Category

Hyperledger Iroha

#HyperledgerFinTech: A sampling of production applications using Hyperledger technologies in the finance market

By Blog, Finance, Hyperledger Besu, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha

The financial services market has long turned to technology to address a range of back-end challenges and enhance customer-facing services. Blockchain is increasingly becoming a go-to technology for advancing many different financial systems and solutions with different Hyperledger platforms serving as the core for an array of applications now in production. 

Read on for just a sampling #HyperledgerFinTech solutions, built using a mix of Hyperledger technologies:

Bakong

Sponsored by the National Bank of Cambodia, the country’s central bank, Bakong is the first retail payments system in the world using blockchain technology. Built on Hyperledger Iroha, Bakong delivers value for customers, merchants and banks. Individuals can now transfer money and buy from merchants with a simple smartphone app. Merchants gain a fast, cashless, and secure payments system. And banks can do interbank transfers at much lower cost.

Bakong was developed by Soramitsu and, after a soft launch in 2019, is now expanding with 16 financial institutions using the system and more expected to join in the near future. The project was also designed to promote financial inclusion for the country’s large number of unbanked citizens. Any citizen of the country can open a Bakong account, even if they don’t have a traditional bank account. The more than 500 merchants that accept Bakong can be viewed in a map inside the app. 

daura 

Built atop the private Swiss Trust Chain run by Swisscom and Swiss Post and powered by Hyperledger Fabric, daura is a digital share platform for financing and investing in Swiss SMEs. With daura, the share register is easily digitized and capital increases are carried out quickly and inexpensively at the push of a button. Shares can be split into any number of small lots and the share register is always digitally maintained, complete and up-to-date. With daura, companies have also transitioned virtual Annual General Meetings as a response to COVID-19 with authorization and access are granted directly via the blockchain. 

ioCash

ioBuilders is a blockchain technology company focused on building regulated fintech and enterprise solutions based on distributed ledger technology to help businesses succeed in their blockchain adoption. The company offers professional services, including technical, business and regulatory, and develops its own product line. ioBuilders has been one of the first adopters and advocates of Hyperledger Besu, providing essential feedback to improve its enterprise requirements capabilities. 

ioCash, one of ioBuilder’s core products, is a fintech platform enabling the use of regulated fiat money on blockchain networks, making it programmable with smart contracts and able to interact with other blockchain use cases. ioCash’s platform operates under an electronic money licence, providing accounts (with or without IBAN) and complex payments functionalities through API and smart contracts connectivity. ioCash is also available as a technology license for financial institutions that hold banking or electronic money licences and are aiming to add the benefits of blockchain into their payment systems. 

Memberpass

CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, set out to bring a decentralized identity solution product for credit unions to market. The result was MemberPass, a permanent, portable digital identity credential for credit union members.

Built in partnership with Evernym and using Hyperledger Indy, Memberpass replaces vulnerable authentication processes such as common knowledge-based questions. Now credit unions are able to issue a digital credential to members, giving them a hassle-free way to control and prove their identity quickly and easily while protecting their personal information.  

Verified.Me 

Verified.Me offers a secure and convenient way to help Canadians verify their identities.

Verified.Me is a service offered by SecureKey Technologies Inc. The Verified.Me service was developed in cooperation with seven of Canada’s major financial institutions – BMO, CIBC, Desjardins, National Bank of Canada, RBC, Scotiabank and TD. The Verified.Me network continues to evolve adding new identity providers and service providers to make your life easier.

Verified.Me is built on top of the IBM Blockchain Platform which is based on Linux Foundation’s open source Hyperledger Fabric v1.2, and will be interoperable with Hyperledger Indy projects. 

Users of the Verified.Me mobile app or web browser experience are able to get a free credit score with Equifax, register with Sun Life, verify their identity when registering for Dynacare Plus, an online and mobile service that lets users manage their health remotely, and more.

Join the conversation about solutions and applications in the financial service market with #HyperledgerFinTech this month on social channels. Or get involved with the Capital Markets or Trade Finance Special Interest Groups.

If you are interested in peer-to-peer transactions, mark your calendar for a webinar hosted by CoinDesk at 11:00 am ET on October 20th. A panel of experts on different Hyperledger platforms will be discussing “Governance, standards and interoperability: Getting past the roadblocks to peer-to-peer financial transactions.” Go here to find out more.

Hyperledger-Powered Education Solutions in Action

By Blog, Education, Hyperledger Aries, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha

Just before the age of COVID began in earnest, The New York Times ran a feature on “How Technology Is Changing the Future of Higher Education.” The rise of remote learning and other pandemic-related changes and challenges have added to the need and opportunity for technology-driven advances. 

