IBM Blockchain Proof of Technology Workshop · – Castro & Liskov's paper ‘Practical Byzantine Fault Tolerance and Proactive Recovery ... –The Node receives a snapshot of the

Blockchain Explored

IBM BlockchainProof of Technology Workshop

The Participants in a Blockchain NetworkSystemsContext

BlockchainUser

Certificate Authority

Blockchain Developer

Blockchain Network Operator Traditional

Processing Platforms

Traditional Data Sources

Blockchain

B2B transactions

access to logic

access to data

creates applications

operates

accesses security

certificates

Regulator

performs oversight

The Participants in a Blockchain Network

R U

D

O

ü

3

Blockchain Participants

the business user, operating in a business network. This role interacts with the Blockchain using an application. They are not aware of the Blockchain.

the overall authority in a business network. Specifically, regulators may require broad access to the ledger’s contents.

the developer of applications and smart contracts that interact with the Blockchain and are used by Blockchain users.

defines, creates, manages and monitors the Blockchain network. Each business in the network has a Blockchain Network operator.

manages the different types of certificates required to run a permissioned Blockchain.

an existing computer system which may be used by the Blockchain to augment processing. This system may also need to initiate requests into the Blockchain.

an existing data system which may provide data to influence the behavior of smart contracts.

BlockchainUser

BlockchainDeveloper

Certificate Authority

BlockchainRegulator

Traditional Processing

Platform

Traditional Data

Sources

BlockchainNetworkOperator

U

R

D

O

ü

4

The Components in a BlockchainComponentModel

Blockchain Components

Membership

Smart Contract

Systems Management

Events

ConsensusNetwork

Wallet

Ledger contains the current world state of the ledger and a Blockchain of transaction invocations

f(abc); encapsulates business network transactions in code. transaction invocations result in gets and sets of ledger state

…

E T

a collection of network data and processing peers forming a Blockchain network. Responsible for maintaining a consistently replicated ledger

manages identity and transaction certificates, as well as other aspects of permissioned access

creates notifications of significant operations on the Blockchain (e.g. a new block), as well as notifications related to smart contracts. Does not include event distribution.

provides the ability to create, change and monitor Blockchain components

securely manages a user’s security credentials

i

Blockchain

Systems Integration

responsible for integrating Blockchain bi-directionally with external systems. Not part of Blockchain, but used with it.

6

Blockchain Components

Application

Membership

Smart Contract

Systems Management

Ledger

Events

ConsensusNetwork

Wallet SystemsIntegration

…

T E

i

7

BlockchainU

sers

Inte

rest

sD

evel

oper

sIn

tere

sts

Time when topic is investigated in detail

f(abc);

How Applications use the LedgerThekeyelementsofaBlockchainapplication

World/Ledgerstate

Blockchain

block

txn txn txn txn …

*SmartContractimplementedusingchaincode

Blockchaindeveloper

SmartContract

invokesdevelops

develops

each‘put’or’delete’invokerecorded

*

Application

Blockchain Applications and the Ledger

Accesses(RestAPI)

event

emits

emits

D

9

Ledger

‘get’ ‘put,‘delete’

Blockchain Applications

• Application– FocusesonBlockchainuserbusinessneedsandexperience– Callssmartcontractforinteractionswithledgerstate– Canaccesstransactionledgerdirectly,ifrequired– Canprocesseventsifrequired

• SmartContract– Chaincodeencapsulatesbusinesslogic.Choiceofimplementationlanguage– Contractdeveloperdefinesrelevantinterfaces(e.g.queryOwner,updateOwner …)– Differentinterfacesaccessledgerstateaccordingly– consistentreadandwriteprovided– Eachinvocationofasmartcontractisa“Blockchaintransaction”

• Ledger– World/Ledgerstateholdscurrentvalueofsmartcontractdata

• e.g.vehicleOwner=Daisy– Blockchainholdshistoricsequenceofallchaincodetransactions

