accepted

by a store, determining which identities are the trusted
members (actors) of the store payment network.

• MSPs turn verifiable identities into members of a blockchain

network.

21-02-2024 Hyperledger and Hyperledger Fabric 45

 Certificate Authority
• Digital identities normally possess cryptographically
validated digital certificates that comply with X.509 standard
and are issued by a Certificate Authority (CA).

• CAs are most common components of internet security

protocols. Some of the well known CAs are
• Symantec (originally Verisign),
• GeoTrust,
• DigiCert.
21-02-2024 Hyperledger and Hyperledger Fabric 46
 Certificate Authority
• In a blockchain, one or more CAs can be used to define the
members of an organization from a digital perspective.
• It’s the CA that provides the basis for an organization’s actors to
have a verifiable digital identity.
• CAs can be root CA or intermediate CA. Root CAs distribute work
of certifying by authorizing intermediate CAs, or by certifying the
intermediate CAs. Intermediate CAs, in their turn can also
authorize other participants as intermediate CAs.
• Thus, a chain of trust is built, of CAs.

21-02-2024 Hyperledger and Hyperledger Fabric 47

 Certificate Authority

21-02-2024 Hyperledger and Hyperledger Fabric 48

Image source: hyperledger.org
 Fabric
Certificate
Fabric CA Authority

• Fabric CA is a private root CA that can manage digital

identities of Fabric participants.
• Fabric CA does not provide SSL certificates for general use in
browsers.
• It can be used as a CA to manage identity e.g., in a test
environment.
• One can also use a public/commercial root or intermediate
CA to provide identification.

21-02-2024 Hyperledger and Hyperledger Fabric 49

 Summary
• An open source collaborative effort created to advance cross-industry
blockchain technologies.
• Hyperledger serves as a Greenhouse that brings together users,
developers, and vendors from many different sectors and market-places.
• Hyperledger Fabric provides a secure and efficient distributed ledger
technology (DLT) for enterprise-level modular blockchain architecture.
• Apart from network security it provides scalable, privacy preserving and
efficient solutions for business applications.

21-02-2024 Hyperledger and Hyperledger Fabric 50

 Summary
• Main components of Hyperledger Fabric architecture include, client
applications, certificate authority, membership services and peers in the
network.
• Hyperledger fabric network consists of organizations and each organization
can have one or more peers in the network. Each peer has a unique role
and hence privileges.
• Peers can be orderers, endorsers or committers. They can have multiple
roles as well.
• Transaction flow consists of - endorse, order, validate, commit.
• Endorsement policy in a channel depends on how all participating
organizations decide about it and what is the consensus mechanism.

21-02-2024 Hyperledger and Hyperledger Fabric 51

 References
• The official website of Hyperledger : hyperledger.org
• The Hyperledger white paper.
• The NPTel Lectures on Hyperledger by Dr. Praveen
Jayachandran, IBM Research, India.

21-02-2024 Hyperledger and Hyperledger Fabric 52