The Hyperledger community is doing its part to help the higher education market adapt to an increasingly digital world. Below we look at five Hyperledger-powered solutions that are at work now in the education market. They are helping colleges and universities modernize how they tackle a number of core tasks, including issuing and verifying academic credits, automating on-campus payments and managing students’ identity and privacy. 

Read on for more about these #HyperledgerEdu solutions, built using a mix of Hyperledger technologies:

Byacco, an on-campus payment system

Soramitsu has officially released Byacco, a payment system based on Hyperledger Iroha, for the University of Aizu, Japan. Byacco is a system that allows students and staff of the University of Aizu to use an application on their phones to pay for goods in the cafeteria and university store and to transfer funds within the campus. To make a transaction, all they need is to scan or to provide a QR code, depending on the operation. Byacco’s technology also has high standards for transfers: it follows the EMV® QR Code specification and has bank application level financial security protocols. The keys that are used to authorise transactions on the blockchain are stored only on the device, in a secure storage, so that no one except the owner can access the funds. Students of the university can join the development of the system, thus acquiring skills in creating financial systems based on Hyperledger technologies.

DoDream, a “Study Abroad Platform”

Dain Leaders is an education solution provider for universities in Korea. It serves more than 45 Korean universities by providing services for students’ career path development. As part of that effort, Dain Leader is introducing its “Study Abroad Platform,” called DoDream, to support the extended education ecosystem of the universities, accreditation and related agencies, and prospective employers. Based on Oracle Blockchain Platform Cloud Service (which is powered by Hyperledger Fabric), the platform is an O2O service that provides foreign students with information on studying in Korea and a matching service with Korean universities.

Oracle Digital Certificates Solution

In the face of fast-changing demographic and economic drivers and student expectations, the current processes for issuing and verifying student certificates are too inefficient and time consuming. They can also lead to fraudulent or counterfeit certifications.  

The Oracle Digital Certificates Solution, built on the Oracle Blockchain Platform (based on Hyperledger Fabric), provides a complete, end-to-end solution for educational institutions to issue verifiable tamper-proof and secure credential certification that improves the student experience after graduation and improves operational efficiency. The solution enables institutions to issue digital certificates along with transcripts and provide self-sovereign capability to the students who can share them securely with third parties through an access token.

This solution has been successfully deployed in production by customers like China Distance Education Holdings Limited (CDEL) and Taibah Valley University. CDEL uses Oracle Blockchain to share educational records and professional certifications across many educational institutions to help employers and recruiters verify the educational credentials claimed by individuals. 

Many other institutions like national universities, employment agencies, government organizations, professional skills academies and universities that provide student grants/scholarships are using this solution as part of ongoing or planned pilots.     

PwC Smart Credentials

Data is the new gravity in the world today and organisations are gravitating to and concentrating around trust as the ultimate currency in this data driven world. This trust is crucial for people to exchange information, especially in this digital age when trust is often violated. 

With that premise, PwC developed Smart Credentials, a credential issuance, sharing, reviewing and revocation platform levegering the inherent core benefits of blockchain technology such as immutability, tamper-proof nature, transparency, authenticity and security.

Built using Hyperleder Indy and Hyperledger Aries to support the verification process, Smart Credentials has two key pillars: Authentication (you are who you say you are) and Authorization (genuine claim). Both are crucial ingredients of building trust in any ecosystem. 

Smart Credentials recently won a “Bronze” medal for the Best Global Blockchain Innovation 2019 at the Reimagine Innovation awards (Backed by Wharton and QS) and is a finalist in the DataIQ 2020 awards “Best data product/ service” of the year category.

Verified.Me

As higher education moves deeper into online and remote learning for traditional and non-traditional students, colleges and universities are now offering a broader array of services that extend the campus experience to the digital realm. Beyond the advent of digital programming, educational institutions are also privy to sensitive personal student, faculty and alumni data from income and payment information to disciplinary records, healthcare and insurance information. 

SecureKey Technologies’ Verified.Me service is one approach that supports education’s new digital and data privacy demands. This new digital identity verification service can help verify students, alumni and faculty in a timely and secure manner, strengthening educational institutions’ ability to expand their digital offerings with confidence – while also providing much-needed cost savings. Verified.Me is built using the IBM Blockchain Platform, which is based on Linux Foundation’s open source Hyperledger Fabric.

Join the conversation about solutions and applications supporting the higher education marketing with #HyperledgerEdu this month on social channels. Also, Hyperledger has an Education Architecture Special Interest Group that is open to all.