• e.g.updateOwner(from=John,to=Anthony);updateOwner (from=Anthony,to=Daisy);etc

10

Operating Blockchain NetworksConfiguringforareplicatedledger

Maintaining a consistent ledger

Keepallpeersup-to-dateFixanypeersinerror

Quarantineallmaliciousnodes

CONSENSUS

before after

LEDGER STATE

peer

12

ABC DEF

ABC

ABC ABC

ABC JKLJKL

BlockchainOperator

configures,operatesSmart

Contract

Application

deployed toandexecutesonpeernodes

invokeSC

peer

Exactnetworkstructuredependsonconsensusmechanism.e.g.PBFThasleader,validatingand

non-validatingpeers

ConsensusNetwork

Consensus and the Blockchain Network

O

consensusmsg

consensusmessagesflowbetweenappropriatepeerstoensuretheBlockchainSCtransactionsarekeptinorder;worldstateiskeptconsistentthroughlocal

transactionreplay

……

scscsc

…

…scscsc

…

…

…scscsc

…scscsc

13

How a PBFT Network Works (1/4) – Submission

Non-validatingpeer

Validatingpeer

ValidatingLeader

456

Transaction submitted to network 123

Transaction submitted to network

789

Transaction submitted to network

…789 123 456

…456 789 123

…456 123 789

…123 456 789

How a PBFT Network Works (2/4) – Ordering

Non-validatingpeer

Validatingpeer

ValidatingLeader

456 123

789…

123 456 789

…123 456 789

…123 456 789

…123 456 789

15

…123 456 789

Consensusnetworkestablishesorderas

How a PBFT Network Works (3/4) – Execution

Non-validatingpeer

Validatingpeer

ValidatingLeader

…123 456 789

…123 456 789

…123 456 789

…123 456 789

16

…123 456 789

Consensusnetworkestablishesorderas

Δ

Δ

Δ

Δ

How a PBFT Network Works (4/4) – Distribution

Non-validatingpeer

Validatingpeer

ValidatingLeader

…123 456 789

…123 456 789

…123 456 789

…123 456 789

17

…123 456 789

Consensusnetworkestablishesorderas

Blockchain Networks

• BlockchainNetwork– Comprisesaconnectedsetofpeernodes,eachowningacopyoftheledger– Peerscollaboratetomaintainconsistentreplicatedcopiesoftheledger

• Differentmechanismsforcollaboration– so-called“consensusprotocols”– Peersmanagedbykeynetworkparticipants

• ConsensusProtocolOptions– PBFTexcellentfirstchoice.NOOPs(NoOperation)availableforstarternetworks– Otherprotocolscanbeadded(non-trivial!)

• PBFTOverview– Definesnon-validatingpeers,validatingpeers,with1-validatingleader– Leaderreceivestransactionsfromconnectedapplications– Leaderorganizesanddistributestransactionswithvalidatornetwork

• Copeswitherringandmaliciousvalidatorsatverylowcomputecost– Eachv-peerexecutestransactionstobringlocalledgercopyup-to-date– Non-validating-peers’ledgersmaintainedfromconnectedvalidating-peer’s– Castro&Liskov's paper‘PracticalByzantineFaultToleranceandProactiveRecovery’

18

Synchronization

• Ifanodedropsfromthenetworkorreceivesdifferenttransactionresultsoranewnodejoins,thereare3optionsforgettingbackuptospeed:

19

…

…

…

Type 1Get Delta

Type 2Get Blocks

Type 3Get Snapshot

• GetDeltas(Smallest)– Thenode receivesthedeltasofthechangesfromprevioustransactionstoupdateitsworldstate

– Smallesttransfersize

• GetBlocks– TheNodereceivesthesequentialsetofblocksitismissing

• GetSnapshot– TheNodereceivesasnapshotoftheWorldState

– Largesttransfersize

…

Consensus ConsiderationsTransactionandidentityprivacy

Non-Deterministic Number Errors

21

…123 456 789

…123 456 789

…123 456 789

…123 456 789

ExternalSystem

1005

– Ifeachsmartcontractcallsout toexternalsystemtoreceiveinformation orusesanon-deterministicvariable,itwillpreventconsensusbeingachieved.

