Build Secure and Private Blockchains with Hyperledger Fabric

Table of Contents

What is Hyperledger Fabric?

Hyperledger Fabric is an open source, permissioned blockchain framework, started in 2015 by The Linux Foundation. It is a modular, general-purpose framework that offers unique identity management and access control features, which make it suitable for a variety of industry applications such as track-and-trace of supply chains, trade finance, loyalty and rewards, as well as clearing and settlement of financial assets.

What is Blockchain Technology?

Blockchain is a technology that makes it possible to build applications where multiple parties can record transactions directly, without the need for a trusted, central authority to ensure that the transactions are verified. Blockchain enables this with the help of a peer-to-peer network where each participant in the network has access to a shared ledger where the transactions are recorded. These transactions are by design, immutable and cryptographically verifiable. At a high-level, blockchain technology consists of three components: a distributed ledger, consensus algorithm, and smart contracts.

  • A ledger is a transactional log that keeps a complete record of the entire history of data changes. Ledgers are immutable and append-only by design, and the committed transactions are independently verifiable by each member in a network. In a blockchain technology, each member of the network maintains a copy.
  • Consensus algorithms help ensure that the members in the network have an agreed-upon method to allow transactions and data to be committed to the ledger and execution of smart contract code. If the consensus requirements aren’t met, then the transaction or operation is considered invalid.
  • Smart contracts are code that is executed on the blockchain network. Often times, they define the rules of a business contract and are executed programmatically when the preconditions for the contract are met.

Benefits of Hyperledger Fabric

Open Source

Hyperledger Fabric platform is an open source blockchain framework hosted by The Linux Foundation. It has an active and growing community of developers.

Permissioned

Fabric networks are permissioned, meaning all participating member’s identities are known and authenticated. This benefit is particularly useful in industries including healthcare, supply chain, banking, and insurance where data cannot be exposed to unknown entities. For example, an insurance company on a Hyperledger Fabric blockchain network can share customer’s claim data with permissioned parties to maintain customer privacy.

Governance and Access Control

Fabric networks consist of channels, which are a private “subnet” of communication between two or more specific network members, members on the network can transact in a private and confidential way. Each transaction on the blockchain network is executed on a channel, where each party must be authenticated and authorized to transact on that channel. This provides an additional layer of access control and is especially useful when members want to limit exposure of the data, for example when competitors are on the same network. Fabric also offers a Private Data Collection feature set, where access to given transactions on a channel can be limited to subset of participants.

Performance

Hyperledger Fabric is built to support enterprise-grade use cases, and can support quick transaction throughput from its consensus mechanism. Because Fabric is a permissioned blockchain framework, it does not need to solve for Byzantine Fault Tolerance which can cause slower performance when validating transactions on the network.

How does Hyperledger Fabric Work?

A Hyperledger Fabric network is comprised of unique organizations (or members) that interact with each other on the network. For example, an organization could be a bank in a network comprised of financial institutions or a shipping partner in a supply chain network. From a Fabric component perspective, each organization has a Fabric certificate authority and one or more peer nodes. A Fabric network also has an ordering service shared by all organizations in the network, and this component helps process transactions for the network. We will share more details about each of these concepts and components below:

An organization in a network is defined by a root certificate specific to that organization. Users and other components (like peer nodes – see below) in that organization are also identified by certificates, and these certificates are derived from this root certificate, ensuring other organizations in the network can relate a user to their organization. These certificates also specify the permissions for each entity on the network, like read-only versus full access on a channel.

A root certificate for an organization is stored in the Fabric certificate authority (CA). The Fabric CA also issues certificates for users in an organization and handles other related operations. An enterprise-grade Fabric CA utilizes a variety of components and can deployed in a variety of ways using a Hardware Security Module (HSM) for root certificate protection.

An organization also creates one or more peer nodes as components to carry out operations on behalf of that organization. Specifically, a peer node endorses transactions proposed on the network, stores and executes smart contract code (known as chaincode in Fabric), and stores a local copy of the ledger for access. Fabric clients typically interact with peer nodes to read the ledger, add new chaincode to the network, or propose a new transaction. A peer node typically runs on its own computer, like an Amazon EC2 instance.

