All Posts By

Hyperledger

Open source eKYC blockchain built on Hyperledger Sawtooth

By | Blog

Guest post: Rohas Nagpal, Primechain Technologies

1. Introduction

Financial and capital markets use the KYC (Know Your Customer) system to identify “bad” customers and minimize money laundering, tax evasion, and terrorism financing. Efforts to prevent money laundering and the financing of terrorism are costing the financial sector billions of dollars. Banks are also exposed to huge penalties for failure to follow KYC guidelines. Costs aside, KYC can delay transactions and lead to duplication of effort between banks.

Blockchain-eKYC is a permissioned Hyperledger Sawtooth blockchain for sharing corporate KYC records amongst banks and other financial institutions.

The records are stored in the blockchain in an encrypted form and can only be viewed by entities that have been “whitelisted” by the issuer entity. This ensures data privacy and confidentiality while at the same time ensuring that records are shared only between entities that trust each other.

Blockchain-eKYC is maintained by Rahul Tiwari, Blockchain Developer, Primechain Technologies Pvt. Ltd.

The source code of Blockchain-eKYC is available on GitHub at:

https://github.com/Primechain/blockchain-ekyc-sawtooth

Primary benefits

  1. Removes duplication of effort, automates processes and reduces compliance errors.
  2. Enables the distribution of encrypted updates to client information in real time.
  3. Provides the historical record of all compliance activities undertaken for each customer.
  4. Provides the historical record of all documents pertaining to each customer.
  5. Establishes records that can be used as evidence to prove to regulators that the bank has complied with all relevant regulations.
  6. Enables identification of entities attempting to create fraudulent histories.
  7. Enables data and records to be analyzed to spot criminal activities.

2. Uploading records

Records can be uploaded in any format (doc, pdf, jpg etc.) up to a maximum of 10 MB per record. These records are automatically encrypted using AES symmetric encryption algorithm and the decryption keys are automatically stored in the exclusive web application of the uploading entity.

When a new record is uploaded to the blockchain, the following information must be provided:

  1. Corporate Identity Number (CIN) of the entity to which this document relates – this information is stored in the blockchain in plain text / un-encrypted form and cannot be changed.
  2. Document category – this information is stored in the blockchain in plain text / un-encrypted form and cannot be changed.
  3. Document type – this information is stored in the blockchain in plain text / un-encrypted form and cannot be changed.
  4. A brief description of the document – this information is stored in the blockchain in plain text / un-encrypted form and cannot be changed.
  5. The document – this can be in pdf, word, excel, image or other format and is stored in the blockchain in AES-encrypted form and cannot be changed. The decryption key is stored in the relevant bank’s dedicated database and does NOT go into the blockchain.

When the above information is provided, this is what happens:

  1. Hash of the uploaded file is calculated.
  2. The file is digitally signed using the private key of the uploader bank.
  3. The file is encrypted using AES symmetric encryption.
  4. The encrypted data is converted into hexadecimal.
  5. The non-encrypted data is converted into hexadecimal.
  6. Hexadecimal content is uploaded to the blockchain.

Sample output:

  {file_hash: 84a9ceb1ee3a8b0dc509dded516483d1c4d976c13260ffcedf508cfc32b52fbe
     file_txid: 2e770002051216052b3fdb94bf78d43a8420878063f9c3411b223b38a60da81d
     data_txid: 85fc7ff1320dd43d28d459520fe5b06ebe7ad89346a819b31a5a61b01e7aac74
     signature: IBJNCjmclS2d3jd/jfepfJHFeevLdfYiN22V0T2VuetiBDMH05vziUWhUUH/tgn5HXdpSXjMFISOqFl7JPU8Tt8=
     secrect_key: ZOwWyWHiOvLGgEr4sTssiir6qUX0g3u0
     initialisation_vector: FAaZB6MuHIuX}

 

3. Transaction Processor and State

This section uses the following terminology:

  • Transaction Processor – this is the business logic / smart contracts layer.
  • Validator Process – this is the Global State Store layer.
  • Client Application (User) – this implies a user of the solution; the user’s public key executes the transactions.

The Transaction Processor of the eKYC application is written in Java. It contains all the business logic of the application. Hyperledger Sawtooth stores data within a Merkle Tree. Data is stored in leaf nodes and each node is accessed using an addressing scheme that is composed of 35 bytes, represented as 70 hex characters.

Using the Corporate Identity Number, or CIN, provided by the user while uploading, a 70 characters (35 bytes) address is created for uploading a record to the blockchain. To understand the address creation and namespace design process, see the documentation regarding Address and Namespace Design.

