Hyperledger Fabric: A Distributed Operating System for Permissioned - - PowerPoint PPT Presentation

hyperledger fabric a distributed operating system for
SMART_READER_LITE
LIVE PREVIEW

Hyperledger Fabric: A Distributed Operating System for Permissioned - - PowerPoint PPT Presentation

May 26, 2023 437 likes •872 views

Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains Blockchain Security Seminar Pirmin Schmid Pirmin Schmid | | 11.05.2018 1 Seminar presentation and discussion of this paper Pirmin Schmid | | 11.05.2018 2

slide-1
SLIDE 1

| |

Blockchain Security Seminar Pirmin Schmid

11.05.2018 1

Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains

Pirmin Schmid

slide-2
SLIDE 2

| | 11.05.2018 Pirmin Schmid 2

Seminar presentation and discussion of this paper

slide-3
SLIDE 3

| |

§ Distributed public anonymous ledger § Consensus by longest chain § PoW / PoS § Fixed system for each variant § Applications

11.05.2018 Pirmin Schmid 3

Bitcoin-like blockchains

picture from pixabay (CC0)

slide-4
SLIDE 4

| |

§ Open-source Framework to build blockchains § Modular for all aspects of the system § Permissioned § No currency § Go, Java, Node.js, … § Example use cases § New very crucial insights

11.05.2018 Pirmin Schmid 4

Fabric

picture from pixabay (CC0)

slide-5
SLIDE 5

| | 11.05.2018 Pirmin Schmid 5

Fabric Components Membership service provider (MSP) Peer

Endorser: execute Committer: validate Ledger: transaction manager (PTM) KVS: Database Docker

Policies Chaincode

slide-6
SLIDE 6

| | 11.05.2018 Pirmin Schmid 6

Fabric Components Client Membership service provider (MSP) Order service Gossip Client Client Client Client Client Client Client Policies Chaincode Peer

Endorser: execute Committer: validate Ledger: transaction manager (PTM) KVS: Database Docker

slide-7
SLIDE 7

| | 11.05.2018 Pirmin Schmid 7

Fabric Components Client Membership service provider (MSP) Order service Gossip Client Client Client Client Client Client Client Policies Chaincode

slide-8
SLIDE 8

| |

§ Store: CouchDB / LevelDB § Chaincode: Go, Java, Node.js, … § Docker containers § gRPC § Gossip: push/pull methods § Orderer

§ Apache Kafka (ZooKeeper) § Byzantine Fault Tolerant (BFT) orderer § Solo (centralized) for development

11.05.2018 Pirmin Schmid 8

Fabric Building blocks

slide-9
SLIDE 9

| |

§ Order by longest chain or BFT § Execute smart contracts on all peers § State updates on all peers → Ledger

11.05.2018 Pirmin Schmid 9

Traditional Architecture

Validate

slide-10
SLIDE 10

| |

Problem § Sequential execution of all contracts on all peers → bottleneck

11.05.2018 Pirmin Schmid 10

Traditional Architecture

Validate

slide-11
SLIDE 11

| |

Problems § Sequential execution of all contracts on all peers → bottleneck § Programs MUST be deterministic → NO general purpose languages

11.05.2018 Pirmin Schmid 11

Traditional Architecture

Validate

slide-12
SLIDE 12

| | 11.05.2018 Pirmin Schmid 12

Deterministic?

slide-13
SLIDE 13

| | 11.05.2018 Pirmin Schmid 13

Deterministic?

slide-14
SLIDE 14

| | 11.05.2018 Pirmin Schmid 14

Deterministic?

slide-15
SLIDE 15

| | 11.05.2018 Pirmin Schmid 15

Deterministic?

slide-16
SLIDE 16

| |

Problems § Sequential execution of all contracts on all peers → bottleneck § Programs MUST be deterministic → NO general purpose languages

11.05.2018 Pirmin Schmid 16

Traditional Architecture

Validate

slide-17
SLIDE 17

| |

Key insight

11.05.2018 Pirmin Schmid 17

Fabric Architecture

slide-18
SLIDE 18

| |

State § Versioned key-value store § Maintained on all peers

11.05.2018 Pirmin Schmid 18

Fabric Architecture

slide-19
SLIDE 19

| |

Execute § Only some peers are executing the chaincode (simulation) § Use current local state § Create read-set and write-set for access of versioned key-value store § Create signed “endorsement”

