I’m very curious and I love to meet people from all over the world. I’m fascinated by new technologies, learning what can be done, seeing what has been done and realizing the potential.

Meeting like-minded, open people is the favorite way my team at 4eyes and I satisfy our curiosity. Learning from each other, sharing experiences and discussing problems and questions is the best way to achieve this.

Tangible results are sometimes difficult to see in software frameworks, and perhaps more so within the DLT/Blockchain space. However, they are very important to understanding the technology and its potential. So looking at projects in various stages from prototype to production is immensely helpful for us and, eventually, for our customers and partners.

With that in mind, we were excited to hear that the global Hyperledger community was getting together in Basel, about 15 minutes from our offices! While I already got an in-person impression of the Hyperledger Community at the Hackfest in Amsterdam and in my activities within the Special Interest Groups for the public sector, it was wonderful to have the whole Hyperledger Community as a guest in my hometown.

I’ve been to dozens of blockchain-related events this year with the Hyperledger Global Forum serving as the grand finale. In my opinion, it was by far the best experience as Hyperledger is the most inclusive, down-to-earth and also self-critical blockchain community. I remember Brian Behlendorf reminding people in a working group call of the importance of honest and transparent communication about Hyperledger as it’s crucial for the credibility and future development of Hyperledger. This spirit permeated the whole conference. While we know that Hyperledger has great frameworks and tools for a broad variety of real-life applications, as open-minded professionals we all realize that there is no one-size-fits-all holy grail kind of solution. This mindset leads to very constructive discussions about the different ways of solving a task.

To satisfy my curiosity, I attended a variety of workshops, especially for those Hyperledger frameworks that were still new to me. So, for example, I experienced Indy hands on in John Jordan’s workshop and learned to bring natural language legal contracts into the blockchain using Accord from Dan Selman. As sharing is a essential part of the learning experience, Waleed El Sayed and I talked about our experience developing blockchain-based projects using Fabric and Composer, which led to very interesting discussions with the audience and also during the rest of the conference. Apart from the inspiring keynotes ranging from consensus and application of blockchain in various industries to philosophy of trust, Global Forum was an opportunity to talk to the broad variety of companies showcasing their products and services.

In terms of my developer skills, the time I spent talking to Caroline Church, IBM’s Lead for Blockchain Tooling, was probably the most impactful. At Accenture’s Hack-For-Good hackathon towards the end of the Forum, Caroline showed us the new way of coding chaincode in Fabric 1.4 and, even more important, the Visual Code extension she created that allows for easy testing and debugging of chaincode. This is a huge step forward in terms of developing chaincode in Fabric. Caroline’s tools will immediately help my team and me and will increase 4eyes’ efficiency dramatically.

From my point of view as a consultant, I learned a lot from the presented use cases, such as the very interesting talk from Marco Alarcon and Andrés Falcone about the Short Sales Lending solution they’ve created at the Santiago Stock Exchange. I was also very impressed by David Berger’s very pragmatic solution to facilitating proof of existence for the legal industry.

As I love to spend time with people all over the world, I skipped one or the other presentation in favor for a in-depth conversations ranging from technical to conceptual during the forum and fun to philosophy during the delegates party at the fantastic Pantheon. This way I met amazing people from all over the world: Japan, France, USA, South Korea, Chile, Saudi Arabia, Canada, Switzerland, Russia, China and many more.

My experiences at the Hyperledger Global Forum helped me to assess the possibilities and the maturity of the framework and tools and inspired many new ideas, which in turn will help my team and me to provide better guidance and consultancy for clients and partners.

We are looking forward to the next opportunities to learn and share at upcoming Hyperledger events such as the Hackfest.

The whole 4eyes team and I would love to welcome the Hyperledger family back in Basel in 2019!