Below is the address creation logic in the application:

Note:

  • uniqueValue is the type of data (can be any value)
  • kycAddress is the CIN of the uploaded document.

The User can upload multiple files using the same CIN. However, state will return only the latest uploaded document. To get all the uploaded documents on the same address, business logic is written in Transaction Processor.

The else { part will do the uploading of multiple documents on the same address and fetching every uploaded document from the state.

4. Client Application

The client application uses REST API endpoints to upload (POST) and get (GET) documents on the Sawtooth blockchain platform. It is written in Nodejs. In case of uploading, few steps to be considered:

  • Creating and encoding transactions having header, header signature, and payload.(Transaction payloads are composed of binary-encoded data that is opaque to the validator.)

  • Creating BatchHeader, Batch, and encoding Batches.

  • Submitting batches to the validator.

When getting uploaded data from blockchain, the following steps needs to be considered:

  1. Creating the same address from the CIN given by User, using GET method to fetch the data stored on the particular address. As shown in  the following code snippet, updatedAddress is created by getting user input either from User (search using CIN in the network) or from the private database of the user (Records uploaded by the user). Similarly, splitStringArray splits the data returned from a particular address because of the transaction logic written in the Transaction Processor to upload multiple documents on the same address while updating state with the list of all the uploaded data (not only the current payload).

2. The client side logic is then written to convert the splitStringArray by decoding it to the required format and giving User an option to download the same in the form of a file.

5. Installation and setup

Please refer to the guide here: https://github.com/Primechain/blockchain-ekyc-sawtooth/blob/master/setup.MD

6. Third party software and components

Third party software and components: bcryptjs, body-parser, connect-flash, cookie-parser, express, express-fileupload, express-handlebars, express-session, express-validator, mongodb, mongoose, multichain, passport, passport-local, sendgrid/mail.

7. License

Blockchain-eKYC is available under Apache License 2.0. This license does not extend to third party software and components.

Debunking Myths Surrounding Hyperledger

By | Blog

Since its inception at the end of 2015, Hyperledger has grown from two projects to ten, and the adoption of the Hyperledger platforms and tools has spread across a wide range of industries. Even as Hyperledger has become a trusted name when it comes to using blockchain for the enterprise, there are still some misperceptions that we’d like to debunk once and for all.

Myth #1: Hyperledger is a vendor.

Reality: Hyperledger is not a vendor. It is a non-profit industry consortium with a membership-based model. Anyone can use the code, contribute, and even become a core maintainer on any of the projects, whether or not they work at member companies. We do have a growing subset of our member community that offer business blockchain products and services based on Hyperledger projects; you can check the 80+ organizations and offerings in the vendor directory.

Myth #2: Hyperledger is an IBM- and Intel-run shop.

Reality: Though a number of Hyperledger projects were originally contributed by IBM (Hyperledger Fabric, Hyperledger Composer, Hyperledger Cello, Hyperledger Explorer) and Intel (Hyperledger Sawtooth, Hyperledger Explorer), the diversity of the developers working on the projects grows every day. Over the lifetime of all 10 Hyperledger projects, there have been 729 unique code contributors, representing more than 150 organizations. The recent 1.2 release of Hyperledger Fabric featured contributions from 15 companies, including Accenture, BBVA, Oracle, and Blocledger; 22% of the commits came from non-IBM sources. In the Hyperledger Sawtooth project, Bitwise has eclipsed Intel in the maintainer count. We are grateful for the continued resources and support that IBM and Intel provide, and encourage other companies to follow their lead, so that Hyperledger remains a healthy, multi-stakeholder community.

Myth #3: Hyperledger doesn’t support interoperability.

Reality: Hyperledger Quilt, one of the five tools in the Hyperledger greenhouse, offers a way of guaranteeing transactional coherence across two ledgers. And that’s just the start of what Hyperledger can do for interoperability.

An early example of this was the integration between the Hyperledger Sawtooth and Hyperledger Burrow projects last year. As a result of that integration, simple EVM smart contracts can be deployed to Hyperledger Sawtooth using the “Seth” (Sawtooth Ethereum) Transaction Family.

More recently, the  Hyperledger Fabric community began working to create a bridge to the Ethereum community so that developers can write EVM smart contracts on Fabric. The hope is that our community will continue to tighten integration and interoperability across Hyperledger projects and beyond, creating a greater number of options for developers. We hope that even more developers can start to think out of the box, connecting blockchains, and doing it securely. The problem of working with more than one technology stack is no longer a technical one.

Our philosophy has always been that you can write one blockchain that talks to multiple other blockchains at the same time. They’re not hermetically sealed.

