Hyperledger Besu

Announcing Hyperledger Besu v1.4 – Available Now

By Blog, Hyperledger Besu

Learn about the improved enterprise functionality and performance in the latest release of Hyperledger’s first and only public chain-compatible Ethereum client.

Evolution of Hyperledger Besu

Hyperledger Besu was contributed to the Hyperledger organization in August of 2019 as the sole Ethereum blockchain client. Since then several notable improvements have been made that have continued to bridge the gap between permissioned and public chains.

The v1.3 release of Besu released in October 2019 included state pruning, allowing organizations to save money on storage costs by reducing storage size in a node. It also offers relational database support allowing customers with local storage requirements to choose from a selection of DB storage options through transaction manager, Orion. Besu v1.3 was also upgraded to be compatible with the “Istanbul Hard Fork Upgrade,” which took place earlier this year.

The Besu team is pleased to announce the next major release, Hyperledger Besu v1.4, which launched  February 26, 2020, and includes a number of much-anticipated features focusing on performance and enterprise-driven functionality such as:

  • Plugin APIs
  • New tracing APIs
  • Multi-Tenancy
  • Advanced Key Management
  • End-to-End TLS support for incoming and outgoing RPC endpoints

Click here to download Hyperledger Besu 1.4.

Key Features in 1.4

Plugin APIs 

Hyperledger Besu v1.4 also exposes a plugin API, allowing anyone to write custom plugins for Besu and enabling users to take data from any Besu network, public or permissioned, and feed it into the rest of their applications and systems easily. The API exposes data about the following components:

  • Blocks
  • Balances
  • Transactions
  • Smart Contracts
  • Execution Results
  • Logs 
  • Syncing State

In the future, along with more data being exposed via the API, users can expect Besu to compartmentalize key supporting services, eventually allowing them to be swapped via a plugin.

New tracing APIs

As part of its 1.4 release, Besu will now support a new tracing API: trace_replayBlockTransaction. The addition of this API is a step towards Besu being fully compatible with all Ethereum clients on the network. For example, it enables the use of Parity-style traces, which are a more concise alternative to the current debug_* APIs in Besu.

Specifically, the vmTrace option provides an operation-by-operation trace of EVM execution, the stateDiff option highlights the differences in account and storage state before and after the transaction and the trace option details every type and result of calls to account and contracts.

More Parity-style traces will soon be added to Besu as well. The two next ones scheduled are trace_block and trace_transaction. 

Multi-Tenancy – Secure Private Transactions in a shared environment 

Hyperledger Besu v1.4 will be able to run in a “Multi-tenant environment,” allowing a number of users to use the same Ethereum node to connect to the network. The Hyperledger Besu multi-tenancy support enables a much wider user base to make use of the blockchain technology, reducing the barriers to entry associated with learning, upskilling, and additional costs associated with deploying  blockchain.

Support for authenticated API access will also be given, allowing hosts custom control on who to grant access to, depending on the user’s  need. This coupled with Orion, the open-sourced, Apache 2.0 licensed private transaction manager, enables private transactions to take place all while ensuring only the correct recipient can access the data. Through the use of JWT tokens, a user identity is tied to a privacy identity, validating every API call to ensure the user is part of the privacy group before any data is revealed.

Advanced Key Management

The release of Hyperledger Besu v1.4 also includes additional key management functionality through EthSigner. By design, Hyperledger Besu does not allow keys to be stored in the client or node. You have to use an external key manager. In this release, multi-Key support has been added. This support allows for a number of private keys to be securely stored in vaults accessible only when needed to be used for signing a transaction.

This advanced option adds the capability to select the correct key based on the details of transactions, regardless of where those keys are stored, allowing for rotation of keys and further security. 

End-to-end encryption with TLS 

While blockchain delivers significant security benefits, encryption is still critical across the transaction lifecycle. Hyperledger Besu v1.4 will offer end to-end encryption with TLS, meaning all communication from the generation of the private transaction to its signature using private keys stored in secure vaults (e.g., Hashicorp Keyvault), transmission through private transaction managers, and arriving at another node is encrypted. 

What’s Next 

The next quarterly release, v1.5, is scheduled for mid 2020 and will include our most ambitious features to date. In the meantime, Hyperledger Besu is happy to sit at the intersection of the Hyperledger and Ethereum communities and continue to grow its contributor network.  

Those looking to interact one-on-one with Besu developers and contributors can join the conversation on Rocketchat at #besu, or join our regular contributor calls.

Interested in learning more, or curious on how to get started with Besu? Check out the Besu docs, view the tutorials, visit the wiki, or take a look at some open issues in JIRA

For those attending Hyperledger Global Forum, several project maintainers and contributors will also be present and speaking at the event and would love to chat with you. 