Links

• Waleed El Sayed: https://www.linkedin.com/in/waleed-el-sayed-039b62113/
• Markus Stauffiger: https://www.linkedin.com/in/stauffiger/
• Indy workshop: https://hgf18.sched.com/event/G9RS/hands-on-with-verifiable-organizations-network-based-on-hyperledger-indy-stephen-curran-cloudcompass-computing-inc-john-jordan-province-of-british-columbia
  • John Jordan: https://hgf18.sched.com/speaker/john.jordan
• Accord workshop: https://hgf18.sched.com/event/G9QY/hands-on-with-smart-legal-contracts-from-the-accord-project-matt-roberts-dan-selman-clause
  • Dan Selman: https://hgf18.sched.com/speaker/dan972
• Short Lending Platform: https://hgf18.sched.com/event/G8s2/case-study-santiago-stock-exchange-blockchain-lending-repository-how-to-get-a-blockchain-project-in-production-marco-alarcon-andres-araya-bolsa-comercio-santiago
• David Bergers Composer Project: https://hgf18.sched.com/event/G8rt/demo-of-a-real-world-deployed-hyperledger-composerfabric-blockchain-by-the-global-legal-blockchain-consortium-david-berger-integra-inc

The pace of blockchain development and deployment is accelerating. Fortunately, so too is the scale and maturity of the community and technology at the core of Hyperledger Fabric. With an eye towards the growing rollout of production Fabric networks, we are pleased to introduce Fabric v1.4 LTS, our first long term support release.

The Fabric developers have been working with network operators and application developers to deliver v1.4 with a focus on production operations and developer ease of use. Key new production-focused features of Fabric fall into four key buckets:

• Serviceability and Operations: As more Hyperledger Fabric networks get deployed and enter a production state, serviceability and operational aspects are critical. Fabric v1.4 takes a giant leap forward with logging improvements, health checks, and operational metrics. Along with a focus on stability and fixes, Fabric v1.4 is the recommended release for production operations. Future fixes will be delivered on the v1.4.x stream, while new features are being developed in the v2.0 stream.
• Improved programming model for developing applications: Writing decentralized applications has just gotten easier. Programming model improvements in the Node.js SDK and Node.js chaincode makes the development of decentralized applications more intuitive, allowing you to focus on your application logic. The existing npm packages are still available for use, while the new npm packages provide a layer of abstraction to improve developer productivity and ease of use. We have also provided a comprehensive business scenario and tutorial to get you started with the new developer experience.
• Enhanced data privacy: Data and transaction confidentiality has been a key driver for Fabric development since v1.2. With this new release, we have added two new enhancements: 1) peers for organizations that are added to private data collections can now retrieve the private data for prior transactions to which they now are entitled, and 2) automatically enforce access control within chaincode based on the client organization collection membership without having to write specific chaincode logic.
• Hand-on tutorials: Commercially focused training to help developers move up the Fabric learning curve quickly and efficiently to speed adoption and deployment.

Complete details of the new features can be found in the What’s New documentation and release notes.

Hyperledger Fabric’s First Long Term Support Release.

As noted, Hyperledger Fabric v1.4 LTS marks our first long term support release. This is a critically important development for those beginning to deploy Hyperledger Fabric solutions into production and is a reflection of the confidence that the Fabric maintainers have in this latest release.

Our policy to date has been to provide bug fix (patch) releases for our most recent major or minor release until the next major or minor release has been published. We plan to continue this policy for subsequent releases. However, for Hyperledger Fabric v1.4 LTS, the Fabric maintainers are pledging to provide bug fixes for a period of one year from the date of release (Jan 10). This will likely result in a series of patch releases (v1.4.1, v1.4.2, …), where multiple fixes are bundled into a patch release.

If you are running with Hyperledger Fabric v1.4 LTS, you can be assured that you will be able to safely upgrade to any of the subsequent patch releases. In the advent that there is need of some upgrade process to remedy a defect, we will provide that process with the patch release.

If you’d like to join the community or learn more, you can find more information here:

Chat: #Fabric in Hyperledger Chat

Docs: Fabric 1.4 Documentation

Code: Fabric Github

Issues & Roadmap: Fabric JIRA

Website: Hyperledger Fabric Homepage

Thanks for reading about our newest Fabric release. We encourage developers to try these new features out and give us feedback!

We recently hosted a webinar about deploying Hyperledger Fabric on Kubernetes. It was taught by Alejandro (Sasha) Vicente Grabovetsky and Nicola Paoli from AID:Tech.