National Bank of Cambodia’s New Digital Payment System: How Soramitsu Helped Modernize Retail Payments Using Hyperledger Iroha

By Blog, Hyperledger Iroha

In the Kingdom of Cambodia in Southeast Asia, three-quarters (78%) of its citizens have no bank account, yet more than half own a smartphone. And even though the native currency—the Khmer riel (KHR)—has been stable for 20 years, most people there use the American dollar. Ever since a major UN mission in the mid-1990s, the price of everything from a cup of coffee to a car has been given in U.S. dollars.

Addressing these challenges and more, the National Bank of Cambodia (NBC) set out to see if a digital payment system could handle transactions faster and for lower cost than the existing system.

Could it promote wider use of the riel? And could that system run as a mobile app that any citizen with a smartphone could use to shop or transfer money to family or friends?

To find out, NBC partnered with blockchain developer experts Soramitsu on a retail payment system project that would modernize the country’s legacy retail payments with the help of the Hyperledger Iroha blockchain framework.

When most people picture a CBDC, they imagine an entirely new digital asset created out of “thin air.” The problem is, this new asset could distort a country’s monetary policy and affect its exchange rates. To be prudent, Cambodia’s central bank wanted to create a digital token backed by fiat currency stored safely in its vaults. The new payments platform would become a way to move around digitized cash, while preserving the creditworthiness and security of the central bank.

The resulting project, called Bakong, is the first retail payments system in the world using blockchain technology. Individuals can now transfer money and buy from merchants with a simple smartphone app. Merchants gain a fast, cashless, and secure payments system. And banks can do interbank transfers at much lower cost.

The pilot project went live in July 2019 and ran successfully with a network of 14 banks supporting more than 10,000 users, laying the groundwork for a large-scale rollout later this year.

Hyperledger teamed up with Soramitsu on a detailed case study covering the planning and implementation of Bakong, including key goals, milestones, security considerations and core technology requirements, as well as a preview of rollout plans and new features.

Read the full case study here.

2019 Summer Mentee Project Update: Integration of EVM from Hyperledger Burrow into Hyperledger Iroha

By Blog, Hyperledger Burrow, Hyperledger Iroha, Hyperledger Summer Mentorship Program

Hello, my name is Ivan Tyulyandin. I am a student at Saint Petersburg State University. I took part in the Hyperledger Internship Program, working with Andrei Lebedev (my mentor), Iurii Vinogradov and Eugene Kovalev from the Hyperledger Iroha team.

Hyperledger Iroha is a straightforward distributed ledger technology, inspired by the Japanese Kaizen principle — eliminate excessiveness. Users can create and manage their assets via Iroha commands. Iroha is written using C++, Protobuf, Boost and GTest. There are no smart contracts in Iroha.

Introduction

Hyperledger Burrow provides a modular blockchain client with the possibility to change different parts of the system. One modular piece is a permissioned smart contract engine, partially developed to the specification of the Ethereum Virtual Machine (EVM). Burrow is developed using language Go.

The main purpose of this internship was to integrate EVM from Hyperledger Burrow into Hyperledger Iroha. Since Ethereum is de facto the most known platform for smart contract development, the integration will let Ethereum developers use Iroha as a new blockchain in distributed applications.

Project Components

The starting point was identifying the main components the project needed to address: 

  • First of all, there should be a way to pass data (such as Ethereum bytecode, caller and callee) from Hyperledger Iroha to Hyperledger Burrow EVM. For this purpose, a new command to Iroha has to be added.
  • Another issue is to connect Golang and C++ code to bind Iroha and EVM. 
  • The next step is to implement a special Burrow API to store EVM accounts data in Iroha.
  • The final requirement is new functionality testing.

Challenges

One of the challenges was to get deeper into the codebases of Hyperledger Burrow and Hyperledger Iroha. Existing integration examples of Burrow EVM to Fabric and Sawtooth gave me a nice understanding of what to do. From the Iroha side, Andrei Lebedev led me through the Iroha source code.

Results

With this information, I was able to develop a new command EngineCall. I made a wrapper using CGO (special go compiler mode that generates C library from Go source code) that Iroha uses to call Burrow EVM. Now an implementation of Burrow EVM API can send requests to Iroha for modification of its state via Protobuf messages. Every EVM account is stored in a technical account in Iroha. EVM account storage is emulated in the technical account details (which is key-value storage). All of this work was QA’d by writing and completing module and integration testing.

What comes next

More features can be added to this  integration. The first one is web3 interface implementation, which  will call remote EVM instance or use a local one. The next possible improvement is to add permissions to an Iroha account that represents an EVM account. Also, the current support of Burrow EVM in Iroha is not full, since there is no catching of EVM logs.

For more on this project, please read my full report.

