All Posts By

Hyperledger

Hyperledger Adds Alibaba Cloud, Citi, Deutsche Telekom, we.trade and 12 more New Members at Hyperledger Global Forum

By | Announcements, Events

More than 260 members now support the leading open source blockchain project

SAN FRANCISCO AND BASEL, SWITZERLAND – (December 12, 2018) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced Alibaba Cloud, Citi, Deutsche Telekom, we.trade and 12 more organizations have joined the project. This news came during day one of the inaugural Hyperledger Global Forum in Basel, Switzerland.

“We are starting Global Forum off with a bang with this impressive line-up of new members,” said Brian Behlendorf, Executive Director, Hyperledger. “The growing Hyperledger community  reflects the increasing importance of open source efforts to build enterprise blockchain technologies across industries and markets. The latest members showcase the widening interest in and impact of DLT and Hyperledger.”

Hyperledger is a multi-project, multi-stakeholder effort that includes multiple enterprise blockchain and distributed ledger technologies. These projects are the result of the hands-on, collaborative efforts of contributors around the world who strive to develop and maintain the code for the frameworks and tools as well as provide governance and organizational resources.

Hyperledger enables organizations to build solid, industry-specific applications, platforms and hardware systems to support their individual business transactions by creating enterprise-grade, open source distributed ledger frameworks and code bases. The latest general members to join the community are: Alibaba Cloud, BlockDao (Hangzhou) Information Technology, Citi,  Deutsche Telekom, Guangzhishu (Beijing) Technology Co., Ltd, Guangzhou Technology Innovation Space Information Technology Co., Ltd, KEB Hana Bank, HealthVerity, MediConCen, Techrock (formerly Walimai), we.trade and Xooa.

Hyperledger supports an open community that values contributions and participation from various entities. As such, pre-approved non-profits, open source projects and government entities can join Hyperledger at no cost as associate members. Associate members joining this month include Association of Blockchain Developers of Saint Petersburg, Business School of Hunan University, Sun Yat-sun University and Wall Street Blockchain Alliance.

New member quotes:

Alibaba Cloud

“We are delighted to join Hyperledger,” said YI Li, Head of Alibaba Cloud Application Service. “As one of the world’s top three IaaS providers, Alibaba Cloud strives to provide the best service possible with the highest regard for all customers. Alibaba Cloud‘s Blockchain as a Service (BaaS) is dedicated to providing a worldwide beneficial and trusted infrastructure. While concentrating on the underlying technology, we would also like to invite more partners to join us and co-create a greater blockchain business world.”

BlockDao (Hangzhou) Information Technology

“We are honored to join the Hyperledger community, it is an important symbol of BlockDAO’s development route,” said Jerry Li, COO, BlockDAO. “BlockDAO is an independent blockchain technological community supported by OSChina, that aims to provide community services with code examination and development to blockchain projects. We will provide code support and security for the development of the blockchain industry. We’re very excited to now be a part of Hyperledger.”

Citi

At Citi, we’re constantly evaluating how emerging technologies could solve real problems for our clients and create new growth opportunities in the wider business ecosystem,” said Beth Devin, Head of Innovation Network & Emerging Technology at Citi Ventures. “We believe blockchain has the potential to drive new forms of efficiency and develop new markets, and are pleased to join the Hyperledger project to advance our exploration.”

Deutsche Telekom

“Developing our wholesale roaming application on Hyperledger Fabric came as a natural choice,” said John Calian, SVP and Head of T-Labs. “Hyperledger Fabric offers business customers, like Deutsche Telekom and our related partners, a permissioned and open source development ecosystem that integrates production-ready identity management as well as refined confidentiality concepts for multi-stakeholder environments. That is exactly what enterprise customers require to transform their decentralized visions into reality and this is why we are happy to become part of the Hyperledger community.”

Guangzhishu (Beijing) Technology Co., Ltd

“Joining Hyperledger is a milestone for Guangzhishu (Beijing) Technology. Our anchor project, the Points (PTS) platform, is a fintech project that builds a secure, fast and scalable blockchain-based data collaboration protocol for better credit scoring and inclusive finance,” said Sarah Zhang, Founder & CEO of Guangzhishu (Beijing) Technology. “We are very excited to be part of the Hyperledger community, and looking forward to working with the platform to shape an enterprise-grade secure and extensible data collaboration protocol that enables more users to access low cost and high quality financial services.”

Guangzhou Technology Innovation Space Information Technology Co., Ltd

“If the birth of the Internet has triggered an intelligent revolution, then blockchain is the new engine of this intelligent revolution,” said Sandy Xie, CEO of Guangzhou Technology Innovation Space Information Technology Co., Ltd. “We are happy to participate in building and developing the Hyperledger community. With the application of blockchain technology, we are dedicated to solving the bottleneck of the existing intellectual property industry. The birth of Flying Pard IP Trade Blockchain will change the ecosystem of present industry.”