The webinar contained a detailed, step-by-step instruction showing exactly how to deploy Hyperledger Fabric on Kubernetes. For those who prefer reading to watching, we have prepared a condensed transcript with screenshots that will take you through the process that has been adapted to recent updates in the Helm charts for the Orderers and Peers.

Are you ready? Let’s dive in!

What we will build

• Fabric CA

First, we will deploy a Fabric Certificate Authority (CA) serviced by a PostgreSQL database for managing identities.

• Fabric Orderer

Then, we will deploy an ordering service of several Fabric ordering nodes communicating and establishing consensus over an Apache Kafka cluster. The Fabric Ordering service provides consensus for development (solo) and production (Kafka) networks.

• Fabric Peer

Finally, we will deploy several Peers and connect them with a channel. We will bind them to a CouchDB database.

What you’ll need

You will need 3 things to get started:

1. A running Kubernetes cluster.

You can get a free managed cluster from most cloud providers; many give generous free credits.

1. A domain name for your cluster.

Just get a free or cheap one.

1. The repository prepared for this webinar.

Download it at https://github.com/aidtechnology/lf-k8s-hlf-webinar.

Once you have a cluster, install an Ingress controller. In this case, we use NGINX.

You’ll also install a certificate manager, which will renew the Tiller certificates to access your sub-domains by using a service called Let’s Encrypt.

DEPLOYING HYPERLEDGER FABRIC ON K8S

Let’s get the party started!

The deployment has three key parts:

• Fabric CA

Fabric Certificate Authority registration & enrolls identities

• Fabric Orderer

Fabric Ordering service provides consensus for development (solo) and production (Kafka) networks.

• Fabric Peer

Fabric Peer maintains the blockchain by communicating with the Ordering service.

Let’s go through these one by one.

• Fabric CA

To install Fabric CA, you’ll need to follow these steps:

• Install Fabric CA Helm Chart
• Generate Fabric CA Identity
• Obtain Crypto Material
• Save Crypto Material to K8S
• Generate Genesis and Channel

Let us go through them one by one.

• Install Fabric CA Helm Chart

Let’s install the actual Fabric CA Chart. We can run the command Kubectl get pods to get the actual Pod running the CA. And then, run kubectl logs, to check if the CA server has started running.

helm install stable/hlf-ca -n ca –namespace blockchain -f./helm_values/ca_values.yaml

CA_POD=$(kubectl get pods -n blockchain -l “app=hlfca,release=ca” -ojsonpath=”{.items[0].metadata.name}”)

kubectl logs -n blockchain $CA_POD | grep ‘Listening on’

The values file for the CA is rather more involved.

First, we define the image tag where we use Fabric 1.2. We also implement an Ingress. This is basically a way for you to access the Certificate Authority from outside the Kubernetes cluster. In the webinar, they used a test domain that they owned to enable access to the CA.

We again implement persistence to store the certificates permanently, so we don’t lose them if the POD restarts. We also specify a name for our Certificate Authority, which in this case is CA, and also specify the PostgreSQL dependency, so that our CA chart knows to create the database chart.

Then, we define some configuration, such as the Hyperledger tools version we use, which customizes one of the config maps in the chart. A config map is a Kubernetes abstraction that stores some values that are made available to the POD.

Importantly, we also specify the Certificate Signing request and an affiliation list, which in this case, is empty.

And finally, we again add a Pod affinity. In this case, we make sure that our Fabric CA server gets deployed to the same Kubernetes machine as our PostgreSQL server.

 

• Generate Fabric CA Identity
  

Once our CA is running, we will need to enroll the identity of the Fabric CA itself. For the first command, we use kubectl exec to check if a certificate exists in the Fabric CA membership service provider folder.

If it does not, we will run the Fabric CA client enroll command inside the CA, pointing to the Ingress of the CA. Then, we can run Kubectl get ingress on our own machine to obtain the Ingress connected to the Fabric CA service. So, this will essentially be the domain name that we spoke about.