2019 Summer Mentee Project Update: Integration of Hyperledger Iroha into Hyperledger Explorer

By Blog, Hyperledger Explorer, Hyperledger Iroha, Hyperledger Summer Mentorship Program

Hyperledger Iroha is a next-generation permissioned DLT initally contributed by Soramitsu. It provides asset and identity management, multi-signature and batch transactions. During the internship, I visited the Soramitsu office and communicated with Iroha development team.

Hyperledger Explorer is a tool that shows information from DLT networks. Initially, it was built to support for Hyperledger Fabric, with the expecting support for more DLTs would be added. Our goal was to add support for collecting and viewing Iroha transactions and Iroha-specific information to Hyperledger Explorer.

Accomplishments:

  • We implemented an integration of Hyperledger Iroha into Hyperledger Explorer. Now, Hyperledger Explorer shows information about Hyperledger Iroha peers, blocks, transactions, roles, domains, accounts.
  • We found and fixed some ambiguous statements in Hyperledger Iroha documentation.
  • We simplified code of our project by using open-source GraphQL framework developed by Facebook.

For a deeper dive into the work, read my full project report here.

I am very grateful for the support of my mentor, Ales Zivkovic, as well as Hyperledger for the opportunity to learn and contribute to open source Hyperledger projects.

Hyperledger Community, Deployment and Development Momentum Continues

By Announcements, Hyperledger Indy, Hyperledger Iroha

Adds 10 More Members, Powers Half of the Blockchain 50, Hits Production Milestones for Hyperledger Indy and Hyperledger Iroha

SAN FRANCISCO (May 9, 2019) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced 10 more organizations have joined its growing global community. These new members join just as the Hyperledger portfolio of production-ready projects doubles and Forbes documents the scope of Hyperledger deployments in leading global businesses.

Hyperledger is a multi-venture, multi-stakeholder effort hosted at the Linux Foundation that includes various enterprise blockchain and distributed ledger technologies. According to the recent Forbes Blockchain 50 list, over half of the biggest companies deploying blockchain are doing so on a Hyperledger platform. And now two more projects, Hyperledger Indy and Hyperleger Iroha, have hit development milestones that make them production ready.

“As the Forbes 50 shows, blockchain technologies and, specifically Hyperledger projects, are now having real-world impact,” said Brian Behlendorf, Executive Director, Hyperledger. “With four production-ready frameworks and 270 members working to develop and deploy Hyperledger technologies around the world, the rate of adoption and the rise of production systems will only accelerate. Our newest members will further fuel this growing community, deployment and development momentum.”

Hyperledger allows organizations to create solid, industry-specific applications, platforms and hardware systems to support their individual business transactions by offering enterprise-grade, open source distributed ledger frameworks and code bases. The latest general members to join the community are Consensus Datatrust Technology Co., Ltd., FRST Corp., Fusion Tech+, Hedera Hashgraph LLC, INBLOCK Ltd,  RealMarket and Xilinx, Inc.

Hyperledger supports an open community that values contributions and participation from various entities. As such, pre-approved non-profits, open source projects and government entities can join Hyperledger at no cost as associate members. Associate members joining this month include Arizona State University, Portland State University and University College London.

New member quotes:

Consensus Datatrust Technology Co., Ltd

“It is a great honor to join and be a member of Hyperledger,” said Maolu Wang, Chairman, Consensus Datatrust. “As a revolutionary new technology, blockchain has shown great potential in the field of B terminal. We understand that the solution of digital letter integrates blockchain and big data. We believe that blockchain technology can be used as a link for multi-party data sharing to solve previous business problems by technical means. As a member of Hyperledger, we will provide strong technology promotion and product promotion support, and we look forward to making continuous contributions to the community.”

FRST Corp

“The open source dev ecosystem has a tradition of testing assumptions, trying new things, and building important, evolving codebases. FRST is excited to join the Hyperledger community, and we believe participation will advance our work as a data-driven, blockchain-native enterprise analytics company,” said Karl T. Muth, CEO of FRST. “We can’t wait to share our questions and ideas with this community.”

Fusion Tech+

“We are very happy to join Hyperledger and look forward to collaborating with the community to provide innovative solutions for our partners and customers,” said Yang Lu, CTO of Fusion Tech+. “Fusion Tech+ is a smart technology company under Fusion Group. Relying on the strong strategic layout of the IoT, Fusion Tech+ puts forward the concept of Tech+ for enabling innovation and an integrated service platform called ‘Fusionfintrade,’ which deeply integrates technology, finance and scenarios to create a mutual enabling ecosystem. Our platform supports many scenarios and, as we develop it, we will also be actively contributing to the Hyperledger ecosystem and working with the other members to promote the development of technology and industry.”