Finally, a Fabric network also includes of an ordering service shared by all members of the network. The ordering service makes sure new transactions on the network are properly ordered in new blocks and have the proper endorsements. The ordering service then broadcasts a new block of transactions to peer nodes in each organization. Peer nodes update their local copy of the ledger with this new block.

Hyperledger Fabric Transaction Flow

1. The transaction flow begins when a client application sends a transaction proposal to peers in each organization for endorsement.

2. The peers verify the submitting client’s identity and authority to submit the transaction. Next, they simulate the outcome of the proposed transaction and if it matches what was expected, it sends an endorsement signature back to the client.

3. The client collects endorsements from peers, and once it receives the proper number of endorsements defined in the endorsement policy, it sends the transaction to the ordering service.

4. Lastly, the ordering service checks to see if the transaction has the proper number of endorsements to satisfy the endorsement policy. It then chronologically orders and packages the approved transactions into blocks, and sends these blocks to peer nodes in each organization.

5. Peer nodes receive new blocks of transactions from the ordering service, and then do a final validation for transactions in that block. Once this is complete, the new block is added to the ledger and the state of the ledger is updated. The new transactions are now committed.

Hyperledger Fabric vs. Hyperledger Sawtooth

Hyperledger Sawtooth is another open source blockchain platform hosted by The Linux Foundation under the Hyperledger Project. Hyperledger Fabric and Hyperledger Sawtooth networks have differing governance capabilities and consensus algorithms.

CHARACTERISTICSHYPERLEDGER FABRICHYPERLEDGER SAWTOOTH
PermissionsCreated specifically for permissioned networks.Supports permissioned and permissionless networks.
Privacy and Network GovernanceProvides complete data isolation between a set of participants.
Strict network governance enabled by the Hyperledger Fabric certificate authority (CA), and channels.
All network peers have access to all transaction data.
Does not provide channels or certificate authority (CA) capabilities.
Transaction Flow  Unique Execute-Order-Commit endorsement model where transactions are initially executed on a set of peers while ordering service handles packaging and delivery.
Flexibility in defining set of required endorsers at the data level or contract level. This approach makes the framework more scalable and prevents nondeterminism in contract code.
Traditional Order-Execute-Commit flow. Sawtooth Validator handles transaction processing, ordering, and delivery.
Consensus Algorithms
Pluggable consensus algorithm allowing the orderer to be switched based on needs of the environment.
Amazon Managed Blockchain’s ordering service is built using Amazon QLDB technology and has an immutable change log that accurately maintains the complete history of all transactions in the blockchain network, ensuring durability of the data. 
Uses a default “Proof-of-Elapsed Time (PoET)” algorithm, which is a Byzantine Fault consensus mechanism that relies on a specialized hardware component. 
Smart Contract LanguageGo, Java, Node.jsGo, Java, Python, Rust

Industry Use Cases for Hyperledger Fabric

Supply Chain

Supply chains are global, distributed webs of suppliers, manufacturers, and retailers. Hyperledger Fabric networks can improve supply chain processes by increasing transparency and traceability of transactions within the network. On a Fabric network, companies with access to the ledger can view the same immutable data, which enforces accountability and reduces the risk for counterfeiting. In addition, production updates are added to the ledger in real time, which makes tracking provenance faster and simpler during events like product recalls or food contamination outbreaks.

Trading and Asset Transfer

Trading requires many organizations such as importers, exporters, banks, shipping companies, and customs departments, to work with one another. Using Hyperledger Fabric, financial and trading consortiums can easily create a blockchain network where all parties can transact and process trade-related paperwork electronically, without the need for a central trusted authority. Unlike other processes that require trade-related paperwork to go back and forth between the stakeholders, taking 5-10 days to complete, transactions in a Hyperledger Fabric network built using Managed Blockchain can process instantly.

Insurance

Insurance fraud costs the insurance industry billions of dollars a year, but with Hyperledger Fabric, insurance companies can reference transaction data stored on the ledger to identify duplicate or falsified claims. Blockchain can also make multi-party subrogation claims processing faster by using smart contracts to automate repayment from the at-fault party back to the insurance company. In addition, insurers can use Hyperledger Fabric to streamline Know Your Customer (KYC) processes by storing customer data on a distributed ledger and automating the verification of their identity documents with smart contracts.

Recent posts
What is Payment HSM? 

A Payment HSM is meant to tighten the layers of security for concealing the sensitive information required by the retail banking industry for payment purposes.

Read More »