This blog was written by PegaSys Digital Marketing Specialist, Gina Rubino, with contributions from PegaSys Product Managers Tim Beiko and Arash Mahboubi

How Hyperledger Besu Will Help Solve the Pharmaceutical Waste Problem in the U.S.

By Blog, Healthcare, Hyperledger Besu

The problem of surplus medication is getting increasingly serious. Each year, tons of prescription drugs remain unused in clinics, assisted living facilities, and at individual patients’ homes. Often, the law demands that any unused medications be destroyed, which results in a whole complex set of problems. 

On the one hand, about $2 billion worth of prescription drugs are wasted every year. On the other hand, one in every three Americans cannot afford their prescribed medications due to the high cost or absence of medical insurance. At the same time, there is no unified procedure for using surplus medications and making them available to those who need it. 

Another issue to consider in this context is the cost of unused drug disposal, which can be around $1.25 per pound. The rules require that unused drugs be disposed of through incineration that creates additional environmental concerns. 

The obvious solution to this complex problem is establishing a mechanism for returning the unused medications and offering them to patients who need them. In fact, the drug donation and reuse programs have been researched for more than twenty years, but only 38 states have passed laws on drug reuse as of now. 

At the same time, the implementation of these laws gives hope that the multi-faceted problem of surplus drugs can be resolved. However, to achieve true effectiveness and prevent misuse, such programs need to take into account many practical aspects: 

– Control over the donated drugs’ quality and expiration. Of course, to be accepted, drugs must be unexpired and their packaging must be intact. 

– Motivation for pharmacies to act as drug acceptance facilities. Participation in the drug donation program has its costs, which pharmacies are not too eager to bear. 

– Motivation for clinics and patients to donate unused drugs. The law prohibits selling medications, thus, their owners should be motivated in a different way. 

– Data security. Medication-related data is highly sensitive and needs special protection from unauthorized access. 

How technology can help 

Our experience with blockchain and distributed applications proves that these technologies can become the core of an effective and secure platform for unused drug donation and redistribution. It resolves the problems of data security and traceability and can help to automate a number of processes. 

Together with the Save Pharmaceutical project, Adoriasoft is now building a blockchain-based platform to join drug donors (clinics, assisted living facilities, individual persons), drug repositories (pharmacies), and patients. The solution will be a multi-functional product allowing donors to donate the medications they do not need, and pharmacies to approve or reject the donations and, ultimately, to provide them to patients. 

We are using Hyperledger Besu as the base technology for this project. By choosing Hyperledger Besu, we plan to leverage the benefits of the protocol to enable transaction processing. Furthermore, we see Hyperledger Besu as a platform for building a permissioned enterprise-scale network to serve the drug repository system. 

In view of the high sensitivity of healthcare data that is going to be exchanged in the network, the transactions will be processed via smart contracts executed on Hyperledger Besu. Only the parties directly involved in the transaction will have access to its details. 

At the same time, blockchain provides the means of controlling the entire transaction flow from the drug donation by the owner to its final assignment to the patient. The platform will include a mechanism of monitoring the pharmacy income from reselling the donated drugs and distributing it among the other participants. 

Since the law explicitly prohibits donors from demanding payment for the drugs they donate, there should be other methods of motivating them to participate in the program. The state laws establish a tax deduction for drug donation, but our product can include an additional compensation in the form of a tradable digital token. 

The tokens issued on the blockchain can be used towards a discount on the platform or exchanged for other assets. The same tokens can be issued to pharmacies, too, to attract them to the program. 

Blockchain-based drug repository networks are going to be a true quantum leap in the healthcare industry, on the one hand, bringing significant cost savings, and, on the other hand, making medications accessible to patients who were otherwise unable to purchase them. We are proud to be a part of a project of such a social impact and to make the knowledge accumulated by the Hyperledger community serve this noble cause.

Best Practices and Lessons Learned from Hyperledger Besu Establishing a Maintainer Process

By Blog, Hyperledger Besu

As an open source project, the Hyperledger Besu team is continuing to focus on building our community. One reason we submitted Hyperledger Besu to Hyperledger was to improve the project’s open source governance using Hyperledger’s best practices and recommendations. The Linux Foundation and Hyperledger have been leaders in establishing open source governance processes for years. Hyperledger uses best practices across its projects, including open communication, tool consistencies, and cross-project technical leadership. The Hyperledger Besu team wanted to take these open source governance learnings a step further to create a process for managing its maintainers. 

Why Maintainer Governance is Important

Maintainers of open source projects are the leaders and direction-setters for the projects. They are oftentimes the ones contributing the most code to the project, talking to the community on chat channels, and dedicating time to other community activities, such as working groups or writing documentation. We wanted our process around maintainer governance to reflect the significance of the role within the project. The Besu team researched how other projects and open source foundations performed the maintainer governance. 