Once you have that set up, you should be able to use the curl command to get the CA info. Bear in mind that this depends on the Certificate Manager setting up the TLS correctly, so you might need to wait for a little while before this works.

kubectl exec -n blockchain $CA_POD — cat/var/hyperledger/fabric-ca/msp/signcerts/cert.pem

kubectl exec -n blockchain $CA_POD — bash -c ‘fabric-ca-client

enroll -d -uhttp://$CA_ADMIN:$CA_PASSWORD@$SERVICE_DNS:7054′

CA_INGRESS=$(kubectl get ingress -n blockchain -l “app=hlfca,release=ca” -ojsonpath=”{.items[0].spec.rules[0].host}”)

curl https://$CA_INGRESS/cainfo

• Obtain Crypto Material

Now that your CA is installed and set up, you can give the certificate or the CA server to your own machine, by using the Fabric CA Client binary. If you’re using a Mac, you can for example use Homebrew to install it.

Then, you can use Kubectl exec to execute the register command inside the Fabric CA, to register the organization we will use to host the Orderers and the Peers.

Once we have registered the identity, we can use the Fabric CA client again and actually enroll the identity and get our private key and our certificate. We’ll copy the certificate from signcerts also into the admincerts folder, since this identity is the admin.

FABRIC_CA_CLIENT_HOME=./config fabric-ca-client getcacert -uhttp://$CA_INGRESS -M ./AidTechMSP

kubectl exec -n blockchain $CA_POD — fabric-ca-client register –id.name org-admin –id.secret OrgAdm1nPW –id.attrs ‘admin=true:ecert’

FABRIC_CA_CLIENT_HOME=./config fabric-ca-client enroll -uhttp://org-admin:OrgAdm1nPW@$CA_INGRESS -M ./AidTechMSP

mkdir -p ./config/AidTechMSP/admincerts

cp ./config/AidTechMSP/signcerts/* ./config/AidTechMSP/admincerts

• Save Crypto Material to K8S

Notice that when speaking with configure CA, we need to specify the lets encrypt authority’s certificate for the TLS connection, because the Fabric CA client will check that the certificate corresponds to the one it sees when connecting to the CA server. So, since our apps will use the certificate and the key, we need to use a kubectl create secret generic to add this file to the Kubernetes service as secret:

ORG_CERT=$(ls ./config/AidTechMSP/admincerts/cert.pem)

kubectl create secret generic -n blockchain hlf–org-admincert–from-file=cert.pem=$ORG_CERT

ORG_KEY=$(ls ./config/AidTechMSP/keystore/*_sk)

kubectl create secret generic -n blockchain hlf–org-adminkey–from-file=key.pem=$ORG_KEY

CA_CERT =$(ls ./config/AidTechMSP/cacert/*.pem)

kubectl create secret generic -n blockchain hlf–ca-cert–from-file=cert.pem=$CA_CERT

• Generate Genesis and Channel

Now we can run the config X Gen2. We use it twice, in the two profiles we defined to produce a genesis block for the orderers and the chain of transactions for the peers. So we have these two Kubernetes secrets to store them on our cluster. These secrets will act like the config maps that we defined before: they will act as obstructions that will hold values. But they will encrypt them at the same time and hold them in a secure manner.

cd ./config

configtxgen -profile OrdererGenesis -outputBlock ./genesis.block

configtxgen -profile MyChannel -channelID mychannel -outputCreateChannelTx ./mychannel.tx

kubectl create secret generic -n blockchain hlf–genesis –fromfile=genesis.block

kubectl create secret generic -n blockchain hlf–channel –fromfile=mychannel.tx

• Fabric Orderer

Now that we have a functioning Fabric CA, we can get to the Orderer. We will need to follow three steps to get this running.

• Install Kafka Helm Chart
• Setup Orderer Identity
• Save Orderer crypto-material to Kubernetes
• Install Fabric Orderer Helm Chart

Let’s go through them one by one:

• Install Kafka Helm Chart

First, we need to install the Kafka cluster itself, which is made easy with an incubator chart available:

helm install incubator/kafka -n kafka-hlf –namespace blockchain -f ./helm_values/kafkahlf_values.yaml

Note that you need some very specific configuration to make this work correctly.

First, we need to ensure we have at least four replicas of Kafka, in order to make it properly crash-tolerant. This means that your Kubernetes cluster must be composed of at least four machines. We also specify, again, the image and the tag that we want to use. In this case, we use the confluentinc.cv.kafka image and the tag 4.112. And we also add role-based access control to our Kubernetes cluster.