KEB Hana Bank

“KEB Hana Bank has three perspectives on blockchain — globalization, standardization and collaboration networks. We look forward to creating new business opportunities based on standardized technology as part of Hyperledger’s global community,” said Jun Seong Han, deputy president of KEB Hana Bank. “Demand for mobile payments, such as mobile wallet, is increasing due to the rapid growth in cross-border payments. To support such demand, we need a new payment hub that can connect them globally. In response, KEB Hana Bank is creating the Global Loyalty Network (GLN), with a number of banks and payment providers. What’s most important for this project is a global standard technology, so we are joining Hyperledger for blockchain technology that our partners around the world can accept seamlessly.”

HealthVerity

“HealthVerity is honored to join Hyperledger to help build and advance the development of open source blockchain technology within the healthcare industry,” said Andrew Kress, CEO of HealthVerity. “We’ve successfully used Hyperledger Fabric as part of HealthVerity Consent, our platform that allows organizations to aggregate and manage all individual consumer and patient preferences in one central location to comply with evolving privacy requirements. As we continue to transform how the modern healthcare enterprise makes critical and defining decisions, we look forward to the support and technical foundation from the Hyperledger community.”

MediConCen

“By joining Hyperledger, we are pushing the boundaries of technology and applying blockchain to make an impact on how insurance and finance are operated,” said David Liu, CTO of MediConCen Limited. “We believe any successful blockchain solution would require a combination of domain knowledge, understanding of regulations and technical knowhow, and partnership. With the strong support of our partners, we co-developed our first medical blockchain ecosystem with leading insurers in Hong Kong powered by Hyperledger Fabric.”

Techrock (formerly Walimai)

“We are excited to join the Hyperledger family and take part in the opportunity to collaborate with this forward-thinking and passionate community,” said Edward Tsang, Chief Technology Officer, Techrock. “The performance, reliability and scalability of Hyperledger is exactly what we need to take our blockchain-based anti-counterfeiting solution to the next level and deliver on our vision of creating a world free of counterfeit consumer goods.”

We.trade

“We.trade has used Hyperledger for the development of its robust, enterprise grade, production ready trade platform, which is currently licensing to banks in the market,” said Roberto Mancone, Chief Operating Officer of we.trade. “Our role now as new member of Hyperledger is to continuously contribute to the development of blockchain solutions through distributed ledger technology and smart contracts, fostering innovation in the field of trade, finance, logistics, insurance, manufacturing and all those industries that will converge toward the development of efficient new business models.”

Xooa

“We firmly believe that the arrival of Xooa marks a turning point for the adoption of immutable ledgers. Our goals is to transform blockchain by making it appealing to all developers,” said Assaf Kalderon, VP of Business Development at Xooa. “Xooa’s platform-as-a-service provides both a trusted datastore and a trusted network. It removes the need to manage blockchain infrastructure, enabling organizations to realize business benefits from trusted and immutable ledgers faster than was ever possible. We are thrilled to join the Hyperledger community and help broaden the adoption of Fabric-based applications.”

Join industry peers in helping build and shape the ecosystem for blockchain technologies, use cases and applications. More information on joining Hyperledger as a member organization can be found here: https://www.hyperledger.org/members/join.

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.

Inaugural Hyperledger Global Forum Showcases Strong Community Momentum

By | Announcements, Events

Deployments, demos, project releases and member news underscore the fast growth and evolution of Hyperledger ecosystem

SAN FRANCISCO AND BASEL, SWITZERLAND – (December 12, 2018) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today kicked off the first day of its Hyperledger Global Forum. The event has drawn more than 650 attendees from as far as Australia and Argentina for an extended conversation about the state of open source enterprise blockchain and vision for the Hyperledger community and technologies.

Headlined by keynotes like Leanne Kemp, CEO of Everledger, Hyperledger Global Forum addresses a wide range of business and technical topics. Key topics include use cases, production blockchain deployments and live demos of Hyperledger in a range of new systems. Hands-on workshops and technical talks will serve as fuel for the community development at the core of Hyperledger.

For Hyperledger, a project of The Linux Foundation that started less than three years ago, the event is a time to reflect on milestones. Hyperledger has surpassed 260 members, with more than a dozen new members including Citi and Alibaba Cloud announced today. In the last year, Hyperledger launched its 11th project, Ursa, and released development updates to the Hyperledger Burrow, Hyperledger Fabric and Sawtooth frameworks. Additionally, Hyperledger and the Enterprise Ethereum Alliance jointly announced membership in each other’s communities as a way to further bolster enterprise blockchain adoption.