Hedera Hashgraph

“We are excited to join the Hyperledger community, which comprises some of the most forward-looking organizations working on distributed ledger technology,” said Mance Harmon, CEO of Hedera Hashgraph. “We know enterprises have been exploring DLT use cases with Hyperledger technology.  Hedera provides an enterprise-grade public network that complements those existing and future projects.”

INBLOCK Ltd

“It’s been a long-time goal for us to join the Linux Foundation and Hyperledger,” said Jay Baek, vice president at INBLOCK. “Since the introduction of Mainnet last year, we’ve been cooperating with leading experts and allies in the blockchain industry to develop and improve the global business value. While our focus in on digital assets, we see that blockchain has the potential to revolutionize all industries, and we hope to contribute to the technology’s wide, real world impact.”

RealMarket

“RealMarket is a FinTech/RegTech company producing innovative alternative finance solutions using enterprise blockchain, machine learning, and big data. Our ultimate vision is a fully programmable economy powering groundbreaking and sustainable development worldwide,” said Dr. Dušan Gajić, CEO of RealMarket. “Thus, it is natural for us to join Hyperledger and the Linux Foundation, and we are both proud and excited to do so. Hyperledger is vital to our efforts as its suite of technologies ensures that the store of business-vital data and the rules governing their transformation are securely distributed. It is our aim to help develop Hyperledger further as we build an innovative platform combining equity crowdfunding, a private equity secondary market, cap table management, and corporate governance automation. All of this is only possible because Hyperledger Fabric is at the core of our system.”

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.


Hyperledger Launches Hyperledger Iroha 1.0

By Announcements, Hyperledger Iroha

Another production-ready framework released by the Linux Foundation’s open business blockchain consortium

SAN FRANCISCO, CA – (May 6, 2019) – Hyperledger, a collaborative cross-industry effort created to advance blockchain technology, announced today the general availability of Hyperledger Iroha 1.0. Hosted by The Linux Foundation, Hyperledger Iroha is the fourth active Hyperledger project to reach 1.0, following Hyperledger Fabric, Hyperledger Sawtooth and Hyperledger Indy. Iroha is a distributed ledger project that aims to provide a development environment where C++ and mobile application developers can contribute to Hyperledger.

New Hyperledger Iroha 1.0 features include:

  • YAC Consensus — a consensus protocol that ensures the  safety of the ledger, even if some nodes are faulty or cannot be trusted. The protocol scales linearly in the peer network size.
  • Fully Operational Multisignature — an option for transactions when your application needs multiple signatures for transaction settlement.
  • Updated client libraries — support for writing applications on many different platforms from mobile to mainframe using many different programming languages such as Java (compatible with Android, Scala etc.), JS, Python, and iOS.
  • Windows support (experimental) — Hyperledger Iroha now natively runs on Windows, as well as in Linux and MacOS environments.

“It’s extremely gratifying to see another one of Hyperledger’s active projects hit the 1.0 milestone,” said Brian Behlendorf, Executive Director, Hyperledger. “This is a huge testament to the strong collaboration of our growing community. I look forward to seeing development efforts around Hyperledger Iroha continue to grow and more and more productions systems powered by the framework later this year.”

Hyperledger Iroha complements other Hyperledger projects by providing an alternative design solution for mobile-oriented use cases in finance and identity management. Hyperledger Iroha has a long-term vision to simplify the implementation of blockchain business applications by providing an easy-to-use API and a universal peer model. Hyperledger Iroha has a modular architecture making it additive to existing projects using other Hyperledger technologies and provides a robust library of reusable components to enhance existing applications.  

Hyperledger Iroha contributors from around the world attend meet-ups and blockchain events, collaborate  with universities, and answer constant questions in chats to help people learn about and use the framework. All are invited to participate in this open community.

Hyperledger aims to create distributed ledger technology that enables organizations to build and run robust, industry-specific applications, platforms and hardware systems to support their individual business transactions. The consortium now has more than 270 members with steady growth since its inception, spanning various industries including finance, healthcare, the Internet of Things, credit card services, supply chain and aeronautics, among several others.

You can find the Hyperledger Iroha 1.0 documentation here: https://iroha.readthedocs.io/en/latest/. Follow the “Getting Started” guide to create your first Hyperledger Iroha network in 10 minutes.

Community Quotes:

“The release of Hyperledger Iroha 1.0 is a significant milestone for this vibrant community and the enterprise blockchain space,” said Makoto Takemiya, CEO, Soramitsu. “As a core contributor to the project, we are very excited to see the Hyperledger Iroha team reach this milestone and continue to build upon the diverse DLT ecosystem developing under the Hyperledger greenhouse.”