Again, we have anti-affinities to make sure that the Kafka pods actually end up on different Kubernetes machines, because otherwise, several of your Kafka pods could end up on one machine, and then one single machine crashing could actually get your network down.

And here is the most important part. The configuration overrides section contains several options that are necessary to work with Fabric. All these options are necessary but the most important one is the last one, called log.retention.ms which specifies that we never want to forget a record, because by default, Kafka will forget records after typically around two weeks. This is a common mistake.

 

• Set up Orderer Identity

Now, we can set up the Orderer Identity. We first use kubectl exec to connect to the fabric-ca and register the identity of the order with a CA. We then enroll the Orderer and obtain the cryptographic materials, which will identify the orderer. In this case, we specify a dummy password “ord${NUM}_pw”, but in a real deployment you should use a complex (e.g. alphanumeric of length at least 12) string instead.

Here we work with the first orderer, if you want to install the second one, just change the initial export to set the NUM to 2.

export NUM=1

kubectl exec $CA_POD -n blockchain  — fabric-ca-client register –id.name ord${NUM} –id.secret ord${NUM}_pw –id.type orderer

FABRIC_CA_CLIENT_HOME=./config fabric-ca-client enroll -d -u https://ord${NUM}:ord${NUM}_pw@$CA_INGRESS -M ord${NUM}_MSP

• Save Orderer crypto-material to Kubernetes

Having created the crypto-material for the Orderer, we can save it to Kubernetes, so that we can utilise it when we launch the appropriate Helm chart. Below we show how to save the certificate and key of the Orderer.

NODE_CERT=$(ls ./config/ord_${NUM}_MSP/signcerts/*.pem)

kubectl create secret generic -n blockchain hlf–ord${NUM}-idcert –from-file=cert.pem=$NODE_CERT

NODE_KEY=$(ls ./config/ord_${NUM}_MSP/keystore/*_sk)

kubectl create secret generic -n blockchain hlf–ord${NUM}-idkey –from-file=key.pem=$NODE_KEY

• Install Fabric Orderer Helm Chart

Now we can install the actual orderers and check that they have been correctly initialised.helm install stable/hlf-ord -n ord${NUM} –namespace blockchain -f./helm_values/ord${NUM}_values.yaml

ORD_POD=$(kubectl get pods -n blockchain -l “app=hlf-ord,release=ord${NUM}” -o jsonpath=”{.items[0].metadata.name}”)

kubectl logs -n blockchain $ORD_POD | grep ‘completeInitialization’

We also specified the consensus type, Kafka, and the ID of the organization membership service provider (in our case, it’s AidTechMSP). Finally, we specify a set of secrets that we will need to correctly connect to the Certificate of Authority, such as the caServerTls secret, the genesis block secret which in this case is called hlf–genesis, and the admin certificate for the organization.

We can then get the orderer Pod using kubectrl get pods and check that the order has started by running kubectl logs and filtering for the string completeInitialization. And that’s it, you have a basic ordering service, using Kafka.

 

• Fabric Peer

It is finally time to install Fabric Peer, which maintains the blockchain ledger. It involves several steps, most of which should look familiar by now:

• Install CouchDB Helm Chart
• Set up Peer Identity
• Save Peer crypto-material to Kubernetes
• Install Fabric Peer Helm Chart
• Create Channel
• Fetch and Join Channel

Let us go through them one by one.

• Install CouchDB Helm Chart

The first step is to install the CouchDB database. It is similar to installing the PostgreSQL chart. Once you’ve deployed it, use the Kubernetes logs to check if it is running.

The values file in this case is really simple. It specifies the version of the Hyperledger carsDB, which in this case is 0.4.10. We also again specify a persistence, so that the couchDB database holds the data and an anti-affinity so that couchDB pods are deployed on different Kubernetes machines.