The scale and diversity of the community coming together for Hyperledger Global Forum is a testament to the momentum and evolution of enterprise blockchain,” said Brian Behlendorf, Executive Director, Hyperledger. “With a line-up of more than 260 member organizations, hundreds of code contributors, tens of thousands of community participants and 11 million lines of code, Hyperledger’s community and technologies are a driving force in the increasing pace of adoption of distributed ledger technology. Whether on the technical or business front, the discussions are now about the very real implications and impact of DLT deployments, and the next three days will only advance those conversations.”

Member News

As part of this global gathering of the Hyperledger and blockchain community, a host of members are announcing or showcasing new products, service offerings and milestones. Below is a recap of recent members’ news:

  • AAIS (American Association of Insurance Services) – the only national not-for-profit insurance advisory organization, launched a pilot of openIDL (open Insurance Data Link) to transform insurance regulatory reporting on the IBM Blockchain Platform, which is powered by Hyperledger Fabric.
  • Altoros – released a distributed application built on top of Hyperledger Fabric. The blockchain-based trading platform is a marketplace for peer-to-peer trades of any standardized financial instrument or commodity. It allows users to see the full history of bids, offers, and deals in a single interface. The solution acts as a common immutable and transparent source of “truth” while keeping sensitive information private through the custom functionality of Hyperledger Fabric. Tailor-made reporting feature provides a one-stop guide to pricing and volume trends during the whole trading day which helps save time and increase the efficiency of trading activities. Learn more: https://www.altoros.com/blockchain-finance-demo-otc.html
  • Bitmark – announced the Bitmark Health App to help institutions and researchers crowdsource health data and track the chain-of-consent from individuals for its use. By pairing the Bitmark blockchain with Hyperledger Indy, the app enables the secure, verified digital identification of health companies and institutions—such as medical research, trial matching, university labs, big pharma—while still maintaining the privacy of, and chain-of-consent from, each patient. Learn more: https://bitmark.com/products/bitmark-health.
  • Blockchain Technology Partners – recently launched Sextant™, its powerful blockchain management platform, on Amazon Web Services (AWS) Marketplace for Containers at AWS re:Invent. Sextant utilizes a carefully curated Hyperledger Sawtooth distribution – built, tested and maintained by BTP – to deliver one-click deployment of enterprise-grade Sawtooth networks. Sextant is cloud-first, and Kubernetes is the logical choice for production-grade orchestration. Under the covers Sextant automatically generates Kubernetes manifests so that Sawtooth can either be deployed on existing Kubernetes clusters or on brand new ones deployed by Sextant on AWS using Kubernetes Operations. BTP’s announcement can be found here.
  • Blockdaemon – just announced Kinetic Ledger, which provides a tamper-evident seal cryptographically for users’ data. Using flexibly permissioned channels provided by Hyperledger, Blockdaemon’s new offering is in private beta testing using Fabric to provide any number of independent, single purpose ledgers. Blockdaemon became a member of the Hyperledger community in May and has been working closely with members to simplify the process of deploying nodes and creating scalable enterprise blockchain solutions. Learn more about Kinetic Ledger at kineticledger.com.
  • Circulor – recently launched the world’s first blockchain mine to manufacturer traceability system for raw materials used in consumer electronics and electric vehicles. The Hyperledger Fabric-based system is already tracking tantalum, used into capacitors, from mines in Rwanda.  A large proportion of these raw materials, like tantalum and cobalt, are mined by hand in Africa and are associated with human rights abuses. Learn more: https://www.circulor.com/
  • DLT Labs DLT Labs has announced DL Gateway Fabric™ a development sandbox to set up and manage a blockchain network using Hyperledger Fabric. It can help accelerate the understanding and adoption of blockchain within an organization through a powerful load balanced REST API that interacts with the blockchain. It enables enterprises to build and test scalable applications without any installation or maintenance of blockchain infrastructure.
  • Filament – launched Blocklet™ for Trusted Vehicle Applications (TVA), the industry’s first end-to-end automotive blockchain platform that allows vehicles to participate directly in blockchain and distributed ledger technologies (DLTs). The new solution supports Hyperledger Fabric and Hyperledger Sawtooth frameworks. It includes Filament’s Blocklet hardware technology as well as cellular connectivity, environmental sensing and access to vehicle diagnostics, making it possible for automotive, freight and transportation companies to create new, large-scale connected-vehicle services and smart contract applications on top of a trusted blockchain foundation. Learn more: https://filament.com/products/
  • KoreConX – created its own globally-compliant Security Token Protocol, the KoreToken, which is powered by Hyperledger Fabric. The feature is now available at the all-in-one platform that has been the trademark of its services. The company also organized the first KoreSummit, an event dedicated to educating the business industry about Blockchain and Security Tokens.
  • KrypC – developed an end-to-end production grade application in the area of BFSI, the first trade finance e-marketplace for banks. It is powered by Hyperledger Fabric and proprietary components of KrypC and enables all the banks, FIs, and treasuries to exchange information and assets with others, selectively, securely and efficiently. TradeAssets is in production with more than 15+ banks onboard. Some of the other success stories are in the area of microfinance and travel Insurance, also tokenizing the bill of lading and secured movement of cargo tokens for Maersk, which will set a new standard in an interlocking e2e supply chain.
  • Monax – announced that the Monax Platform is now in private beta. The Monax Platform is powered by Hyperledger Burrow and is a contract lifecycle management tool that allows consumers to easily procure lawyer-tested agreements and stay in full control of their business contracting. Harnessing a unique combination of active agreements, blockchain technology and a business process modelling engine, the platform is designed to move business legal obligations into the networked world. Learn more: www.monax.io
  • OracleTo support customer production launches on its Blockchain Cloud Service (powered by Hyperledger Fabric), Oracle recently upgraded its platform to add:
    • A rich set of REST APIs for events subscription and integration
    • Support for SQL-based rich data queries in smart contracts
    • The first-ever Analytics/BI integration for transaction history
    • Identity federation capabilities
    • Support for third-party certificates for blockchain client organizations