11.05.2018 Pirmin Schmid 19

Fabric Architecture

slide-20
SLIDE 20

| |

Execute § Only some peers are executing the chaincode (simulation) § Use current local state § Create read-set and write-set for access of versioned key-value store § Create signed “endorsement”

11.05.2018 Pirmin Schmid 20

Fabric Architecture

Key insight State must be replicated on all peers, not execution Sequential execution in O(n) instead of O(N) n << N N = computing steps n = size of read and write sets

slide-21
SLIDE 21

| |

Order § Needs enough endorsements with identical read-/write-sets § Uses Apache Kafka, BFT or other methods § Peer gossip

11.05.2018 Pirmin Schmid 21

Fabric Architecture

slide-22
SLIDE 22

| |

Validate § Parallel § All peers validate correctness of transaction based on policy § NO execution of the chaincode

11.05.2018 Pirmin Schmid 22

Fabric Architecture

slide-23
SLIDE 23

| |

Update state § sequential § Peer transaction manager (PTM) § Checks again versions of the keys in readset mismatch → invalidate transaction

11.05.2018 Pirmin Schmid 23

Fabric Architecture

slide-24
SLIDE 24

| | 11.05.2018 Pirmin Schmid 24

Transaction flow

slide-25
SLIDE 25

| | 11.05.2018 Pirmin Schmid 25

Fabric Components Client Membership service provider (MSP) Order service Gossip Client Client Client Client Client Client Client Policies Chaincode

slide-26
SLIDE 26

| |

§ Number of endorsements § Which endorser shall be used § Execution limitations § Validation rules § Parallel chaincode execution § Confidential chaincode

11.05.2018 Pirmin Schmid 26

Policy

slide-27
SLIDE 27

| |

§ TLS for communication § Classic membership service § Signatures § Docker for sandboxing § Complex system § Dependency on many 3rd party codes

11.05.2018 Pirmin Schmid 27

Security

slide-28
SLIDE 28

| |

§ Fabcoin: UTXO § VMs in one data center § 2.0 GHz 16 vCPU VMs running Ubuntu with 8 GiB RAM and SSDs § 1Gbps networking connections § Orderer: Kafka with 3 ZooKeeper nodes, 4 Kafka brokers, 3 Fabric orderers § 5 peers, all Fabcoin endorsers § TLS for all connections § Signatures with 256-bit ECDA scheme § Node clocks synchronized by NTP § MINT phase / SPEND phase

11.05.2018 Pirmin Schmid 28

Evaluation

slide-29
SLIDE 29

| | 11.05.2018 Pirmin Schmid 29

Block size

slide-30
SLIDE 30

| | 11.05.2018 Pirmin Schmid 30

Scales with number of vCPUs

slide-31
SLIDE 31

| | 11.05.2018 Pirmin Schmid 31

Latency in detail

slide-32
SLIDE 32

| | 11.05.2018 Pirmin Schmid 32

Latency in detail

slide-33
SLIDE 33

| | 11.05.2018 Pirmin Schmid 33

Latency in detail

slide-34
SLIDE 34

| | 11.05.2018 Pirmin Schmid 34

Latency in detail

slide-35
SLIDE 35

| | 11.05.2018 Pirmin Schmid 35

Conclusion

slide-36
SLIDE 36

| | 11.05.2018 Pirmin Schmid 36

Reserve slides for questions

slide-37
SLIDE 37

| |

§ Food-safety network § Global shipping trade § Enterprise asset management § Foreign exchange netting § Global cross-currency payments § One size does not fit all

11.05.2018 Pirmin Schmid 37

Blockchain use cases

slide-38
SLIDE 38

| |

§ Docker: container but not actually sandbox Google just presented gVisor these days → improved security § Orderer: Currently weak part of the system → improved distributed BFT based order is being built § Execution / Validation: Can be extended to various policies and advancements in research § Storage: Improved DBs / KVS if available

11.05.2018 Pirmin Schmid 38

Modules: allow step-wise improvements

slide-39
SLIDE 39

| | 11.05.2018 Pirmin Schmid 39

Google gVisor: available for docker

picture from github.com/google/gvisor

slide-40
SLIDE 40

| | 11.05.2018 Pirmin Schmid 40

Apache Kafka: a distributed streaming platform

picture from kafka.apache.org

slide-41
SLIDE 41

| | 11.05.2018 Pirmin Schmid 41

Number of peers

slide-42
SLIDE 42

| | 11.05.2018 Pirmin Schmid 42

Distance between data centers

§ 100 peers across 5 data centers