Category

Hyperledger Indy

Hyperledger Community, Deployment and Development Momentum Continues

By | Announcements, Hyperledger Indy, Hyperledger Iroha

Adds 10 More Members, Powers Half of the Blockchain 50, Hits Production Milestones for Hyperledger Indy and Hyperledger Iroha

SAN FRANCISCO (May 9, 2019) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced 10 more organizations have joined its growing global community. These new members join just as the Hyperledger portfolio of production-ready projects doubles and Forbes documents the scope of Hyperledger deployments in leading global businesses.

Hyperledger is a multi-venture, multi-stakeholder effort hosted at the Linux Foundation that includes various enterprise blockchain and distributed ledger technologies. According to the recent Forbes Blockchain 50 list, over half of the biggest companies deploying blockchain are doing so on a Hyperledger platform. And now two more projects, Hyperledger Indy and Hyperleger Iroha, have hit development milestones that make them production ready.

“As the Forbes 50 shows, blockchain technologies and, specifically Hyperledger projects, are now having real-world impact,” said Brian Behlendorf, Executive Director, Hyperledger. “With four production-ready frameworks and 270 members working to develop and deploy Hyperledger technologies around the world, the rate of adoption and the rise of production systems will only accelerate. Our newest members will further fuel this growing community, deployment and development momentum.”

Hyperledger allows organizations to create solid, industry-specific applications, platforms and hardware systems to support their individual business transactions by offering enterprise-grade, open source distributed ledger frameworks and code bases. The latest general members to join the community are Consensus Datatrust Technology Co., Ltd., FRST Corp., Fusion Tech+, Hedera Hashgraph LLC, INBLOCK Ltd,  RealMarket and Xilinx, Inc.

Hyperledger supports an open community that values contributions and participation from various entities. As such, pre-approved non-profits, open source projects and government entities can join Hyperledger at no cost as associate members. Associate members joining this month include Arizona State University, Portland State University and University College London.

New member quotes:

Consensus Datatrust Technology Co., Ltd

“It is a great honor to join and be a member of Hyperledger,” said Maolu Wang, Chairman, Consensus Datatrust. “As a revolutionary new technology, blockchain has shown great potential in the field of B terminal. We understand that the solution of digital letter integrates blockchain and big data. We believe that blockchain technology can be used as a link for multi-party data sharing to solve previous business problems by technical means. As a member of Hyperledger, we will provide strong technology promotion and product promotion support, and we look forward to making continuous contributions to the community.”

FRST Corp

“The open source dev ecosystem has a tradition of testing assumptions, trying new things, and building important, evolving codebases. FRST is excited to join the Hyperledger community, and we believe participation will advance our work as a data-driven, blockchain-native enterprise analytics company,” said Karl T. Muth, CEO of FRST. “We can’t wait to share our questions and ideas with this community.”

Fusion Tech+

“We are very happy to join Hyperledger and look forward to collaborating with the community to provide innovative solutions for our partners and customers,” said Yang Lu, CTO of Fusion Tech+. “Fusion Tech+ is a smart technology company under Fusion Group. Relying on the strong strategic layout of the IoT, Fusion Tech+ puts forward the concept of Tech+ for enabling innovation and an integrated service platform called ‘Fusionfintrade,’ which deeply integrates technology, finance and scenarios to create a mutual enabling ecosystem. Our platform supports many scenarios and, as we develop it, we will also be actively contributing to the Hyperledger ecosystem and working with the other members to promote the development of technology and industry.”

Hedera Hashgraph

“We are excited to join the Hyperledger community, which comprises some of the most forward-looking organizations working on distributed ledger technology,” said Mance Harmon, CEO of Hedera Hashgraph. “We know enterprises have been exploring DLT use cases with Hyperledger technology.  Hedera provides an enterprise-grade public network that complements those existing and future projects.”

INBLOCK Ltd

“It’s been a long-time goal for us to join the Linux Foundation and Hyperledger,” said Jay Baek, vice president at INBLOCK. “Since the introduction of Mainnet last year, we’ve been cooperating with leading experts and allies in the blockchain industry to develop and improve the global business value. While our focus in on digital assets, we see that blockchain has the potential to revolutionize all industries, and we hope to contribute to the technology’s wide, real world impact.”

RealMarket

“RealMarket is a FinTech/RegTech company producing innovative alternative finance solutions using enterprise blockchain, machine learning, and big data. Our ultimate vision is a fully programmable economy powering groundbreaking and sustainable development worldwide,” said Dr. Dušan Gajić, CEO of RealMarket. “Thus, it is natural for us to join Hyperledger and the Linux Foundation, and we are both proud and excited to do so. Hyperledger is vital to our efforts as its suite of technologies ensures that the store of business-vital data and the rules governing their transformation are securely distributed. It is our aim to help develop Hyperledger further as we build an innovative platform combining equity crowdfunding, a private equity secondary market, cap table management, and corporate governance automation. All of this is only possible because Hyperledger Fabric is at the core of our system.”