In customer trials, Oracle has demonstrated a hybrid blockchain joining OBCS and Hyperledger Fabric nodes outside of Oracle Cloud. The company also announced Oracle Blockchain Application Cloud, a new suite of business-ready SaaS applications that enhance traceability and transparency throughout the supply chain.

  • SecureKey – Will launch its innovative and in-demand Verified.Me network to Canadian consumers in early 2019. Verified.Me is a blockchain-based digital identity network built upon Hyperledger Fabric 1.2, enabling consumers to stay in control of their information by choosing when to share information and with whom, reducing unnecessary oversharing of personal information. Learn more: https://verified.me/
  • Soramitsu and NSD (Moscow Exchange Group) – Jointly launched a new product named D3Ledger, a global distributed digital depository platform based on Hyperledger Iroha. Its main objective is to provide safekeeping of digital assets for large institutional investors in collaboration with regulating partners. A pilot deal was made earlier this year when AddCapital Investment Fund moved an undisclosed amount of Ethereum inside D3ledger’s custody. D3ledger peer network consisted of three nodes for this pilot transaction: KDD (Slovenian CSD), National Settlement Depository and Lykke. A new BFT consensus – YAC – will allow D3ledger to operate at 2000tps by Q1 2019.
  • Sovrin Foundation – announced Sovrin Network 1.6, a decentralized global public network enabling self-sovereign identity on the internet and a successful implementation of Hyperledger Indy. The Sovrin Network is designed to bring the trust, personal control and ease-of-use of analog IDs (like driver’s licenses and employee ID cards) to the internet. This 1.6 update will support the growing global use of the Sovrin Network and the adoption of self-sovereign identity. Learn more: https://sovrin.org/.
  • Swisscom – announced a 100% Swiss infrastructure for blockchain applications along with Swiss Post. The two companies are building a simple, secure and sustainable infrastructure for blockchain applications in Switzerland and will present it to the public for the first time at Hyperledger Global Forum. They will also make the infrastructure, which is powered by Hyperledger Fabric, available to other companies for their applications. The market launch for the first pilot applications is planned for the second quarter of 2019.

To learn more about Hyperledger and enterprise blockchain technologies, visit: https://www.hyperledger.org/

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.

 

Hyperledger Sawtooth Blockchain Security (Part Three)

By | Blog, Hyperledger Sawtooth

This is the conclusion of my three-part series on Hyperledger Sawtooth Security. I started with Sawtooth consensus algorithms in part one, then continued with Sawtooth node and transaction processor security in part two. Here I will conclude by discussing Sawtooth application security and Sawtooth network security.

Client Application Security

The client part of a Sawtooth application is written by the application developer. The Sawtooth client communicates with a Sawtooth node by REST API requests, including signed transactions and batches. The signing is performed with a private key and, as such, key management and security is important. With Bitcoins, for example, poor key management has resulted in stolen Bitcoins and a “graveyard of Bitcoins” that are inaccessible forever. Key management is the responsibility of the client application as keys are not managed by Sawtooth software.