“We are very excited about the release of Hyperledger Iroha 1.0 because it offers an out-of-box solution for implementation of blockchain networks to mobile devices,” said Yasir Azeem, Head AI and Blockchain from Ikioo. “With the combination of scalability and a permissioned Blockchain, Hyperledger has built something worth commending.”

“Global business is always terrific, and we had looked for the solution that fits our requirements in terms of a solution that is 100% open-sourced, oriented to specific needs of our task: account management, and KYC and supportive in terms of community,” said Alexander Yakovlev, NSD. “Iroha’s existing adoption experience in several countries and practical case with Cambodian central bank were additional benefits.”

Additional Resources:

About Hyperledger

Hyperledger is an open source collaborative effort created to advance blockchain technology by addressing important features for a cross-industry open standard for distributed ledgers. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger as a Collaborative Project under the foundation. To learn more, visit: https://www.hyperledger.org/.

Contact

Emily Fisher
Hyperledger/Linux Foundation
efisher@contractor.linuxfoundation.org

Welcome Hyperledger Iroha 1.0: Flattening the DLT learning curve

By Blog, Hyperledger Iroha

My first experience running a blockchain was when I first launched a Bitcoin node about six years ago. I got into Bitcoin out of curiosity and because the idea of sending value as digital data across the Internet was a very compelling idea.

Since those early days of experimentation, blockchain and DLT have emerged and found its place in enterprise — companies, individuals, consortiums want to get rid of non-transparent resource allocation, corruption, and fraud. Today, diamonds are registered on a blockchain, insurance companies know if you registered your MacBook at several places, and cross-border payments can operate more efficiently.

While blockchain technology has passed its longevity test, the software in general is still far from being integrator-friendly, developer-oriented, and straightforward; specifically when it comes to using distributed ledger technology instead of a database. This is where Hyperledger Iroha is different. With Hyperledger Iroha, it took me about 10 minutes to start building a blockchain. And now the Hyperledger Iroha team is releasing its first production-ready version, offering a faster, less complex path to DLT deployment. Welcome Hyperledger Iroha v1.0!

When it comes to solutions for business, it is critical that the technology is fit for the task and easy to integrate. Moreover, it must be reliable and safe so a business can trust it. Hyperledger Iroha provides safety with its decentralized consensus algorithm and reliability with a tested set of commands and queries. With them you can be sure that the code will do exactly what it is supposed to do — whether you want to add information to, or get information from, the ledger.

For this release the team prepared a special set of improvements:

  • New native client libraries deliver cross-application support for desktop/server (on Java, Python, C++) or mobile (iOS, Android (Java)) applications. You only need to get an idea of the client application and you are ready to go! Take a look at desktop and mobile application examples: on Java or JS: https://github.com/soramitsu/iroha-wallet-js
  • Novel, asynchronous consensus algorithm supporting one step agreement on votes with vote collection optimizations included (Yet Another Consensus; YAC). This means that even if a node is faulty, your decentralised ledger will still be up and running correctly. You can now focus on implementing your business application, leaving the question of whether you can trust partners’ nodes to Hyperledger Iroha.
  • Multi-signature transactions, or as we call them, MST, are now ready for production use. What does it mean for your business? It means that you can set a quorum, such that transactions from your company’s wallet will need several signatories instead of just one — just like in traditional banking, but quicker and more secure. This can also be used to model complex business processes in a secure and automatic way.
  • New backwards-compatibility allows you to integrate Hyperledger Iroha into your business and be sure that no breaking changes will affect it.

Hyperledger Iroha is already gaining strong traction with the community and enterprises:

Alexander Yakovlev from Moscow Exchange Group’s National Settlement Depository is using Hyperledger Iroha in D3 Ledger, and he said: “Global business is always terrific, and we looked for a solution that fits our requirements and is 100% open-sourced and oriented for the specific needs of our task. Features such as Iroha’s account management and supportive community, in addition to Soramitsu’s KYC application, were key factors in our decision to use Iroha for D3 Ledger. Iroha’s existing adoption in several countries and the practical use case with the Cambodian central bank were additional benefits.”

Hyperledger Iroha is already used in asset management, identity management, and payment systems. From simple asset transfers to secure information exchange about customers, Hyperledger Iroha can be used to empower a multitude of use cases, all without the need to program custom smart contracts.

Last year, I wrote a paper about Sora Identity, an implementation of a self-sovereign identity protocol using Hyperledger Iroha. Since then, we have worked on expanding this app and now we have a working product for KYC, targeted towards financial institutions. We are now expanding this to be at the core of the Sora decentralized autonomous economy, an exciting new type of economic system, geared towards empowering the creation of new goods and services.