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.


An overview of Self-Sovereign Identity: the use case at the core of Hyperledger Indy

By | Blog, Hyperledger Indy

In the real world, most identity interactions are self-sovereign. We collect and hold various credentials that we keep in our possession and present at our discretion to prove things about ourselves. These could be collections of cards, certificates, or paperwork that prove various things about someone or something. Some credentials are obvious, like birth certificates, licenses to drive, employee ID cards, passports, university diplomas…the list goes on. We hold and present these to any anyone we want, without the permission of the organization who issued them. These credentials are kept and controlled by the holder, and only taken from her wallets and revealed with her expressed consent.

This is not what happens on the internet. Like the famous cartoon says – “On the Internet, nobody knows you’re a dog,” illustrating the very real issue with the lack of an easy, secure, standardized system for a person to collect, hold, and ultimately present trustworthy, verifiable credentials online.

Unfortunately, online identity is very clearly broken. This is due to the fact that the internet was created without any way to identify the people who used it. Initially, it was a fairly small network of machines. Internet protocols are designed to identify machines and services, not people. People used the Internet through some institution (usually their company or university) and were part of that institution’s administrative identity system. This can still be seen in the format of email addresses that identify both recipient and sender as someone@someplace.

As the internet grew to include people who weren’t formally associated with an institution, every website and service created its own administrative identity domain. The result is the fractured profusion of identifiers, policies, and user experiences that constitute digital identity in 2019. Where early internet users had a handful of credentials and logged in occasionally, modern internet users typically have dozens, even hundreds, of usernames and passwords. Security has made these harder to use by encouraging or even forcing users to use more cryptic passwords and not share them between sites. And now multi-factor authentication adds to the cognitive burden. And then there’s the inconvenience of supplying the same information to application after application, all the while suffering the dangers that they might lose it or expose it to hackers.

One attempt to solve this problem is single-source or ‘federated logins.’ Social login systems from Google, Facebook, and others expedite logging into various websites, but these systems are limited in the kinds of attributes they use and the trustworthiness of those attributes. As a result, they aren’t as widely used as one might hope. Many companies don’t or can’t use social login and so the system of fractured administrative identity systems remains.

Traditional, identity systems have a single identity provider (IdP) administering an identity system for their own purposes. The rights of the so-called “identity subject” are subordinate to those of the identity provider. These systems are siloed, meaning the attributes you’ve shared with one organization are difficult to use with another. Each company asks for the same information, like your name, credit card, address, and so on. Users are required to provide that information to use the service – whether they like it or not. This single entity determines what information will be collected, decides who can participate, and how their data is stored – and that data is only as secure as the company or organization that keeps it.

Consequently, until now, the internet has lacked a universally available digital identity system that lets individuals collect and hold trustworthy verifiable credentials and present them to whoever they want, whenever they want – without the reliance on a third-party managing access.

What is SSI

Self-sovereign identity (SSI) gives individuals or organizations agency to control their identity information. SSI acknowledges that identity is about much more than logging in. Identity can be expanded to other uses by using verifiable attestations, called credentials, to prove things about yourself. SSI uses verifiable, trustworthy credentials. Identity owners autonomously use those credentials wherever they want. Privacy is a critical feature of SSI because, without privacy, there is no control. In SSI, the identity owner must be in control of who sees what. This represents a monumental shift in how identity functions on the internet.

Credential issuers, holders, and verifiers are peers on an SSI network. Any person or organization can play any or all of the roles, creating a decentralized system for the exchange of trustworthy, digital credentials.

  • Credential issuers determine what credentials to issue, what the credential means, and how they’ll validate the information they put in the credential.
  • Credential holders determine what credentials they need and which they’ll employ in workflows to prove things about themselves.
  • Credential verifiers determine what credentials to accept, and which issuers to trust.


In SSI, players independently determine the role they’ll play, who they trust, and what they will believe. While credentials can be revoked individually, the identity owner still controls her own identity wallet and all the other credentials she has collected. The result is an internet identity system that is more flexible, more secure, more private, less burdensome, and less costly.

About the author: Dr. Windley, an expert in decentralized digital identity and IoT and event-driven systems, is Chair of the Board of Trustees, Sovrin Foundation. The Sovrin Foundation open sourced the codebase used to create the Sovrin Network and contributed the initial code for Hyperledger Indy to Hyperledger, a project dedicated to blockchain hosted by the Linux Foundation.

Research Paper: Validating Confidential Blockchain Transactions with Zero-Knowledge Proof

By | Blog, Hyperledger Indy

By: Carlo Gutierrez and Alex Khizhniak, Altoros

A new document explains how blockchain transactions can be verified without having to reveal the details. Some of the model’s implementations include Idemix and Hyperledger Indy.