A keystore is where you securely store your keys. The public key for a keypair, used for signature verification, can be and should be distributed to anyone. The private key portion, used for signing, must be safeguarded from access by others. Here are some keystore methods, ordered from low to high security:

  • The minimum security used should restrict access to the private key. That is either restrict access to the machine holding the key or restrict read access to the private key file to the signer or (better yet) both
  • Better protection would be the use of software-encrypted keystore. This would be a private keystore accessible by a PIN
  • The best protection is from a Hardware Security Module (HSM) keystore or a network-accessible key manager, accessed using the Key Management Interoperability Protocol (KMIP)

Client Authentication

A Sawtooth client may take external user input. In which case, it is important to authenticate that the user is who they say they are. Authentication methods are usually categorized, from low to high security, into:

  • Single-factor Authentication (SFA). SFA is something you know. It could be something like a PIN, password, passphrase, or one-time password (OTP). The main disadvantage with SFA is it could be weak or hard to remember
  • Two-factor Authentication (2FA). 2FA is SFA plus something you have. It could be a security key, such as a U2F token (e.g., YubiKey). The main disadvantage with 2FA is it can be lost or stolen

  • Three-factor Authentication (3FA). 3FA is 1FA and 2FA plus something you are (biometrics). Examples include fingerprints, face recognition, or retina scan. The main disadvantages with 3FA is it can be forged and cannot be easily changed

With 2FA and 3FA, the idea is defense-in-depth (i.e., multiple hurdles to authenticate).

Network Security

Blockchains are subject to Distributed Denial of Service (DDoS) attacks. That is, an attack that attempts to overload blockchain nodes by flooding the targeted nodes with bogus messages. Classical public, unpermissioned blockchain networks avoid DDoS attacks because transactions require spending digital currency (such as Bitcoin), making attacks costly. Also, public blockchain networks are highly distributed—with thousands of nodes—making a DDoS attack on the entire network impractical.

Private or permissioned blockchains, such as Sawtooth, are not designed to run on a public network. As such, they do not require digital currency and “mining.”

Sawtooth network can and should be mitigated against DDoS attacks as follows:

  • Back pressure, a flow-control technique to reject unusually frequent client submissions. If the validator is overwhelmed, it will stop accepting new batches until it can handle more work. The number of batches the validator can accept is based on a multiplier (currently two) of a rolling average of the number of published batches.
  • Sawtooth communication uses the Zero Message Queue (ZMQ or 0MQ) message library. Sawtooth optionally enables encryption with ZMQ when the network_public_key and network_private_key settings are defined in validator.toml. For production, generate your own key pair instead of using a predefined key that may be present.
  • REST API input is validated to avoid buffer corruption or overflow attacks.
  • TCP port 4004, used for communication between internal validator node components, should be closed to outside access in any firewall configuration,
  • TCP port 5050, used to communicate between the validator node and the consensus engine, should be closed to outside access in any firewall configuration.
  • TCP port 8008, used for the REST API, should be closed to outside access in a firewall configuration providing all application clients accessing the REST API come from the local host.
  • If you use the Seth TP (for WASM smart contracts), TCP port 3030, used for Seth RPC, should be closed to outside access in a firewall configuration, providing all RPC requests come from the local host.
  • TCP port 8800, used to communicate between validator nodes, must be open to outside access in any firewall configuration.

Sawtooth validator nodes should be deployed on a VPN or other private network to prevent any outside access to Sawtooth TCP ports.

Basically, best practices dictate closing as many network ports as possible, encrypting network communications, and deploying in a protected network environment (such as a VPN).

Further Information

(10.22.2018) CCN: Visa Integrates Open Source Hyperledger Tech for B2B Blockchain Payments

By | News

Visa is integrating open-source blockchain code from the Hyperledger Fabric ahead of the commercial launch of its own blockchain service for enterprise payments in Q1 2019.

Visa B2B Connect, the payment giant’s enterprise blockchain platform that enables cross-border payments between businesses, is partnering IBM to integrate the latter’s development of the open-source Hyperledger Fabric framework.

You can access the full article here.

Announcing Hyperledger Sawtooth 1.1

By | Blog, Hyperledger Sawtooth

It is with great excitement that we would like to announce the release of Sawtooth version 1.1. Earlier this year we released Sawtooth 1.0, marking the production ready status of the platform. Since then the community has been hard at work adding new features, improving the privacy and performance of the platform, and growing the ecosystem.

The Sawtooth development team has been focused on two major new features for the Sawtooth 1.1 release, an improved consensus interface and support for WebAssembly smart contracts. For a full list of new features and improvements see the Sawtooth 1.1 Release Notes.