Try it – simplicity and friendly support from the community will surely help you find your own way of improving your project with Hyperledger Iroha blockchain. You can find the Hyperledger Iroha 1.0 documentation here: https://iroha.readthedocs.io/en/latest/. Follow the “Getting Started” guide to create your first Iroha network in 10 minutes.

Developer showcase series: Zilya Yagafarova, Soramitsu

By Blog, Developer Showcase, Hyperledger Iroha

Give a bit of background on what you’re working on, and let us know what was it that made you want to get into technology? How did you get involved in blockchain? In Hyperledger?

I am a project manager for Soramitsu and I work with a team of highly skilled developers writing code for different platforms and also QA and DevOps specialists.

I have been interested in IT since I was a child and, by the age of 14, had already decided to commit myself to studying computer technologies. After graduating from university, I worked as a technical support engineer, an engineer of information systems’ implementation, and a business and system analyst. Now, I am a project manager.

The thing about IT is that you have to constantly learn new skills and work on self-development. Technology is advancing constantly, so you should become a better version of yourself everyday.

A few years ago, blockchain technology appeared on the market–it was new and seemed promising. My friends had already worked on Hyperledger projects and inspired me to join them.

What project in Hyperledger are you working on? Any new developments to share? Can you sum up your experience with Hyperledger?

I am a project manager of Project Bakong, a payment system that is developed in collaboration with the National Bank of Cambodia (NBC) using Hyperledger Iroha blockchain. We have finished with the implementation of the core system and will to launch a pilot with dozens of Cambodian banks, which is very exciting. Some of our technology is also being used in a decentralized autonomous economic system called Sora and in a decentralized digital asset custodian and settlement service called D3 Ledger. Collaborating with other projects is intellectually stimulating and enjoyable.

We decided to use Hyperledger Iroha because it is created for financial institutions to build highly performant systems that can scale to large numbers of concurrent users (in our case it is the population of a whole country!) and it proved itself capable of performing the task, in my experience.

What’s the one issue or problem you hope blockchain can solve?

The main target of the project I am working on is to help expand access to financial services for Cambodian people by providing instant payments through a mobile application and robust, modernized infrastructure.

Blockchain is a new and very promising technology, especially when it comes to finance – transactions in Hyperledger Iroha have settlement finality and the data are impossible to corrupt.

What is the best piece of developer advice you’ve ever received?

Design first–analyse the task from every angle and only then write the code that you fully comprehend; do not rely on random chance because it will not work.

What advice would you give for other women who want to build their careers in development? In blockchain?

Believe in yourself and in your capabilities. Then just work hard.

What technology could you not live without?

That must be maps and translation software. I travel a lot because our company is as decentralized as its products, and it would be impossible to discover the world as I do now without a way to communicate and navigate in it.

Hyperledger Iroha Security Audit Results

By Blog, Hyperledger Iroha

Introduction

The time has come again for another Hyperledger project to begin their version 1.0 release process. Hyperledger Iroha is getting close to a 1.0 release and as part of that, Hyperledger hired an outside security auditing firm to review the code and audit it for security vulnerabilities. Nettitude conducted a review of the code this past fall and reported their findings to the Hyperledger security team and the Iroha developers.

The Iroha audit found four security issues, including one that was critical enough to require us to issue our first Common Vulnerabilities and Exposure (CVE) notice. All four issues were tracked using our JIRA and resolved shortly after the audit concluded.

I want to highlight the details of two of the security issues that the audit discovered because they show how easy it is to make bad assumptions about cryptography that results in a critical failure. Crypto code is always difficult to get right and as you will see, knowing good coding practices isn’t always enough. A developer must also be aware of algorithm and implementation details and the guarantees offered by a cryptographic primitive.

Blockchain Review

Before digging into the error, let us review the way things are supposed to work in a permissioned blockchain network. Figure 1 shows the normal process of transaction proposal and verification. In the diagram, Node 1 proposes the transaction by signing it and forwarding it to Node 2. Node 2 verifies the validity of the transaction as well as the validity of Node 1’s digital signature endorsement. Node 2 then endorses the transaction and forwards it to Node 3. Node 3 does the same checks as Node 2 except that it is also careful to ensure that the endorsements from Node 1 and Node 2 are both valid and unique. If everything passes the checks, Node 3 endorses the transaction and forwards it to Node 4. Node 4 now repeats the checks of Node 2 and Node 3 and sees that the transaction has enough valid and unique endorsements to be accepted into the next block of the blockchain. Node 4 transmits the fully endorsed and accepted transaction to all other nodes in preparation of the block construction and consensus steps. It is important to point out that not only is the validity of each digital signature important, but that a transaction also has enough unique endorsements before it will be accepted.