Transparency is considered by many to be one of blockchain’s most important traits. However, there are businesses, such as those in finance, which deal with sensitive information. In these situations, transparency takes a step behind privacy. For organizations operating with confidential information, implementing blockchain transactions with zero-knowledge proof (ZKP) is a solution to consider.

Altoros, a General Member of Hyperledger and an expert in blockchain development and training, has released a research paper exploring how to ensure privacy while still providing transparency on a blockchain.

Who can benefit from ZKP?

In a nutshell, ZKP is a method in cryptography where a prover can convince a verifier that it knows a secret value, without actually disclosing any information apart from the fact that it knows the secret value. While this requires some input from the verifier (e.g., challenging a response), there is also a form of this model called noninteractive ZKP, which does not require such an interaction between the two parties.

Avoiding linkability between certificates using ZKP protocols such as Idemix (Image credit)

Applications that benefit from ZKP are those that require a measure of data privacy. Some of these example applications include:

Authentication systems. The development of ZKP was inspired by authentication systems, where one party needed to prove its identity to a second party through some secret information, but without revealing the secret altogether.

Anonymous systems. ZKP can enable blockchain transactions to be validated without the need to reveal the identity of the users making a transaction.

Confidential systems. Similar to anonymous systems, ZKP can instead be used to validate blockchain transactions without revealing pertinent information, such as financial details.

ZKP implementations: Idemix and Hyperledger

In Hyperledger Fabric, privacy-preserving authentication and transfer or certified attributes can be done using Identity Mixer (Idemix), a ZKP-based cryptographic protocol. Its implementation consists of the three components:

  • A core Idemix cryptopackage (in Golang), which implements basic cryptographic algorithms (key generation, signing, verification, and zero-knowledge proofs)
  • MSP implementation for signing and verifying transactions using the Identity Mixer cryptopackage
  • A CA service for issuing ECert credentials using the Identity Mixer cryptopackage

The Idemix architecture within Hyperledger Fabric

This combination provides:

  • anonymity (sending transactions without having to reveal your identity)
  • unlinkability (sending multiple transactions without revealing that all the transactions come from the same source)

Based on Idemix, the Hyperledger Indy project was built for managing decentralized, independent digital identity. It utilizes the so-called Indy-anoncreds to cryptographically secure credentials. Just a couple of days ago, it was announced that The Hyperledger Technical Steering Committee (TSC) had approved Indy to graduate from incubation to the active status.

For more details on ZKP, the zkSNARK protocol, and noninteractive ZKP implementations (such as Idemix and Indy), check out the full research paper.

Hyperledger Indy Graduates To Active Status; Joins Fabric And Sawtooth As “Production Ready” Hyperledger Projects

By | Blog, Hyperledger Fabric, Hyperledger Indy, Hyperledger Sawtooth

By Steven Gubler, Hyperledger Indy contributor and Sovrin infrastructure and pipeline engineer

The Hyperledger Technical Steering Committee (TSC) just approved Indy to be the third of Hyperledger’s twelve projects to graduate from incubation to active status.

This is a major milestone as it shows that Hyperledger’s technical leadership recognizes the maturity of the Indy project. The TSC applies rigorous standards to active projects including code quality, security best practices, open source governance, and a diverse pool of contributors. Becoming an active Hyperledger project is a sign that Indy is ready for prime time and is a big step forward for the project and the digital identity community.

Hyperledger Indy is a distributed ledger purpose-built for decentralized identity. This ledger leverages blockchain technology to enable privacy-preserving digital identity. It provides a decentralized platform for issuing, storing, and verifying credentials that are transferable, private, and secure.

Hyperledger Indy grew out of the need for an identity solution that could face the issues that plague our digital lives like identity theft, lack of privacy, and the centralization of user data. Pioneers in self-sovereign identity realized we could fix many of these issues by creating verifiable credentials that are anchored to a blockchain with strong cryptography and privacy preserving protocols. To this end, the private company Evernym and the non profit Sovrin Foundation teamed up with Hyperledger to contribute the source code that became Hyperledger Indy. The project has advanced significantly due to the efforts of these two organizations and many teams and individuals from around the world.

A diverse ecosystem of people and organizations are already building real-world solutions using Indy. The Sovrin Foundation has organized the largest production network powered by Indy. The Province of British Columbia was the first to deploy a production use case to the Sovrin Network with its pioneering work on Verifiable Organizations Network, a promising platform for managing trust at an institutional level. Evernym, IBM, and others are bringing to market robust commercial solutions for managing credentials. Many other institutions, researchers, and enthusiasts are also actively engaged in improving the protocols, building tools, contributing applications, and bringing solutions to production.

The team behind the project is excited about current efforts that will lead to increased scalability, better performance, easier development tools, and greater security. User agents for managing Indy credentials are under active development, making it easy to adopt Indy as an identity solution for diverse use cases.