We found the following examples from other organizations to help inform our decision:

The Apache Foundation: The Apache Foundation has Project Management Committee (PMC) Members, which is their alternative for maintainers. PMC Members are elected due to their commitment to the codebase. The PMC has control over the codebase and are the ones who vote on major releases.  

OpenJDK: OpenJDK has a more formal process for adding maintainers, including taking formal nominations for the new maintainer. They hold a one-week nomination period, select a candidate amongst the nominees, and then use a Lazy Consensus vote to vote on the nominee.

Other Hyperledger projects: Currently the Hyperledger projects have different approaches for managing their maintainers. Hyperledger Fabric requires a majority vote of maintainers to add a new maintainer, for example. Hyperledger Indy encourages maintainers to be highly collaborative with other contributors and maintainers.

The Besu Team’s Decision

The Besu team investigated these proven practices with the aim of determining the best option for managing the project’s maintainers. We wanted the process for adding and maintaining maintainers to be as objective and transparent as possible. With this in mind, the team decided to model its maintainer process most closely after the OpenJDK foundation with some additions. 

A few key tenants of Besu’s management maintainers include:

  • A proposed maintainer must have 5 significant changes committed to the codebase
  • A proposed maintainer must be sponsored by a current maintainer
  • A proposed maintainer can be vetoed by a current maintainer but a public explanation is required when such vote occurs. 
  • There is a two week window for voting on a proposed maintainer. Voting can end early if an absolute majority is reached. 
  • A current maintainer can also be removed if warranted. The Hyperledger Code of Conduct can be found here.

These requirements help provide clear and direct expectations for the community on how to become a maintainer. We wanted members of the community to know exactly the steps required if becoming a maintainer interested them. We also tried to make the process be conducted in an open and community-friendly manner. It is important to us to make our project approachable with anyone feeling welcome and encouraged to try it out.

Contribute to Hyperledger Besu Now!

It is easy to begin your journey using and contributing to Hyperledger Besu. Check out these resources to help you get started:

Announcing Hyperledger Besu

By Blog, Hyperledger Besu

Today we are excited to announce Hyperledger Besu as the latest project to join Hyperledger. Hyperledger Besu, a Java-based Ethereum client formerly known as Pantheon, is the first blockchain project submitted to Hyperledger that can operate on a public blockchain. Besu represents the growing interest of enterprises to build both permissioned and public network use cases for their applications. 

The project’s design and architecture decisions have been aimed at clean interfaces and modularity, with the goal of making Hyperledger Besu a platform for open development and deployment. Besu is designed to be as modular as possible, with a separation of concerns between consensus algorithms and other key blockchain features, making these components easy to upgrade or implement. By creating clean interfaces between elements within the client (e.g., networking, storage, EVM, etc.), we believe enterprises will have a much easier time configuring Ethereum to meet their needs while also creating opportunities for other Hyperledger projects to integrate and use elements of Besu’s codebase.

What is Hyperledger Besu?

Hyperledger Besu is an open source Ethereum client developed under the Apache 2.0 license and written in Java. It can be run on the Ethereum public network or on private permissioned networks, as well as test networks such as Rinkeby, Ropsten, and Görli. Hyperledger Besu includes several consensus algorithms including PoW, PoA, and IBFT, and has comprehensive permissioning schemes designed specifically for uses in a consortium environment.

What is an “Ethereum Client”?

Hyperledger Besu is one of several Ethereum clients. An Ethereum client is the software that implements the Ethereum protocol. Ethereum clients contain: 

  • An execution environment for processing transactions in the Ethereum blockchain
  • Storage for persisting data related to transaction execution
  • Peer-to-peer (P2P) networking for communicating with the other Ethereum nodes on the network to synchronize state
  • APIs for application developers to interact with the blockchain 

What are Hyperledger Besu’s Features?

Hyperledger Besu implements the Enterprise Ethereum Alliance (EEA) specification. The EEA specification was established to create common interfaces amongst the various open and closed source projects within Ethereum, to ensure users do not have vendor lock-in, and to create standard interfaces for teams building applications. Besu implements enterprise features in alignment with the EEA client specification. 