Improved consensus interface and new consensus options

While Sawtooth has always enabled ‘pluggable’ consensus and multiple consensus algorithms, recent experiences indicated that the existing consensus interface could be improved. Sawtooth has always aspired to be a modular platform that would enable lean experimentation and rapid adoption of new technologies, in particular, with regards to consensus. After analyzing a number of consensus algorithms that are available today, both Nakamoto (PoW/PoET) and classical (Raft/PBFT), the team decided to re-architect the consensus interface to improve the ease of integration. As a result of this new interface, the team has been able to port the existing Sawtooth consensus options, as well as add two new classical consensus options. Below is the state of these consensus options today:

    • Developer Mode (stable)
    • PoET-Simulator (Crash Fault Tolerant) (stable)
    • PoET-SGX (under development)
    • Raft (alpha)
    • PBFT (under development)

If you are interested in learning more about the new consensus interface, or writing your own, please see the detailed documentation.

Support for WebAssembly smart contracts (Sawtooth Sabre)

Sawtooth Sabre is a new smart contract engine for Sawtooth that enables the execution of WebAssembly-based smart contracts. WebAssembly (WASM) is a new web standard developed at the W3C with participation from major corporations like Apple, Google, and Microsoft. The Sawtooth Sabre project leverages an existing open source WASM interpreter from the broader blockchain community. This on-chain interpreter enables developers to write their code in a variety of languages, compile it down to WebAssembly, and then deploy it directly to the Sawtooth blockchain.

In addition to new feature development, the Sawtooth developer team has continued research and development on improving the privacy and performance of the Sawtooth platform.

Privacy:

On the privacy front, a new Hyperledger Lab called ‘Private Data Objects (PDO)’ has been created. PDO enables smart contracts to execute off-chain with confidentiality and integrity through the use of trusted execution environments. For more information, take a look at this video or read the paper. Private data objects are just one way of addressing blockchain confidentiality, but expect to see more techniques available to Sawtooth over the coming months.

Performance:

On the performance front, much of the effort has been spent porting core Sawtooth components from Python to Rust. While Python was a great language to start with, and enabled the team to rapidly iterate and define the appropriate modularity in the architecture, it is not the most performant language. The 1.0 release stabilized many of the Sawtooth APIs, and as we began tuning the system, we identified bottlenecks arising from the design of the Python programing language. The speed and type safety of the Rust programming language made it a natural fit for the evolution of Sawtooth. As of today, roughly 40% of the Sawtooth validator components have been ported to Rust, a number that we expect will continue to increase over time.

Finally, in addition to adding new features and improving the robustness of the Sawtooth platform, we have also seen an explosion of activity in the community, with dozens of new developers and a variety of tools and applications being openly built on top the Sawtooth infrastructure. Notable new projects in the Sawtooth ecosystem include:

Applications:

  • Sawtooth Supply Chain – A platform focused on supply train traceability with contributors from Bitwise IO and Cargill.
  • Sawtooth Next-Directory – An application focused on role-based access control with contributors from T-Mobile.

Tools:

  • Truffle integration with Sawtooth-Seth – A new integration that allows you to deploy Ethereum smart contracts to Sawtooth using the leading Ethereum development tool, Truffle. Built in collaboration with the Truffle team.
  • Caliper support for Sawtooth – Benchmark Sawtooth in a variety of configurations with Hyperledger Caliper.
  • Sawooth Explorer – A blockchain explorer built for Sawtooth by the team at PokitDok.
  • Grafana monitoring – A set of tools for data collection and visualization for live Sawtooth deployments.

Part of a Grafana dashboard for a Sawtooth Testnet running Raft

The Sawtooth ecosystem and functionality is rapidly expanding, which wouldn’t be possible without the community behind it. I’d like to thank all of the developers who have put in time building tools and applications, or providing support, for their effort, including, but not limited to:

Adam Gering, Adam Ludvik, Adam Parker, Al Hulaton, Amol Kulkarni, Andrea Gunderson, Andrew Backer, Andrew Donald Kennedy, Anne Chenette, Arthur Greef, Ashish Kumar Mishra, Benoit Razet, Boyd Johnson, Bridger Herman, Chris Spanton, Dan Anderson, Dan Middleton, Darian Plumb, Eloá Franca Verona, Gini Harrison, Griffin Howlett, James Mitchell, Joel Dudley, Jonathan Langlois, Kelly Olson, Keith Bloomfield Kenneth Koski, Kevin O’Donnell, Kevin Solorio, Logan Seeley, Manoj Gopalakrishnan, Michael Nguyen, Mike Zaccardo, Nick Drozd, Pankaj Goyal, PGobz, Patrick BUI, Peter Schwarz, Rajeev Ranjan, Richard Berg, Ry Jones, Ryan Banks, Ryan Beck-Buysse, Serge Koba, Shawn T. Amundson, Sutrannu, Tom Barnes, Tomislav Markovski, Yunhang Chen, Zac Delventhal, devsatishm, feihujiang, joewright, kidrecursive, mithunshashidhara, and ruffsl.