If you’d like to support Indy, join our community and contribute! Your contributions will help to fix digital identity for everyone. You can participate in the discussions or help write the code powering Indy. Together, we will build a better platform for digital identity.A

Hyperledger Welcomes Nine New Members to its Expanding Enterprise Blockchain Community

By | Announcements, Hyperledger Fabric, Hyperledger Indy

Advances Collaboration with Growing Portfolio of Working Groups and Cross-Industry Special Interest Groups

SAN FRANCISCO (March 27, 2019) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced that nine organizations  have joined the community. The new members, which includes the first general members from Malaysia and Saudi Arabia, further strengthen the global support for the leading enterprise blockchain project.  

Hyperledger is a multi-venture, multi-stakeholder effort hosted at the Linux Foundation that includes various enterprise blockchain and distributed ledger technologies. With the support of its fast-growing and increasingly diverse community, the organization announced the expansion of its portfolio of Special Interest Groups (SIGs), with the addition of the Hyperledger Social Impact SIG, Hyperledger Trade Finance Special Interest Group and, most recently, Telecom SIG. Hyperledger also welcomed the Smart Contract Working Group. Additionally, Hyperledger released two case studies offering a detailed look at Walmart’s unprecedented advancement of the food supply chain industry using Hyperledger Fabric and British Columbia’s efforts to cut government red tape with Hyperledger Indy.

“Our growing line-up of members and cross-community and cross-industry groups all point to the value of collaborative development, particularly for enterprise blockchain technologies,” said Brian Behlendorf, Executive Director, Hyperledger. “As our Walmart and British Columbia case studies demonstrate, blockchain creates common ground for a network of stakeholders, adding value for everyone in the process. We view our community-based, open source approach in the same light, encouraging cross-industry collaboration at every turn. We welcome our newest members and look forward to their contributions to the community’s efforts.”

Hyperledger allows organizations to create solid, industry-specific applications, platforms and hardware systems to support their individual business transactions by offering enterprise-grade, open source distributed ledger frameworks and code bases. The latest general members to join the community are Altavoz, Flowchain, Limar Global, PeerNova, Inc., Quant Network, ReGov Technologies Sdn. Bhd, Securitize and Silicon Valley Bank.

Hyperledger supports an open community that values contributions and participation from various entities. As such, pre-approved non-profits, open source projects and government entities can join Hyperledger at no cost as associate members. Associate members joining this month include Auburn University RFID Lab.

New member quotes:

Altavoz

“When Altavoz began accepting Bitcoin in 2013, we came to understand the importance of blockchain through the forest of cryptocurrencies,” said Altavoz CEO Nelson Jacobsen. “This led to work with the entertainment trade group, MusicBiz.org, on crypto and blockchain educational issues for artists, labels and music distribution companies. Joining the Linux Foundation and Hyperledger is the right next step for the growth of blockchain in the entertainment industry, and we look forward to being a part of Hyperledger’s efforts to create an open standard for distributed ledger technology.”

Flowchain

“Flowchain is excited to be a Hyperledger member,” said Jollen Chen, founder & CEO, Flowchain. “As a distributed ledger for peer-to-peer IoT networks and real-time data transactions, Flowchain’s design and architecture achieve advanced performance in both time and messages size compared to traditional distributed ledger technologies. By joining Hyperledger, Flowchain is ready to move to the next level and build up more application scenarios for IoT and AI industries. We are also looking forward to collaborating with more open-source based teams to evolve blockchain solutions.”

Limar Global

“We are pleased to join Hyperledger and to be the first Saudi company to join this global member community,” said Abdulellah M. Alnahdi, co-founder/director of Limar Global Technology. “Our team has been inspired by the Vision of 2030 for digital transformation of our country.  Limar Global Tech aims to be a leader in the technological developments of Saudi Arabia and we realize that Hyperledger is the perfect community for our government and private sector to leverage for this digital transformation. We strive to bring forth the best for our people and working with the Hyperledger community will allow us to accelerate the use of DLT in our country. Whether its eHealth, Supply Chain management, or government services, we strive to adopt use cases that will ultimately make people’s lives easier. Our mission is to simplify life with advanced technologies and to help create a digital state that serves the greater good in our country. We look forward to collaborating with the Hyperledger community members and contributing to the greater cause of trusted networks.”

PeerNova, Inc.

We are excited to join the Hyperledger community,” said Gangesh Ganesan, PeerNova President & CEO. “Our Cuneiform® Platform is built on principles of interoperability across existing financial and market infrastructures. Joining the Hyperledger community allows us to continue developing a solution that works seamlessly with internal, external, and all emerging DLT networks to achieve end-to-end visibility in real-time while ensuring privacy and confidentiality.”