Figure 1—How a transaction is endorsed and validated.

Signature Schemes

Hyperledger Iroha uses the Twisted Edwards Curves based elliptic curve digital signature scheme more commonly known as Ed25519 or EdDSA. Unlike almost every other elliptic curve digital signature scheme, Ed25519 doesn’t take random data as one of its inputs. Most digital signature schemes generate a random number used only once—also known as a nonce (Number used ONCE)1—when calculating a digital signature of a message. The reason for this is because a digital signature is just a message digest encrypted using a public key encryption algorithm. Public key encryption algorithms are trivial to break if there is no nonce or a nonce gets reused, with the same secret key, to encrypt multiple messages.2 This is called a “chosen plaintext attack”.3 Figure 2 shows how a random nonce is used when encrypting the message digest to create the digital signature. By including a nonce, repeated use of the secret key over different messages does not compromise the encryption. Digital signatures using this method are different even though the same secret key and message are used.

Figure 2—Digital signature calculation with random nonce.

The Ed25519 signature scheme used by Iroha is different in that it generates the nonce by processing the inputs to the signing algorithm and thus repeated signatures of the same data with the same key result in the same encrypted data.4 This doesn’t compromise the key because the nonce is still different for different inputs. Figure 3 illustrates how the nonce for an Ed25519 digital signature is calculated from the input message and are therefore deterministic rather than generated randomly. Digital signatures using this method are the same when the same secret key and message are given.

Figure 3—Digital signature calculated with deterministic nonce.

The Bug

The flaw in Iroha was that the developers wrote the signature checking code to assume that signing the same data with the same key would always result in the same encrypted data. When determining if a transaction has enough different signatures to be valid, the code was comparing the public key bytes as well as the digital signature bytes when testing to see if two signatures were different. Figure 4 shows how the public key bytes and the digital signature bytes were combined when checking to see if two endorsements were different.

Figure 4—Flawed endorsement check that includes digital signature bytes.

The auditors at Nettitude created a modified version of the Ed25519 signature library so that it instead used random nonces, thus creating different encrypted data for the same secret key and message data. Figure 5 shows how the comparison of endorsements fails when random nonces are used. The resulting endorsements are not the same even though the message and secret key used to sign the message are the same.

Figure 5—Random nonces produce different signatures from the same inputs.

The result is that other nodes in the Iroha network—nodes running unmodified Ed25519 libraries—correctly validate the signatures because the public key correctly decrypts the digital signatures but the code for testing the uniqueness of the signatures is fooled. Each validating node sees different signatures for the same data and the same secret key and assumes they are unique endorsements and that the transaction is properly endorsed. Figure 6 shows how the Nettitude engineers were able to fully bypass this check with their single malicious node. It resulted in a bypass of the Byzantine guarantees of the system.

Figure 6—A malicious node bypassing the Byzantine checks.

The Fix

The correction for this security bug is to change the transaction and block signature validation code to first check that all signatures are valid and then check only the public keys for uniqueness when determining if there are enough valid and unique signatures on a transaction or block. Figure 7 shows how the scenario in Figure 6 plays out with the fixed code. Again a malicious node with a modified Ed25519 implementation signs a transaction multiple times with the same key. The signature bytes are unique, but the keys are not. When the other nodes in the network check the transaction, they see three valid signatures but the keys are not different. Each nodes determines that there is only one unique and valid signature and rejects the transaction.

Figure 7—A malicious node unable to bypass the Byzantine checks.

Two bugs were filed, one for transaction validation and one for block validation to address this flaw. The first bug is titled “multi-signature transactions can potentially be authorised by single user”5 The second bug is titled “vote early, vote often”6 Both flaws were fixed shortly after the report was given to us from Nettitude and the current version of Iroha has been fixed.

Conclusion

It is very important for developers to understand the subtleties of cryptography and applying it to engineering problems. Careful study and consideration of the guarantees and assumptions is required as well as multiple reviews from other engineers with similar knowledge and attention to detail. The “many eyeballs” theory of open source software development does work. This audit proved it.

The management and technical reports from the audit can be found on the Hyperledger wiki.

Links

  1. https://en.wikipedia.org/wiki/Cryptographic_nonce
  2. https://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/
  3. https://en.wikipedia.org/wiki/Chosen-plaintext_attack
  4. https://ed25519.cr.yp.to/ed25519-20110926.pdf
  5. https://jira.hyperledger.org/browse/IR-2
  6. https://jira.hyperledger.org/browse/IR-3