Myth #4: Hyperledger isn’t focused on scalability and privacy.

Reality: Hyperledger is working on multiple fronts to improve scalability and privacy. The Performance and Scale Working Group is collaborating on defining key metrics for scalability in blockchain technology. Hyperledger Fabric already has a scalability feature called ordering nodes, which lets you focus a subset of your network on the performance-critical part of it in order to improve performance.

When it comes to personal data, Hyperledger Indy upholds the standards mandated by GDPR. Hyperledger Fabric has support for private channels, which is one of the techniques for providing confidentiality between parties with their transactions on the blockchain.

At the same time, our Hyperledger Architecture Working Group has a working draft of an evaluation of the different Hyperledger projects’ approaches to privacy and confidentiality.

Myth #5: Hyperledger blockchains are one network per application.

Reality: Our vision is that there can be multiple, different applications for each network. The food trust network that is being developed with Walmart, for example, could be applied to trace fish, packaged greens, and consumer products, all at the same time. Plus, we are eager to see the interesting applications that can be built on top of that traceability.

The Hyperledger community keeps growing: We’re up to 277 member organizations, including new members FedEx and Honeywell. While that should mean greater awareness of who we are and what we do, we also want to continue to answer your questions. Are there other myths you have heard or seen? Not sure if something is true or not about Hyperledger and blockchain in general? Feel free to share with us on Twitter @Hyperledger.

We hope you join us in the effort by contributing to Hyperledger projects. You can plug into the Hyperledger community at github, Rocket.Chat the wiki or our mailing list. As always, you can or email us with any questions: info@hyperledger.org.

Developer Showcase Series: Jonas Snellinckx, TheLedger

By | Blog

This blog series serves to highlight the work and motivations of developers, users and researchers collaborating on Hyperledger’s projects. Next up is Jonas Snellinckx from TheLedger. Let’s see what he has to say!

What advice would you offer other technologists or developers interested in getting started working on blockchain? 

Blockchain isn’t like any other technology, it isn’t well researched, and it sure isn’t well documented. But let this not scare you. You are a pioneer in the era of a new internet.

Whether you have a computer science background or not, blockchain is a technology you want to get started with. I would not recommend focusing all your resources on one technology. Everything is still early, and there are so many good concepts and technologies out there. Just wait and follow the market. New technologies will arise, so there’s no reason to get tunnel vision and use one technology for all. This is not Java.

What project in Hyperledger are you working on? Any new developments to share? Can you sum up your experience with Hyperledger?

I’m currently working at TheLedger developing prototypes on mostly Hyperledger Fabric, but also BigchainDB. We are a consultancy firm, mostly doing prototypes, which means I’m fortunate enough to cycle through projects and learn new things at a quick pace. I have worked on numerous prototypes from KYC to competencies on the blockchain to a hackathon solution for diamond invoice financing to even a self-conscious house. You can learn all about our adventures and other Hyperledger Fabric related posts here: https://medium.com/wearetheledger.

I’m also maintainer of some boilerplates and tools for the Hyperledger Fabric network. You can find all our tools on https://github.com/wearetheledger , we have a bunch. We created a network boilerplate, backend boilerplate using nestjs and typescript, node utils to write nodejs chaincode at lightning speed and a mockstub to test nodejs chaincode. We vastly improved our workflow by using these tools, so I highly recommend looking at these.

What do you think is most important for Hyperledger to focus on in the next year?

I think Hyperledger Indy is a big one, I think self-sovereign identity will be more important in the future. Just overall making the projects more mature and listening to the needs of the community. I think Fabric is doing this pretty well already.

As Hyperledger’s incubated projects start maturing and hit 1.0s and beyond, what are the most interesting technologies, apps, or use cases coming out as a result from your perspective?

We recently talked about this at the office. Hyperledger Indy and Self-Sovereign Identity will be a big part once we get to integrate this with Hyperledger Fabric. There’s still some work to this, but this has so much potential. Blockchain is one thing, but SSI will have a whole other meaning to the ecosystem. This will also help some GDPR related issues.

What’s the one issue or problem you hope blockchain can solve?

I think I’m not the only developer who’s lazy. At school they told us a developer should be like this. This is why it frustrates me one has to do so much duplicate work to submit forms to difference instances for example. I just hope we get rid of this all this duplicate paperwork and do something useful with this saved time.

Where do you hope to see Hyperledger and/or blockchain in 5 years?

I don’t think we can even imagine the impact of blockchain in 5 years. There’s so many awesome ideas, and most of them are currently only in their concept phase. We’ll have to wait until things mature.