Quant Network

“We are honored to join Hyperledger and the Linux Foundation to contribute to open source software and provide domain expertise,” said Gilbert Verdian, CEO and founder, Quant Network. “We see the immense value of collaborating to bring mass adoption for blockchain technology and contributing with our Overledger operating system, which helps unlock the potential of blockchain technology by addressing interoperability between blockchains as well as existing networks. Our work is driven by the belief that collaboration makes the blockchain ecosystem stronger, which is why the majority of our code is open source. We believe it’s crucial to support the development of DLT solutions and Hyperledger projects for enterprises and developers. We are excited to join this community to both contribute and help customers and users around the world benefit from this transformational technology.”

ReGov Technologies Sdn. Bhd.

“We are excited to be the first general member of Hyperledger in Malaysia,” said Datuk Paul Khoo, Founder and CEO of ReGov Technologies Sdn Bhd. “The goal is to infuse and grow the capabilities of Hyperledger within the Malaysian public and private sector to build trust and accountability while streamlining processes to reduce cost. Leveraging the ecosystem of Hyperledger, ReGov will drive change using this next-generation technology to improve transparency and governance within all organisational spheres in Malaysia.”

Securitize

“At Securitize, we believe all financial products will eventually adopt blockchain,” said Carlos Domingo, CEO & co-founder, Securitize. “As a leading technology platform for financial products, we see our membership in Hyperledger as a logical, evolutionary step in order to properly provide services to financial institutions on both permission-based and private blockchains.”

Silicon Valley Bank

“We could not be more excited to join the Linux Foundation and Hyperledger and do our part to advance the Open Source community,” said Dave Kochbeck, Chief Scientist, Silicon Valley Bank. “As the leading financial services institution for the innovation economy, it is critically important that we go beyond the transaction to engage deeply in the technical communities that will help shape the future of financial services and how we work with and support our clients.”

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.

Reducing Government Red Tape: British Columbia Creates New Business Identity Model with Hyperledger Indy

By | Blog, Hyperledger Indy

In Canada, starting a new business can be like navigating a maze with three levels: local, provincial, and federal. A helpful checklist on starting a business in Canada offers 60+ links to explore. All this red tape frustrates entrepreneurs and governments alike.

To lighten that burden, teams from the governments of British Columbia (BC), Ontario and Canada have started an ambitious project to fight red tape using decentralized identities and trusted credentials. They are jointly building the Verifiable Organizations Network (VON), to provide an open source software stack that helps business people establish trusted and enduring digital identities and speed up applying for permits and licenses from government agencies.

The first project to emerge is OrgBook BC, an online directory that makes finding authentic and authoritative data about companies faster and easier. Launched in January of 2019, it is designed to reduce the time to do due diligence on a new supplier or client from hours down to a few seconds.

Of course the path to this launch included a number of key development challenges, strategic technology choices and partnership across governments and the larger Hyperledger community. For more on all of these steps, check out this detailed case study.

Now that OrgBook BC is live, the VON goals are expanding the applications, growing the footprint and encouraging more jurisdictions to use the software stack until the network effect takes hold. To get the larger developer and business community engaged, the team is hosting BootCampBC as part of #BCTechSummit. The Honourable Jinny Sims, Minister of Citizens’ Services and MLA for Surrey-Panorama, will be opening the event, underscoring the government’s commitment to driving the growth and adoption of VON.

BootcampBC, hosted by technology leaders from Hyperledger Indy, Verifiable Organizations Network (VON) and the Sovrin Foundation, will cover the concepts of self-sovereign identity and guide participants through building their own Hyperledger Indy agent to verify and issue verifiable credentials using VON’s technology.

All Are Welcome Here

By | Blog, Hyperledger Burrow, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha, Hyperledger Sawtooth

A Minneapolis coffee shop that has fueled or at least caffeinated a lot of Hyperledger commits.

One of the first things people learn when coming to Hyperledger is that Hyperledger isn’t, like it’s name may imply, a ledger. It is a collection of blockchain technology projects. When we started out it was clear almost immediately that a single project could not satisfy the broad range of uses nor explore enough creative and useful approaches to fit those needs. Having a portfolio of projects, though, enables us to have the variety of ideas and contributors to become a strong open source community. Back in January of 2016 Sawtooth and Fabric were both on the horizon followed shortly by Iroha, but we wouldn’t have predicted that we would have Hyperledger Burrow and Hyperledger Indy – two projects that bear no resemblance to each other. Burrow is a permissioned Ethereum-based platform and Indy is a distributed identity ledger. Burrow is written in Go, and Indy was created in Python and is porting to Rust.

Both of these platforms are interesting in their own rights, but Hyperledger is even more interesting for the combination of these projects with the others. Both Sawtooth and Fabric have already integrated with Burrow’s EVM. Now Hyperledger has a set of offerings that can simultaneously satisfy diverse requirements for smart contract language, permissioning, and consensus. Likewise Sawtooth and Indy have been working together at our last several hackfests. The results of that may unlock new use cases and deployment architectures for distributed identity. So it’s not that our multiplicity of projects has given us strength through numbers, but rather strength through diversity.