If you’d like to join the community or learn more, you can find more information here:

Chat: #Sawtooth in Hyperledger RocketChat

Docs: Sawtooth 1.1 Documentation

Code: Sawtooth-core Github

Website: Hyperledger Sawtooth Homepage

Thanks for reading and look forward to more posts detailing new Sawtooth 1.1 features and improvements. We encourage developers to try these new feature out and give us feedback!

 

Welcome Hyperledger Ursa!

By | Blog, Hyperledger Ursa

Hyperledger Ursa is the latest project to be accepted by the TSC! It is a modular, flexible cryptography library that is intended for—but not limited to—use by other projects in Hyperledger. Ursa’s objective is to make it much safer and easier for our distributed ledger projects to use existing, time tested, and trusted cryptographic libraries but also new cryptographic library implementations being developed.

Ursa aims to include things like a comprehensive library of modular signatures and symmetric-key primitives built on top of existing implementations, so blockchain developers can choose and modify their cryptographic schemes with a simple configuration file change. Ursa will also have implementations of newer, fancier cryptography, including things like pairing-based signatures, threshold signatures, and aggregate signatures, and also zero-knowledge primitives like SNARKs.

Ursa will be written mostly in Rust, but will have interfaces in all of the different languages that are commonly used throughout Hyperledger.

Why Ursa?

As Hyperledger has matured, the individual projects within Hyperledger have started to find a need for sophisticated cryptographic implementations. Rather than have each project implement its own cryptographic protocols, it is much better to collaborate on a shared library. There are many reasons to do this, including the following:

  1. Avoiding duplication: Crypto implementations are notoriously difficult to get correct (particularly when side channels are taken into account) and often require a lot of work in order to achieve a high level of security.  The library allows projects to share crypto implementations, avoiding unnecessary duplication and extra work.
  2. Security: Having most (or all) of the crypto code in a single location substantially simplifies the security analysis of the crypto portion of Hyperledger.  In addition, the lack of duplication means maintenance is easier (and thus, hopefully security bugs are less numerous). The presence of easy to use, secure crypto implementations might also make it less likely for less experienced people to create their own less secure implementations.  
  3. Expert Review: In addition, the ability to enforce expert review of all cryptographic code should increase security as well.  Having all of our cyptographic code in a single location makes it easier to concentrate all of the cryptographic expertise in the project and ensures that code will be well reviewed, thus decreasing the likelihood of dangerous security bugs.  
  4. Cross-platform interoperability: If two projects use the same crypto libraries, it simplifies (substantially in some cases) cross-platform interoperability, since cryptographic verification involves the same protocols on both sides.
  5. Modularity: This could be the first common component/module and a step towards modular DLT platforms, which share common components.   While we have already outlined most of the advantages this modularity brings in terms of actual functionality, a successful crypto library encourages and pushes forward more modular activities.
  6. New Projects: It is easier for new projects to get off the ground if they have easy access to well-implemented, modular cryptographic abstractions.

Who Is Involved in Ursa?

On the more practical side, Ursa currently includes developers who work on the security aspects of Hyperledger Indy, Sawtooth, and Fabric. In addition, the Ursa project includes several cryptographers with an academic background in theoretical cryptography to ensure that all cryptographic algorithms meet the desired levels of security.

Our goal in creating Ursa is to combine the efforts of all the security and cryptography experts in the Hyperledger community and move all of the projects forward.

Features and Plans

Currently Ursa has two distinct modules: a library for modular, flexible, and standardized basic cryptographic algorithms, and a library for more exotic cryptography, including so-called “smart” signatures and zero knowledge primitives called zmix.

Our first library is our “base crypto” library. Right now we are focused on our shared modular signature library, but we plan to extend this to allow easy modularization of all commonly used cryptographic primitives in Minicrypt. This—work in progress—has the implementation of several different signature schemes with a common API, allowing for blockchain builders to change signature schemes almost on-the-fly—or to use and support multiple signature schemes easily. Exact implementations and APIs have not been finalized, but they are in progress.

We note that there aren’t raw crypto implementations in this library—things here are stable and generally standardized—but wrappers for code from existing libraries and also code generated by commonly used cryptography libraries such as the Apache Milagro Crypto Library (AMCL). The novelty here is the modularization and API, which enables blockchain platforms to easily use a wide variety of changeable cryptographic algorithms without having to understand or interact with the underlying mathematics.

