2019 Summer Mentee Project Update: Hyperledger Fabric SDK for Node.js security extension
What I worked on
I’m Hengming Zhang, a member of this summer’s Hyperledger Mentorship Program.
The general goal of my project was extending the security scope of the Hyperledger Fabric SDK for Node.js. Key objectives included:
- Fix integration test failures on various operating systems.
- Refactor the key store class design by object-oriented method.
- Enhance the compatibilities of Hardware Security Module (HSM).
- Construct an applicable offline signing scheme.
After having the first talk with my mentor, David Liu, I set out the milestones and deliverables with this project:
- Completing a list of checklist items that were established before the beginning of Hyperledger Mentorship Program. The checklist contains preparing:
- AWS cloud account
- Virtual machine snapshot for the on-premise desktop
- Mobile devices
- Fixing the integration test failures on macOS and Ubuntu by the 1st Quarter Evaluation.
- Refactoring Key store class design by the Midterm Quarter Evaluation.
- Enhancing HSM compatibility by the 3rd Quarter Evaluation.
- Offline signing of a client by the Final Evaluation.
Once I had finished the initial set up from the checklist, I started development for this project. During the development, the proudest of experience were using the right Hyperledger channels:
- Technology – Hyperledger Fabric, Hyperledger Fabric CA, and Hyperledger SDK for Node.js.
- Tools – Hyperledger Wiki, Hyperledger Gerrit, Hyperledger Chat and Hyperledger Jira.
By the end of this internship, I had finished 6/7 of the deliverables I had created above.
In conclusion, I think my work on the offline signing scheme could have the most impact on the Hyperledger or larger communities. I have constructed an applicable client offline signing scheme using Flutter as the client for the fabric-client-flutter project and Node as the server for the fabric-server-node project.
At last, there are our mentor and mentee’s information for this summer’s Hyperledger Mentorship Program:
Mentor | Organization | |
David (Yuxiang) Liu | david-khala@hotmail.com | MediConCen |
Mentee | University | |
Hengming (5sWind) Zhang | fiveswind@gmail.com | Fudan University |
What I learned or accomplished
As I mentioned in the “What I worked on” section, the six deliverables I completed include:
- Setting up an AWS cloud account
- Creating a virtual machine snapshot for the on-premise desktop
- Preparing mobile devices
- Fixing the integration test failures on macOS and Ubuntu
- Enhancing HSM compatibility
- Offline signing of client
However, there are no such shortcut path as things moved forward. Below are some of the issues I had to overcome:
- Running AWS CloudHSM on EC2 instance: Ubuntu 18 / Windows Server 2019 / Red Hat Enterprise Linux
- Installing SoftHSM on Windows 10 virtual machine snapshot
- Constructing a PKCS#8 standard RSA asymmetric keys that can be used to interact with Hyperledger Fabric network as the user’s local key store
- Constructing a Certificate Signing Request (CSR) using RSA keys on the client side
- Building an interactive model between Hyperledger Fabric and Flutter mobile client
- Refactoring current CryptoKeyStore mixin class to an object-oriented class model
Plus, there are also some of the insights I got and lessons I learned from the Hyperledger community:
- Communicate with others (e.g., project maintainers, mentors)
- Connect and work remotely
- Document ideas, issues, and reports
- Clean code and use state-of-the-art technologies
So, at this time, I would like to share with you some advice regarding working in an open source community:
- Clean code and annotations are necessary: it means when others look at your project, they can quickly understand what your code does.
- Communication is important: it can help to deduplicate works, find solutions, and so on.
For example, in my internship experience, leveraging the second piece of advice, I found out that the community was refactoring the code base that I was working on. Therefore, the duplicated work could be avoided.
What comes next
The ending of the internship journey is not the destination. I have some recommended next steps for the project:
- Advancing and improving the fabric-client-flutter project, such as extend it to support other platforms: Windows, macOS, and even IoT devices for them to use Hyperledger Fabric.
- Refactoring and improving the fabric-server-node project to common Hyperledger Fabric servers that can be serving any request from any Hyperledger Fabric client.
- Continuously contributing to the fabric-sdk-node project.
In the future, I would like to be a long-term contributor to the Hyperledger or the larger open source community.
With this internship experience, I hope I can move forward as a recognized engineer and cryptographic researcher.
For more details, see my project report here.
Sign up for Hyperledger Horizon & /dev/weekly newsletters
By signing up, you acknowledge that your information is subject to The Linux Foundation's Privacy Policy