Hyperledger Hackfest – December 2017 at The Underground Lisboa

The hackfests that we mentioned are one of the rare times that we get together face to face. Most of our collaboration is over mail list, chat, and pull-requests. When we do get together though it’s always in a new city with new faces. One of our most recent projects was hatched inside one of those buses. It wasn’t the most ergonomic meeting I’ve ever had but there was room for everyone on that bus.

Hyperledger Hackfest in Chicago

Our hackfest in Chicago was in a lot more conventional surroundings (still a very cool shared creative space .. lots of lab equipment and benches out of view on the other side of the wall to the right). Looking back at this photo is fun for me. I can see a lot of separate conversations happening at each table… people sharing different ideas, helping ramp new contributors, working on advancing new concepts with existing contributors. I can see a lot of similarity but also a little variety. It’s a busy room but there’s still open chairs and room for more variety.

Our next hackfest won’t be until March 2019 (Hyperledger is hosting Hyperledger Global Forum in December in Basel though). The March hackfest will be somewhere in Asia – location to be settled soon. The dates and locations of the other 2019 hackfests aren’t set yet. I don’t know where they will be specifically, but I do know that there will be a seat available and you will be welcome there.

These face to face meetings really are more the exception than the rule at Hyperledger. There are now more than 780 contributors spread all across the globe. 165 of those were just in the last few months. That means that every day we have a new person contributing to Hyperledger. Most of our engagement is through the development process. People contribute bug fixes, write new documentation, develop new features, file bugs, etc. If you’ve never contributed open source code before getting started might be intimidating. We don’t want it to be, though. There are a number of resources to help you get started. You can watch this quick video from Community Architect, Tracy Kuhrt. There’s documentation for each project, mail lists, a chat server, working groups, and some of the projects even host weekly phone calls to help new developers get engaged. Everyone in Hyperledger abides by a Code of Conduct so you can feel comfortable knowing that when you join any of those forums you will be treated respectfully. Anyone who wants to get involved can regardless of “physical appearance, race, ethnic origin, genetic differences, national or social origin, name, religion, gender, sexual orientation, family or health situation, pregnancy, disability, age, education, wealth, domicile, political view, morals, employment, or union activity.” We know that to get the best ideas, best code, best user experience we need your involvement. Please come join our community.

Image created by https://allarewelcomehere.us/ for Hyperledger

As always, you can keep up with what’s new with Hyperledger on Twitter or email us with any questions: info@hyperledger.org.

Five Hyperledger Blockchain Projects Now in Production

By | Blog, Hyperledger Fabric, Hyperledger Indy

IT leaders have been hearing a lot about blockchain and its potential in the enterprise for the last few years, but until now they may not have heard much about how it is actually being used today for real-world business processes inside and between enterprises. So, we compiled this list of five intriguing, Hyperledger blockchain initiatives that are in production today across a wide range of industries, including food supply, fine art, insurance, aviation and accounting.

  1. Food source tracking using blockchain

Ensuring the safety and quality of a vast portion of the nation’s food supply is a huge undertaking, especially since incidents have occurred over the last several decades in which consumers have become sickened or died after eating tainted foods. IBM Food Trust is powered by Hyperledger Fabric to create unprecedented visibility and accountability in the food supply chain. It is the only network of its kind, connecting growers, processors, distributors, and retailers through a permissioned, permanent and shared record of food system data.

The IBM Food Trust network represents the continuation of more than a year of pilot tests with major retailers and food suppliers, including Golden State Foods, McCormick and Co., Nestlé, Tyson Foods and Wal-Mart Stores Inc. These companies formed a consortium in collaboration with IBM to use its food safety blockchain in order to protect consumers and enhance trust the food supply.

The solution provides authorized users with immediate access to actionable food supply chain data, from farm to store and ultimately the consumer. The complete history and current location of any individual food item, as well as accompanying information such as certifications, test data and temperature data, are readily available in seconds once uploaded onto the blockchain. Learn more here.

2. Blockchain for the airline industry

To help airlines improve passenger ticketing processes, NIIT Technologies developed its new Chain-m blockchain application using Hyperledger Fabric that can report on a wide range of critical information, from the number of tickets sold to fare amounts, commissions, taxes collected and more. Using a web-based interface, Chain-m adds transparency to ticketing processes, which is expected to help improve record-keeping, save money and improve security and agility in a complex business.

3. Follow the trail of Cambio Coffee with blockchain

Direct trade organic coffee seller Cambio Coffee provides a clear, traceable supply chain path for its products–from harvesting to roasting, packaging, and shipping–so customers could learn the exact details of what they are buying and drinking. To do that, the company began adding QR scan codes from ScanTrust to its coffee packaging, which when scanned records those details onto a Hyperledger Sawtooth blockchain network. Tying the QR codes together with the blockchain data lets coffee buyers scan the codes to see exactly where their coffee originated and how it arrived to their local store and into their grocery carts. The idea, according to Cambio Coffee, was to give its customers trust in its products and to provide transparency and traceability throughout their journey to customers. Watch the webinar here to learn more.

