Hyperledger Fabric is an open source enterprise-grade platform that leverages a highly-modular and configurable architecture. Hyperledger Fabric is optimized for a broad range of industry use cases, including the finance, banking, healthcare, insurance, and public sectors, as well as supply chains and digital asset management.
For those who are not familiar with Hyperledger project, reading Blockchain Overview, Intro to Hyperledger Family and Hyperledger Blockchain Ecosystem, Hyperledger Design Philosophy and Framework Architecture, and Overview of Building Blockchain Smart Contracts in Hyperledger articles are strongly recommended prior to reading this article.
In this short article, we review and examine various Hyperledger Fabric components and architectures. Hyperledger Fabric has three core components, which are peers, ordering service, and Fabric CA:
- Peer: A node on the network that maintains the state of the ledger and manages chaincode. Any number of peers may participate in a network. A peer can be an endorser, which executes transactions, or a committer, which verifies the endorsements and validates transactions results. An endorser is always a committer. Peers form a peer-to-peer gossip network. A peer manages the events hub and delivers events to the subscribers.
- Ordering service: Packages transactions into blocks to be delivered to peers, since it communicates only with peers. The ordering service is the genesis of a network. Clients of the ordering service are peers and applications. A group of orderers run a communication service, called an ordering service, to provide an atomic broadcast. The ordering service accepts transactions and delivers blocks. The ordering service processes all configuration transactions to set up network policies (including readers, writers, and admins). The orderer manages a pluggable trust engine (such as CFT or BFT) that performs the ordering of the transactions.
- Fabric CA: Fabric CA is the certificate authority that issues PKI-based certificates to network member organizations and users. Fabric CA supports LDAP for user authentication and HSM for security. Fabric CA issues one root certificate to member organizations and one enrollment certificate to each authorized user.
In addition to 3 said core components, Hyperledger Fabric comes with the following important key features and concepts:
- Fabric ledger: Maintained by each peer and consists of two parts: the blockchain and the world state. Transaction read/write and channel configurations sets are written to the blockchain. A separate ledger is maintained for each channel for each peer that joins. The world state has options of either LevelDB or CouchDB, where LevelDB is a simple key-value store and CouchDB is a document store that allows complex queries. The smart contract decides what is written into the world state.
- Channel: Provides privacy between different ledgers and exists in the scope of a channel. Channels can be shared across an entire network of peers, and peers can participate in multiple channels. Channels can be permissioned for a specific set of participants. Chaincode is installed on peers to access the world state. Chaincode is instantiated on specific channels. Channels also support concurrent execution for performance and scalability.
- Organization: Define boundaries within a Fabric blockchain network. Each organization defines an MSP for the identities of administrators, users, peers, and orderers. A network can include many organizations, representing a consortium. Each organization has an individual ID.
- Endorsement policy: The conditions by which a transaction can be endorsed. A transaction can only be considered valid if it has been endorsed according to its policy. Each chaincode is deployed with an endorsement policy. Endorsement system chaincode (ESCC) signs the proposal response on the endorsing peer and validation system chaincode (VSCC) validates the endorsement.
- Membership services provider (MSP): Manages a set of identities within a distributed Fabric network. It provides identities for peers, orderers, client applications, and administrators. Where the identities can be Fabric CA or external CA, MSP provides authentication, validation, signing and issuance. MSP support different crypto standards with a pluggable interface. A network can include multiple MSPs (typically one per organization), which can include TLS crypto material for encrypted communications.
Sample Transaction Flow in Hyperledger
We will look into a sample transaction flow on Hyperledger Fabric. Fabric uses the execute-order-validate blockchain transaction flow architecture shown in the following diagram:
To better understand how transaction flow works, we will review how a transaction is created on the Hyperledger Fabric network in the following 7 steps:
- The Client Application submits a transaction proposal for smart contact A to the network. The endorsement policy requires three endorsers—E0, E1, and E2—to sign together.
- The endorsers execute proposed transactions. At this time, three endorsers—E0, E1, E2—will each execute the proposed transaction independently. None of these executions will update the ledger. Each execution will capture the set of read and written (RW) data, which will now flow in the fabric network. All transactions should be signed and encrypted.
- RW sets are asynchronously returned to the client application with a transaction proposal. The RW sets are signed by each endorser and will be processed later.
- All transactions that returned from the Fabric network are submitted for ordering. The application can submit responses as a transaction to be ordered, and ordering happens across the Fabric in parallel with transactions submitted by other applications.
- Ordering Service collects transactions into proposed blocks for distribution to committing peers. This proposed blocks can then be deliver to other peers in a hierarchy. There are two ordering algorithms available: SOLO (single node for development) and Kafka (crash-fault-tolerance for production). In the production system, it is suggested to use Kafka.
- Committing peers validate the transactions. All committing peers validate against the endorsement policy and check whether RW sets are still valid for the current world state. World state is not update if there is invalid transactions but are retained on the ledger while validated transactions are applied to the world state.
- Client applications can register to be notified on the status of transactions, to find out whether they succeed or fail, and when blocks are added to the ledger. Client applications will be notified by each peer to which they are independently connected.
Put Things Together
We reviewed how transaction flow works in Fabric. Fabric uses the execute-order-validate model with the following seven steps:
- Client application submits a transaction proposal
- Endorsers execute the proposed transactions
- Client applications receive transaction proposal response
- Transactions are submitted for ordering
- Transactions are delivered to committing peer
- Validated transaction are applied to world state
- Client applications get notified with the status of the transaction
After reading this article, you have two paths to take: 1- Learn more about Hyperledger use cases and its business applications or 2- Learn more about Hyperledger application development. For the former, we recommend Blockchain Solution Architect course by High School Technology Services. However, for the latter, you should move on to blockchain coding. Taking Blockchain Hyperledger Development in 30 hours course by Coding Bootcamps school is highly recommended. Lastly, as of this writing, Hyperledger Foundation offers the following two Hyperledger certifications: The Certified Hyperledger Fabric Administrator (CHFA) and The Certified Hyperledger Sawtooth Administrator (CHSA), both of which are highly regarded in the industry. Hyperledger Foundation is in the process of creating Hyperledger Developer certification program, which may be released in early or middle of 2020.