• Set up Peer Identity

To set up the peer identity we get the CA_PASSWORD, which again is a one-time password generated automatically by the chart, and we register the peer with the certificate authority just like we did with the orderer, we just specify a different ID type, in this case we specify a peer. Again, the peer will periodically try to enroll with the CA until it succeeds. Once it does you will see the strings start to appear in the logs.

kubectl exec $CA_POD -n blockchain  — fabric-ca-client register –id.name peer${NUM} –id.secret peer${NUM}_pw –id.type peer

FABRIC_CA_CLIENT_HOME=./config fabric-ca-client enroll -d -u https://peer${NUM}:peer${NUM}_pw@$CA_INGRESS -M peer${NUM}_MSP

• Save Peer crypto-material to Kubernetes

Just as with the Orderer, we save the crypto-material for the Pee to Kubernetes. Again, we save the certificate and key of the Peer.

NODE_CERT=$(ls ./config/peer_${NUM}_MSP/signcerts/*.pem)

kubectl create secret generic -n blockchain hlf–peer${NUM}-idcert –from-file=cert.pem=$NODE_CERT

NODE_KEY=$(ls ./config/peer_${NUM}_MSP/keystore/*_sk)

kubectl create secret generic -n blockchain hlf–peer${NUM}-idkey –from-file=key.pem=$NODE_KEY

• Install Fabric Peer Helm Chart

Now let’s install the Fabric Peer Helm Chart.

helm install stable/hlf-peer -n peer${NUM} –namespace blockchain -f ./helm_values/peer${NUM}_values.yaml

PEER_POD=$(kubectl get pods -n blockchain -l “app=hlf-peer,release=peer${NUM}” -o jsonpath=”{.items[0].metadata.name}”)

kubectl logs -n blockchain $PEER_POD | grep ‘Starting peer

The values file looks very similar to the orderer values, since it mentions the ‘fabric-ca’ address and the peer username on the certificate authority. It also specifies that we are using CouchDB and the name of the CouchDB Helm deployment. Again, we note the secrets that we need such as the ca-TLS secret which we need to communicate securely, the channel secret specifying the channel transaction that will allow the peer to create and join channels, and the organization admin certificate key which is also necessary to join the channel to ask permission to network.

 

• Create Channel

Once the first peer has been created, you can create the channel. For this, you will need to specify the address of the orderer, the name of the channel, and the location of the channeled transaction.

kubectl exec -n blockchain $PEER_POD — peer channel create -o ord1-hlford.

blockchain.svc.cluster.local:7050 -c mychannel -f/hl_config/channel/mychannel.tx

• Fetch and Join Channel

Once the channel is created, you will need to fetch it and join it on every peer that you create. You can do this by running the peer channel fetch config command inside the Peer. And then run the peer channel join inside each peer container as well. Once all of that is done, you can run peer channel list to check that the peer has indeed joined the channel.

kubectl exec -n blockchain $PEER_POD — peer channel fetch

config /var/hyperledger/mychannel.block -c mychannel -o ord1-hlford.blockchain.svc.cluster.local:7050

kubectl exec -n blockchain $PEER_POD — bash -c

‘CORE_PEER_MSPCONFIGPATH=$ADMIN_MSP_PATH

peer channel join -b /var/hyperledger/mychannel.block‘

kubectl exec -n blockchain $PEER_POD — peer channel list

And that’s it! If you followed along with all the steps, you should have successfully deployed Hyperledger Fabric on Kubernetes!

Watch the replay of the webinar here, or download slides and other resources on the same page. You can also head straight to the Github repository set up for the webinar.

 

Guest post: Swetha Repakula of IBM 

At this point, there are few that haven’t heard the word blockchain. Despite all the buzz and hype around the technology, the learning curve is steep. When we meet people new to the technology, we like to break down blockchain into four main parts:

1. The ledger technology: How is the data stored? Data could be many things such as the transaction log, or just the current state of the world. Each node could use its own database, and the database need not be the same across all the nodes in the network.
2. The consensus mechanism: How are all the participants coming to agreement about the block ordering and current state?
3. Membership Services: How is identity managed and who is allowed into the network?
4. Smart Contract Runtime or Application: What smart contracts can I deploy or what kind of application is this?