4. Blockchain for better enterprise operations management

China’s largest retailer, JD.com, offers its own JD Blockchain Open Platform to help enterprise customers streamline a wide range of operational procedures by creating, hosting and using their own blockchain applications. The platform uses Hyperledger Fabric and is an expansion of the company’s Retail-as-a-Service strategy, which offers some of its own internal initiatives to other companies as a service. The China Pacific Insurance Company is using the platform to deploy a traceable system for e-invoices, which are official receipts required in China for business. The system strengthens the security governance of e-invoices by applying unique blockchain IDs to each document, increasing efficiency and streamlining the accounting process, according to the company.

The platform allows users to create and update smart contracts on public and private enterprise clouds, while also enabling companies to streamline operational procedures such as tracking and tracing the movement of goods, charity donations, authenticity certification, property assessment, transaction settlements, digital copyrights and more.

5. Blockchain for insurance compliance data

Insurance companies are required to regularly report a significant amount of regulatory data that is subject to a wide range of compliance requirements and must be shared securely with regulators. The American Association of Insurance Services, a not-for-profit insurance advisory organization, has developed openIDL (open Insurance Data Link), which is designed to automate insurance regulatory reporting. Built on IBM Blockchain thus powered by Hyperledger Fabric, openIDL can help streamline regulatory and compliance requirements while improving efficiency and accuracy for both insurers and state insurance departments. The openIDL is the first open blockchain platform focused on the collection and sharing of statistical data between insurance carriers and regulators, according to the group. Using this blockchain network, insurers can contribute data directly onto the secure platform, which satisfies state regulatory requirements, while historical and current data is stored on an immutable blockchain ledger. Regulators are then provided permissioned access to view only the information they need to see for compliance purposes.

If you’re interested in learning about other ways Hyperledger technologies are used today to solve interesting problems, you can read through our case studies and/or visit the Blockchain Showcase.

(10.1.18) InfoQ: Implementing Privacy by Design in Hyperledger Indy

By | Hyperledger Indy, News

In a recent Hyperledger blog post, Daniel Hardman talks about Hyperledger Indy and its ‘Privacy by Design’ approach to address decentralized identity management. Unlike many systems that add privacy to their product or service after the fact, Hyperledger Indy has been built using a privacy first approach. As the world shifts to more regulation, including GDPR and ePrivacy requirements, Indy can minimize the amount of details a user shares when having their data validated by a third-party system.

More here.

Privacy By Design in Hyperledger Indy

By | Blog, Hyperledger Indy

The Scope and Limits of Indy’s Privacy Tech

Guest post: Daniel Hardman, Evernym

Privacy is a hot topic in blockchain circles–and across the entire digital landscape. GDPR, ePrivacy, and similar regulatory regimes have the world thinking hard and smart. Modern systems must bake privacy into their DNA; it can’t be bolted on after-the-fact. I’ve written elsewhere about why this is true, and how it must be done–and I’ve spent the last couple years helping Hyperledger Indy embody all the privacy goodness I know. I’m encouraged to hear a swelling chorus of blockchain practitioners opine that certain things must NOT go on a blockchain.

Perhaps you have heard a claim that Indy “solves” privacy. Or perhaps you’ve seen skeptics roll their eyes, muttering about how we’re all going to be correlated by the surveillance state, no matter what we do.

The truth is that both of these perspectives distort reality. Indy does offer some wonderful features to aid privacy, and these features matter! But institutions are certainly going to know some things about us, no matter what Indy does. Indy can minimize this in exciting ways. Nonetheless, what privacy we have, now or in the future, will emerge from a combination of technology, social and legal constructs, market forces, and human behavior; it can’t be trivialized as a tech problem.

What “Privacy Tech” Are We Talking About?

Today, Hyperledger Indy’s approach to privacy includes elliptic curve cryptography, pairwise DIDs, semi-trusted agents, agent-to-agent communication using techniques such as libsodium’s sealed box and authenticated encryption, zero-knowledge proofs, a separation between credentials and proofs, privacy-preserving credential revocation features, an affinity for data and key storage at the edge, and a carefully constructed wallet interface that manages personal secrets with industry best practices. In addition, privacy-preserving agent (device) revocation has been demonstrated as a proof of concept.

Indy’s roadmap includes additional privacy-enhancing features such as a user-friendly SSI tool (mobile app) with smart and safe defaults, microledgers, sophisticated policy and/or AI for agents, mix networks for transaction submitting and agent routing, and so forth.

Some of these technologies exist in other identity technologies, but Indy combines more of them, in far more powerful ways, than any similar technology I know.