In the future, we expect other wrappings and modular code to go in this library. For instance, Indy makes use of aggregate signatures, a feature which the other platforms would also like available to them. There are also a variety of hash algorithms which provide different performance characteristics or support different signature schemes. Selecting vetted implementations and providing a common interface helps the Hyperledger community manage a growing crypto feature set in a responsible manner.

Our second initial subproject is zmix, which offers a generic way to create zero knowledge proofs that prove statements about multiple cryptographic building blocks, including signatures, commitments, and verifiable encryption. The goal of zmix is to provide a single flexible and secure implementation to construct such zero knowledge proofs. Zmix consists of C-callable code but there are also convenience wrappers for various programming languages.

Getting involved

If you’re interested in learning more about, using, or contributing to Ursa, please check out the following: https://www.hyperledger.org/projects/ursa

We welcome interest even from those who aren’t working with Hyperledger projects, so feel free to join us if you like!

All Are Welcome Here

By | Blog, Hyperledger Burrow, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha, Hyperledger Sawtooth

A Minneapolis coffee shop that has fueled or at least caffeinated a lot of Hyperledger commits.

One of the first things people learn when coming to Hyperledger is that Hyperledger isn’t, like it’s name may imply, a ledger. It is a collection of blockchain technology projects. When we started out it was clear almost immediately that a single project could not satisfy the broad range of uses nor explore enough creative and useful approaches to fit those needs. Having a portfolio of projects, though, enables us to have the variety of ideas and contributors to become a strong open source community. Back in January of 2016 Sawtooth and Fabric were both on the horizon followed shortly by Iroha, but we wouldn’t have predicted that we would have Hyperledger Burrow and Hyperledger Indy – two projects that bear no resemblance to each other. Burrow is a permissioned Ethereum-based platform and Indy is a distributed identity ledger. Burrow is written in Go, and Indy was created in Python and is porting to Rust.

Both of these platforms are interesting in their own rights, but Hyperledger is even more interesting for the combination of these projects with the others. Both Sawtooth and Fabric have already integrated with Burrow’s EVM. Now Hyperledger has a set of offerings that can simultaneously satisfy diverse requirements for smart contract language, permissioning, and consensus. Likewise Sawtooth and Indy have been working together at our last several hackfests. The results of that may unlock new use cases and deployment architectures for distributed identity. So it’s not that our multiplicity of projects has given us strength through numbers, but rather strength through diversity.

Hyperledger Hackfest – December 2017 at The Underground Lisboa

The hackfests that we mentioned are one of the rare times that we get together face to face. Most of our collaboration is over mail list, chat, and pull-requests. When we do get together though it’s always in a new city with new faces. One of our most recent projects was hatched inside one of those buses. It wasn’t the most ergonomic meeting I’ve ever had but there was room for everyone on that bus.

Hyperledger Hackfest in Chicago

Our hackfest in Chicago was in a lot more conventional surroundings (still a very cool shared creative space .. lots of lab equipment and benches out of view on the other side of the wall to the right). Looking back at this photo is fun for me. I can see a lot of separate conversations happening at each table… people sharing different ideas, helping ramp new contributors, working on advancing new concepts with existing contributors. I can see a lot of similarity but also a little variety. It’s a busy room but there’s still open chairs and room for more variety.

Our next hackfest won’t be until March 2019 (Hyperledger is hosting Hyperledger Global Forum in December in Basel though). The March hackfest will be somewhere in Asia – location to be settled soon. The dates and locations of the other 2019 hackfests aren’t set yet. I don’t know where they will be specifically, but I do know that there will be a seat available and you will be welcome there.

These face to face meetings really are more the exception than the rule at Hyperledger. There are now more than 780 contributors spread all across the globe. 165 of those were just in the last few months. That means that every day we have a new person contributing to Hyperledger. Most of our engagement is through the development process. People contribute bug fixes, write new documentation, develop new features, file bugs, etc. If you’ve never contributed open source code before getting started might be intimidating. We don’t want it to be, though. There are a number of resources to help you get started. You can watch this quick video from Community Architect, Tracy Kuhrt. There’s documentation for each project, mail lists, a chat server, working groups, and some of the projects even host weekly phone calls to help new developers get engaged. Everyone in Hyperledger abides by a Code of Conduct so you can feel comfortable knowing that when you join any of those forums you will be treated respectfully. Anyone who wants to get involved can regardless of “physical appearance, race, ethnic origin, genetic differences, national or social origin, name, religion, gender, sexual orientation, family or health situation, pregnancy, disability, age, education, wealth, domicile, political view, morals, employment, or union activity.” We know that to get the best ideas, best code, best user experience we need your involvement. Please come join our community.

Image created by https://allarewelcomehere.us/ for Hyperledger

As always, you can keep up with what’s new with Hyperledger on Twitter or email us with any questions: info@hyperledger.org.