 

(10.2.18) Computerworld: The world’s two largest enterprise blockchain groups join forces

By | News

The Enterprise Ethereum Alliance (EEA), a blockchain standards organization and Hyperledger, an open source collaborative under the auspices of The Linux Foundation, today announced they have joined each other’s groups.

The two groups said the joint associate membership will lead to an open-source, standards-based, cross-platform collaboration that can accelerate adoption of the distributed ledger technology for business.

More here.

Growing the Enterprise Blockchain Ecosystem Through Open Standards and Open Source Code

By | Blog

By Brian Behlendorf, Executive Director of Hyperledger at the Linux Foundation

and Ron Resnick, Executive Director of the Enterprise Ethereum Alliance

The Enterprise Ethereum Alliance and Hyperledger today announce that we are formally joining each other’s organizations as Associate Members. This will enable more active and mutual cross-community collaboration through event participation, connecting with other members, and finding ways for our respective efforts to be complementary and compatible. The collaboration between our organizations will further accelerate adoption of blockchain technologies for business.

The Enterprise Ethereum Alliance sponsors the development of specifications and standards for enterprise blockchain networks, with a focus on those aligned with the broader Ethereum ecosystem. Hyperledger fosters the development of open source software for establishing, managing, and connecting enterprise blockchain networks. Thus, our two organizations have similar objectives, with highly complementary approaches to achieving them.

Our two organizations have similar objectives, such as broadening and strengthening the community around and the adoption of enterprise blockchain technologies. What we hope to get across to the public is that anyone who ever put a “versus” between EEA and Hyperledger got it wrong; it’s now conclusively “EEA AND Hyperledger.”

This relationship will enable Hyperledger developers to write code that conforms to the EEA specification and certify them through EEA certification testing programs expected to launch in the second half of 2019. As members of each other’s organizations, both communities will be able to collaborate across tens of Special Interest Groups, Working Groups, meetups and conferences globally, across hundreds of thousands of developers in both communities.

EEA community members working on specifications and standards can turn to Hyperledger to collaborate on software implementations of those standards. Those could be done as lightweight efforts in Hyperledger Labs, or proposed as top-level projects to the Technical Steering Committee for approval to join the other 10 Hyperledger projects. Our cross-cutting working groups on identity, architecture, performance/scalability could also be leveraged. Both organizations host Meetups and events around the globe, adding to the opportunities for collaboration.

There is already work underway that shows our alignment. In 2017, Hyperledger launched the Hyperledger Burrow project, an Apache-licensed implementation of the Ethereum Virtual Machine (EVM) bytecode interpreter. Earlier this year, Hyperledger Sawtooth added support for the EVM as a transaction processor, bringing smart contracts developed for the Ethereum mainnet over to Sawtooth-based networks. That effort, dubbed “Seth,” is now in active use, and the developers anticipate submitting it for conformance testing to the EEA Spec 1.0 as soon as possible. Likewise, support for the EVM is now available in Hyperledger Fabric.

As a further example, there is currently a working group on Trusted Execution Environments in EEA, and a prototype implementation of those proposed standards, called “Private Data Objects,” being built as a lab at Hyperledger. Hyperledger Labs provide a channel for innovation and testing of ideas to experiment with new frameworks and modules before achieving MVP or stable code.

This concept of simultaneously developing community-driven open standards and production-quality open source reference implementations is a best practice of Internet-scale software development work. Previous examples include the IETF and Apache working on HTTP, and ECMA and Mozilla working on JavaScript.

Down the road, we hope this mutually beneficial relationship will encourage Ethereum developers to consider submitting their enterprise projects to Hyperledger and Hyperledger project maintainers to consider taking de-facto interfaces appropriate for standardization to the appropriate EEA working groups. This relationship will also enable Hyperledger developers to write code that conforms to the EEA specification and certify them through EEA certification testing programs expected to launch in the second half of 2019.

Both organizations will continue to work with other standards bodies, and other open source communities. By working together, the Enterprise Ethereum Alliance and Hyperledger will bring substantial benefits to developers and enterprises, and accelerate the adoption of enterprise blockchain technologies.

 

Thanks,

Brian & Ron

 

Enterprise Ethereum Alliance and Hyperledger to Advance the Global Blockchain Business Ecosystem

By | Announcements

Through Joint Associate Memberships, EEA and Hyperledger Will Collaborate to Meet Global Demand For Enterprise Blockchain

NEW YORK AND SAN FRANCISCO – Oct 1, 2018 –The Enterprise Ethereum Alliance (EEA), the global standards organization driving the adoption of Enterprise Ethereum, and Hyperledger, The Linux Foundation open source collaborative effort advancing cross-industry blockchain technologies, today jointly announced they have become Associate Members, respectively, within each other’s organization. The open-source, standards-based, cross-platform collaboration between the two organizations will contribute to accelerating mass adoption of blockchain technologies for business.