What All This Tech Does NOT Deliver

Except for people who live in remote, technology-scarce  places, all of us are constantly observed and recorded. Google maps may have a picture of our front door; cell phone towers track the location of our mobile devices; credit card companies see what we spend; closed-circuit cameras watch us on the road or subway.

In such an environment, much will be known about us, even if we use Indy to prove things in zero knowledge. And, if we choose to use Indy to disclose something identifying–our email or phone number or name+birthdate, for example–then the disclosing interaction is correlatable to a much bigger digital footprint, no matter what fancy math did the proving. Even less perfect correlators like first name + fuzzy place + fuzzy time may correlate us, given sufficient context.

It might be tempting to say, then, that there’s no point to Indy’s elaborate privacy posture. But there is more to the story.

What Hyperledger Indy Privacy DOES Deliver

Hyperledger Indy allows you to construct interactions where the degree of disclosure is explicit and minimal–much smaller than what was previously possible. Nothing about the mechanics of connecting, talking, or proving in Indy is leaky with respect to privacy; vulnerabilities that emerge must come from the broader context. No other technology takes this minimization as far as Indy does, and no other technology separates interactions from one another as carefully. If privacy problems are like a biohazard, Indy is the world’s most vocal champion of wearing gloves and using a sharps container for needles–and it provides the world’s best latex and disinfectants.

Of course, this does not give perfect protection. Like a needle stick, mistakes can ruin Indy’s carefully sanitized interactions, and contamination is always a possibility. In 2017, the layouts of US army bases in some of the most dangerous locations in the world were compromised because soldiers had been using the Strava running app to track where they exercised (https://wapo.st/2J6DQqU). If this can happen when stakes are so high, and when the organization is as careful as a sophisticated army, then similar fiascos will undoubtedly occur, both with and without Indy technology, for the foreseeable future. These are serious problems that are not to be underestimated.

Despite the imperfect guarantees, doctors consider it worthwhile–even vital–to wear gloves. And despite risk, Indy’s privacy tech can deliver real value, if we are careful about constraining behavior and understanding use cases. Any interaction that does not leak is a tiny bit of personal, private space–and chaining such interactions together can accrue significant benefits. Indy makes it possible to prequalify for a loan at a thousand banks, in a way that proves credit worthiness, income, and citizenship, without forfeiting privacy. Used correctly, it can insulate cautious whistleblowers; it can enable secure, private voting; it can make online dating safer. Many other use cases exist. In each situation, we must carefully assess privacy beyond the narrow context of Indy’s proving mechanics. Gloves are less helpful when a disease vector is airborne; the government still needs to know who you are when you pay your taxes.

Intentions And Incentives

Besides discussing what protections Hyperledger Indy offers on the technical level, and what ways there might be to defeat such protections, we can also make an argument that architectures, algorithms, data models, and cryptography always carry a certain “intention” towards the parties we interact with. In our case, this intention is to maintain the individual’s privacy, sovereignty, etc. Whether or not the technology can strictly enforce this intention, or to what extent, is an important question, but not the only argument for building it in a certain way.

If we use pairwise DIDs and zero-knowledge proofs, the message is clearly “don’t try to correlate me,” even if you could find a way to do it if you try hard enough. An HTTP Do-Not-Track header says “do not track me,” but it doesn’t offer any actual protection from tracking. The VRM community has been talking about user-defined terms for a long time. In a relationship, you can express “don’t use my data for advertising,” or “delete my data after 14 days,” or “use my data for research, but not commercially.”

Simply expressing these intentions in code and architecture has value by itself. It bears a message that privacy and sovereignty “should be honored,” even if it cannot always be guaranteed technically that it will be. Over time, we expect that through regulation, trust frameworks, reputation, and similar mechanisms, not honoring such intentions will be discouraged. Of course we must always communicate clearly the limits of intentions and guarantees, lest we create a false sense of security that can lead to severe consequences.

One of the main reasons for the growth of Internet’s re-decentralization movement (Diaspora, Bitcoin, etc.) was not only to achieve more privacy and independence, but also to build architectures that better mirror the way we want society to work in the real world (not client/service aka. master/slave). At the same time, the point of view that “technology is neutral” is getting less prevalent, being more and more replaced by an assumption that “technology has built-in values.” From this perspective, privacy tech is valuable not only as a technical defensive mechanism, but also to make a point, to convey an intention.

Importantly, Indy’s technology also enables the transformation of privacy incentives. Companies that once stored PII can now store an opaque identifier for a customer, and contact the customer’s agent to learn more–then throw away the data after they use it. This has the potential to eliminate many centralized data troves as hacking targets, and it empowers people instead of impersonal and conflicted corporate guardians. Indy also provides meaningful advances in the world’s answers to privacy regimes like GDPR. We believe that in the future, social, software, and legal constructs will evolve to take advantage of the privacy features offered by Hyperledger Indy, and that this will lead to ever more creative types of business models and digital interactions not possible before.