Hyperledger Besu’s features include: 

  • The Ethereum Virtual Machine (EVM): The EVM is the Turing complete virtual machine that allows the deployment and execution of smart contracts via transactions within an Ethereum blockchain.
  • Consensus Algorithms: Hyperledger Besu implements various consensus algorithms which are involved in transaction validation, block validation, and block production (i.e., mining in Proof of Work). They include:
    • Proof of Authority: Hyperledger Besu implements several Proof of Authority protocols. Proof of Authority consensus protocols are used when participants are known to each other and there is a level of trust between them––in a permissioned consortium network, for example.
      • IBFT 2.0: In IBFT 2.0 networks, transactions and blocks are validated by approved accounts, known as validators. Validators take turns creating the next block. Existing validators propose and vote to add or remove validators. IBFT 2.0 has immediate finality. When using IBFT 2.0, there are no forks and all valid blocks are included in the main chain.
      • Clique: Clique is more fault-tolerant than IBFT 2.0. Clique tolerates up to half of the validators failing. IBFT 2.0 networks require greater than or equal to ⅔ of validators to be operating to create blocks. Clique does not have immediate finality. Implementations using Clique must be aware of forks and chain reorganizations occurring.
    • Proof of Work (Ethash): Proof of Work is used for mining activities on mainnet Ethereum.
  • Storage: Hyperledger Besu uses a RocksDB key-value database to persist chain data locally.  This data is divided into a few sub-categories:
    • Blockchain: Blockchain data is composed of block headers that form the “chain” of data that is used to cryptographically verify blockchain state; block bodies that contain the list of ordered transactions included in each block; and transaction receipts that contain metadata related to transaction execution including transaction logs. 
    • World State: Every block header references a world state via a stateRoot hash.  The world state is a mapping from addresses to accounts. Externally owned accounts contain an ether balance, while smart contract accounts additionally contain executable code and storage.
  • P2P networking: Hyperledger Besu implements Ethereum’s devp2p network protocols for inter-client communication and an additional sub-protocol for IBFT2:
    • Discovery: A UDP-based protocol for finding peers on the network
    • RLPx: A TCP-based protocol for communication between peers via various “sub-protocols”:
      • ETH Sub-protocol (Ethereum Wire Protocol): Used to synchronize blockchain state across the network and propagate new transactions.
      • IBF Sub-protocol: Used by IBFT2 consensus protocol to facilitate consensus decisions.
  • User-facing APIs: Hyperledger Besu provides mainnet Ethereum and EEA JSON-RPC APIs over HTTP and WebSocket protocols as well as a GraphQL API.  
    • JSON-RPC
      • HTTP JSON-RPC Service
      • WebSocket JSON-RPC Service
    • GraphQL
  • Monitoring: Hyperledger Besu allows you to monitor node and network performance.
    • Node performance is monitored using Prometheus or the debug_metrics JSON-RPC API method. 
    • Network Performance is monitored with Alethio tools such as Block Explorer and EthStats Network Monitor.
  • Privacy: Privacy in Hyperledger Besu refers to the ability to keep transactions private between the involved parties. Other parties cannot access the transaction content, sending party, or list of participating parties. Besu uses a Private Transaction Manager to implement privacy. 
  • Permissioning: A permissioned network allows only specified nodes and accounts to participate by enabling node permissioning and/or account permissioning on the network.

What does Hyperledger Besu support?

Hyperledger Besu includes a command line interface as well as HTTP- and WebSocket-based APIs for running, maintaining, and monitoring nodes in an Ethereum network. 

The Besu client’s APIs supports typical Ethereum functionalities such as smart contract and dapp development, deployment, and operational use cases. Tools such as Truffle, Remix, and web3j enable these activities. The client implements standard JSON-RPC APIs, making integration with ecosystem tooling simple. The client also supports creating private, permissioned consortium networks.

Hyperledger Besu doesn’t support key management within the client due to security concerns. Instead, you can use EthSigner or any Ethereum-compatible wallet for managing private keys. EthSigner provides access to your key store and signs transactions via tools like Hashicorp Vault and Microsoft Azure.

Smart-contract- and local-configuration-based node and account permissioning are available within Besu. Private transactions are available using zero-knowledge methods in the client (including usage of the Aztec protocol). An off-chain approach requires using Orion, an open source private transaction manager separately developed by PegaSys.

At a high level, the architecture for Hyperledger Besu looks like: 

Who is involved in Hyperledger Besu?

PegaSys, the protocol engineering team at ConsenSys, has been the primary contributor and maintainer of the codebase at the core of Hyperledger Besu since its launch in November 2018 as Pantheon. They built this Ethereum client with the goal of lowering barriers to entry for enterprises and maintaining and scaling mainnet. They have developed an active community using and building on the codebase. In addition, there are multiple applications building on top of Besu and consortiums using Besu in production. The PegaSys team is excited to work with the Hyperledger community to continue to strengthen Hyperledger Besu as a platform.

About the Authors

Rob Dawson is Product Lead at PegaSys. Rob has a highly technical background as an IT Developer and Leader with experience in a wide range of technologies including thin and thick clients, agile and heavy methodologies, security and protocols. He also has extensive experience in enterprise software and has led the product development of Hyperledger Besu.

Meredith Baxter is a Blockchain Protocol Engineer at PegaSys. Meredith has 8+ years software engineering experience working in distributed systems and full stack application development. She has worked on Hyperledger Besu since late 2017 when she joined as a member of the project’s founding development team.