2019 Summer Mentee Project Update: Hyperledger Fabric SDK for Node.js security extension

What I worked on

I’m Hengming Zhang, a member of this summer’s Hyperledger Mentorship Program.

The general goal of my project was extending the security scope of the Hyperledger Fabric SDK for Node.js. Key objectives included:

  • Fix integration test failures on various operating systems.
  • Refactor the key store class design by object-oriented method.
  • Enhance the compatibilities of Hardware Security Module (HSM).
  • Construct an applicable offline signing scheme.

After having the first talk with my mentor, David Liu, I set out the milestones and deliverables with this project:

  1. Completing a list of checklist items that were established before the beginning of Hyperledger Mentorship Program. The checklist contains preparing:
    • AWS cloud account
    • Virtual machine snapshot for the on-premise desktop
    • Mobile devices
  2. Fixing  the integration test failures on macOS and Ubuntu by the 1st Quarter Evaluation.
  3. Refactoring Key store class design by the Midterm Quarter Evaluation.
  4. Enhancing HSM compatibility by the 3rd Quarter Evaluation.
  5. Offline signing of a client by the Final Evaluation.

Once I had finished the initial set up from the checklist, I started development for this project. During the development, the proudest of experience were using the right Hyperledger channels:

  • Technology – Hyperledger Fabric, Hyperledger Fabric CA, and Hyperledger SDK for Node.js.
  • Tools – Hyperledger Wiki, Hyperledger Gerrit, Hyperledger Chat and Hyperledger Jira.

By the end of this internship, I had finished 6/7 of the deliverables I had created above.

In conclusion, I think my work on the offline signing scheme could have the most impact on the Hyperledger or larger communities. I have constructed an applicable client offline signing scheme using Flutter as the client for the fabric-client-flutter project and Node as the server for the fabric-server-node project.

At last, there are our mentor and mentee’s information for this summer’s Hyperledger Mentorship Program:

MentorEmailOrganization
David (Yuxiang) Liudavid-khala@hotmail.comMediConCen
MenteeEmailUniversity
Hengming (5sWind) Zhangfiveswind@gmail.comFudan University

What I learned or accomplished

As I mentioned in the “What I worked on” section, the six deliverables I completed include:

  • Setting up an AWS cloud account
  • Creating a virtual machine snapshot for the on-premise desktop
  • Preparing mobile devices
  • Fixing the integration test failures on macOS and Ubuntu
  • Enhancing HSM compatibility
  • Offline signing of client

However, there are no such shortcut path as things moved forward. Below are some of the issues I had to overcome: 

  • Running AWS CloudHSM on EC2 instance: Ubuntu 18 / Windows Server 2019 / Red Hat Enterprise Linux
  • Installing SoftHSM on Windows 10 virtual machine snapshot
  • Constructing a PKCS#8 standard RSA asymmetric keys that can be used to interact with Hyperledger Fabric network as the user’s local key store
  • Constructing a Certificate Signing Request (CSR) using RSA keys on the client side
  • Building an interactive model between Hyperledger Fabric and Flutter mobile client
  • Refactoring current CryptoKeyStore mixin class to an object-oriented class model

Plus, there are also some of the insights I got and lessons I learned from the Hyperledger community:

  1. Communicate with others (e.g., project maintainers, mentors)
  2. Connect and work remotely
  3. Document ideas, issues, and reports
  4. Clean code and use state-of-the-art technologies

So, at this time, I would like to share with you some advice regarding working in an open source community:

  1. Clean code and annotations are necessary: it means when others look at your project, they can quickly understand what your code does.
  2. Communication is important: it can help to deduplicate works, find solutions, and so on.

For example, in my internship experience, leveraging the second piece of  advice, I found out that the community was refactoring the code base that I was working on. Therefore, the duplicated work could be avoided.

What comes next

The ending of the internship journey is not the destination. I have some recommended next steps for the project:

  • Advancing and improving the fabric-client-flutter project, such as extend it to support other platforms: Windows, macOS, and even IoT devices for them to use Hyperledger Fabric.
1 fabric-client-flutter project interface on Android device.
2 fabric-client-flutter project interface on iOS device.
  • Refactoring and improving the fabric-server-node project to common Hyperledger Fabric servers that can be serving any request from any Hyperledger Fabric client.
  • Continuously contributing to the fabric-sdk-node project.

In the future, I would like to be a long-term contributor to the Hyperledger or the larger open source community.

With this internship experience, I hope I can move forward as a recognized engineer and cryptographic researcher.

For more details, see my project report here.