With hundreds of member companies combined, the EEA and Hyperledger communities represent a wide variety of business sectors from every region of the world.

Hyperledger Executive Director, Brian Behlendorf, and EEA Executive Director, Ron Resnick, have jointly authored a blog post (see Hyperledger’s blog or EEA’s blog) to announce this partnership.

“This is a time of great opportunity,” said Resnick. “Collaborating through mutual associate membership provides more opportunities for both organizations to work more closely together. In addition, Hyperledger developers who join the EEA can participate in EEA Certification to ensure solution compliance for projects related to the Enterprise Ethereum Client Specification.”

As members of each other’s organizations, the leadership of both organizations will be able to collaborate across tens of Special Interest Groups, Working Groups, meetups and conferences globally, across hundreds of thousands of developers in both communities. EEA community members working on specifications and standards can turn to Hyperledger to collaborate on software implementations of those standards.

“Great open standards depend upon great open source code, so this is a natural alliance for both organizations,” said Behlendorf. “Standards, specifications and certification all help enterprise blockchain customers commit to implementations with confidence since they have better assurances of interoperability as well as multiple vendors of choice.”

More About EEA and Hyperledger Work Underway

In 2017, Hyperledger launched the Hyperledger Burrow project, an Apache-licensed implementation of the Ethereum Virtual Machine (EVM) bytecode interpreter. Earlier this year, Hyperledger Sawtooth added support for the EVM as a transaction processor, bringing smart contracts developed for the Ethereum MainNet over to Sawtooth-based networks. That effort, dubbed “Seth,” is now in active use, and the developers anticipate submitting it for conformance testing to the EEA specification as soon as possible. Likewise, support for the EVM is now available in Hyperledger Fabric.

Another example of EEA and Hyperledger’s collaboration is the EEA’s Special Interest Group on Trusted Execution Environments, and a prototype implementation of those proposed standards, called “Private Data Objects” being built within Hyperledger Labs. This project is a best practice example of internet-scale software development work, combining community-driven open standards and community-developed, production-quality open source reference implementation. The effort mirrors work such as the IETF (Internet Engineering Task Force) and Apache working on the web’s underlying protocol HTTP, or ECMA International and Mozilla working on JavaScript, a standardized, multi-platform language used by developers worldwide for web design.

Down the road, this mutually beneficial relationship will encourage Ethereum developers to consider submitting their enterprise projects to Hyperledger and Hyperledger project maintainers to consider taking de-facto interfaces appropriate for standardization to the appropriate EEA working groups. This relationship will also enable Hyperledger developers to write code that conforms to the EEA specification and certify them through EEA certification testing programs expected to launch in the second half of 2019.

“As a founding member of both Hyperledger and EEA, we’ve been proud to participate in the incredible growth of both communities. This is a logical next step that will strengthen the industry as a whole, expand each organization’s reach and benefit from the collaboration across ecosystems, while supporting each organization’s distinct mission,” said David Treat, Managing Director at Accenture.

“For anyone who ever put a ‘vs.’ between Ethereum and Hyperledger, this collaboration shows it’s now ‘Ethereum AND Hyperledger,’” said Behlendorf. “We expect developers building Enterprise Ethereum-related technologies to be motivated to submit projects to Hyperledger, and we hope that project maintainers will consider taking de-facto interfaces that are suitable for standardization to the appropriate Special Interest Group at the EEA.”

 

About The Enterprise Ethereum Alliance

The Enterprise Ethereum Alliance (EEA) is the industry’s first global standards organization to deliver an open, standards-based architecture and specification to accelerate the adoption of Enterprise Ethereum. The EEA’s world-class Enterprise Ethereum Client Specification and forth-coming testing and certification programs will ensure interoperability, multiple vendors of choice, and lower costs for its members – the world’s largest enterprises and most innovative startups. For additional information about joining the EEA, please reach out to membership@entethalliance.org.

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.

(10.1.18) InfoQ: Implementing Privacy by Design in Hyperledger Indy

By | Hyperledger Indy, News

In a recent Hyperledger blog post, Daniel Hardman talks about Hyperledger Indy and its ‘Privacy by Design’ approach to address decentralized identity management. Unlike many systems that add privacy to their product or service after the fact, Hyperledger Indy has been built using a privacy first approach. As the world shifts to more regulation, including GDPR and ePrivacy requirements, Indy can minimize the amount of details a user shares when having their data validated by a third-party system.

More here.