We believe most blockchain technologies can be separated into four parts and that developers/consumers should have the ability to choose at each of those levels. Take Hyperledger Fabric for example:

1. The Ledger Technology: The actual blockchain, or transaction log, is stored in the file system of the peer using merkle hashes while the current state of the world is stored separately in a database for quick lookup.
2. The Consensus Mechanism: The combined effect of the endorsement model and the ordering service achieve consensus in the network.
3. Membership Services: Fabric has the concept of Membership Service Providers (MSP) which manages the concept of identity by issuing certificates,  validating them and authenticating users. The MSP is a core part of permissioning in Fabric.
4. Smart Contract Runtime: Fabric mainly supports smart contracts that are written in Go or Node.js.

In the spirit of expanding choices, Hyperledger Fabric now supports Ethereum Virtual Machine (EVM) bytecode smart contracts. Contracts can now be written in languages such as Solidity or Vyper. Along with introducing a new smart contract runtime, Fabric also has a corresponding web3 provider which can be used to develop decentralized applications (DApps) using web3.js. This new feature comes as part of the 1.3 release and is motivated with the goal to enable developers to be able to migrate or create DApps for a permissioned platform.

Smart Contract Runtimes

Before diving into the details of the EVM integration, let’s expand on the concept of a smart contract runtime. In general the runtime refers to what are the languages that are supported by a specific platform. But there are many other considerations that should be weighed in. Due to the nature of blockchain, these runtimes have to be evaluated in a distributed nature. Since many nodes, if not all of them, have to run and store these contracts, the network has to be mindful of the runtimes being supported. Languages affect how computationally intensive an arbitrary contract can be as well as the deterministic nature of them. Though neither is necessarily a limitation, they can place an unfair burden on the contract developer. Another important factor is what languages the contract developers themselves are experienced in. With the emergence of blockchain, there has been an increase in developers that do not have technical backgrounds, so picking up new languages is not always a practical solution. The implications of smart contract runtimes make choosing a blockchain network even more difficult. Through the introduction of an EVM, we hope to make sure that Solidity smart contracts and permissioned networks are not mutually exclusive.

Implementation

As part of integrating an EVM, we wanted to recreate some of the developer experience of Ethereum. Therefore the integration can be broken into two key pieces, an EVM user chaincode, and a web3 provider Fab3.

User Chaincode

The EVM user chaincode is a wrapper around the Hyperledger Burrow EVM. We have also added functionality to enable queries about accounts and contract code. Below are a couple of the key design decisions made as part of the integration.

Accounts

Ethereum has two types of accounts, a Externally Owned Account (EOA) and Contract accounts. EOAs essentially are an address that is generated from a user’s public key and a balance of ether. As part of this work, Fabric was not introducing ether or any other tokens so EOAs are not explicitly stored. However a user account address is generated on the fly from a user’s public key.

Contract accounts contain the runtime EVM bytecode for a contract. Following Ethereum, the EVM chaincode will be storing these types of accounts on the chain. Smart contract deployment through the EVM will not need a manual step of installing a smart contract like in the Fabric workflow.

Gas

Every instruction in the EVM requires a certain amount of gas. For every transaction that is run through the EVM, enough gas must be provided to ensure completion. This makes sure “miners” don’t risk DoS caused by infinite loop, and waste computational resources Essentially if enough gas is not provided for a certain transaction, it will exit before finishing. In its current iteration, the EVM chaincode provides a large hardcoded amount of gas per transaction.

Fab3

Another key piece we adopted from the Ethereum ecosystem is the Ethereum JSON RPC API. The API defines a systematic way clients can interact with the Ethereum network. However, due to the differences of Ethereum and Fabric, Fab3 does not completely implement the API. It does support enough instructions to allow for DApps written using the web3.js library.

Try out the new feature by following this tutorial.

Future Plans

Our next goals include enabling smart contract events, and expanding the Fab3 support so that clients such as Remix and Truffle can be used to interact with Fabric. We are also looking for other aspects of the Ethereum ecosystem that can be adopted. This new feature is also a topic of one of the workshops at Hyperledger Global Forum in Basel, Switzerland this December. Come join us and bring your EVM smart contracts and DApps to play with.

We encourage developers to try the feature out and give us feedback! To get started with using Hyperledger Fabric and EVM, you can download the 1.3 code today: https://www.hyperledger.org/projects/fabric