– Allexternaldatasourcesshould return thesameresultforthesamecallsandvariablesmustbedeterministic,anynon-deterministicvaluesmustbedefined aspartofthetransaction

Requested current mileage of moving car

1006

1007

1008

Duplicating Results

22

…123 456 789

…123 456 789

…123 456 789

…123 456 789

ExternalSystem

+100

+100

+100+100

– Ifeachsmartcontractstorescallsouttoalterinformationinanexternalsystem,itcouldleadtoduplication

– TheUUIDofeachtransactionorthenoncecanbeusedsoonlyoneinstanceofthecallwillbeaddedtoanyexternalsystem

+100 or +400 ?

Permissioned Ledger AccessTransactionandidentityprivacy

Requestscertificates

1xEcert,NxTcert

ConsensusNetwork

BlockchainUserA

usesEcert

Tcert invokesSCtxn(signedwithTkeyA,

encryptedwithTkeyA,TkeyB…)TkeyA

Smartcontract

deployedoneveryvalidatingpeer

Enrollmentcertificates(Ecerts)andTransactioncertificates(Tcerts)canonlybelinkedbyCAand

user …

(signedwithEkey oforigin,encrypted withvalidators’key)

BlockchainUserB

TkeyB

TkeyB

sharesTcertpublickey

Accessesledger

Permissioned Ledger Access

U

U

Application

Application

uses

TkeyB

ü

sc

Membership

CertificateAuthority

(storedinwallet)

24

Transaction and Identity Privacy

• TransactionCertificates,Tcerts– Disposablecertificates,typicallyusedonce,requestedfromTransactionCA– Tcert derivedfromlongtermidentity- EnrollmentCertificate,Ecert– OnlyTransactionCAcanlinkEcert andTcert

• PermissionedInteractions– ConsumersharespublicTcert toprovider– Providerinvokeschaincodetransactionasusual,but

• Signswithprovider’sprivateTcert forauthentication• EncryptswithproviderandconsumerTcerts forsubsequentaccess

– Consumerscansubsequentlyaccessledgerdatausingtheirprivatekey

• Securechaincode– CCcanalsobesignedandencrypted,tokeepverifyandsecurecontractdetails– Signingisbycontractowner/author– Encryptionensuresonlyvalidatorscanseeandexecutetransactionchaincode

25

Integrating with Existing Systems

Blockchainnetwork

…

Integrating with Existing Systems

Transform Existingsystems

4. Systemevents

3. Blockchainevents

Smartcontract

1. Callout toexistingsystemstoenrichsmartcontractlogic

27

2. CallintoBlockchainnetworkfromexistingsystems

Integrating with Existing systems

• BlockchainisnetworkSystemofRecord

• Smartcontractscancallouttoexistingsystems– Queryismostlikelyinteractionforsmartdecisions

• e.g.allpaymentsmadebeforeassettransfer?– TransactionsexecuteoneverypeerintheBlockchainnetwork

• Careoverpredictability… transactionmustprovidesameoutputseachtimeitexecutes

• Two-wayexchange– EventsfromBlockchainnetworkcreateactionsinexistingsystems– CumulativeactionsinexistingsystemsresultinBlockchaininteraction

• TransformationbetweenBlockchainandexistingsystems’formats– GBO,ASBOismostlikelyapproach– StandardapproachwillbeforGatewayproductstobridgetheseformats– GatewayconnectstopeerinBlockchainnetworkandexistingsystems

28

Summary and Next StepsForusers

Summary and Next Steps

• WeareatthebeginningoftheBlockchainjourney!

• ApplysharedledgersandsmartcontractstoyourBusinessNetwork

• Thinkaboutyourparticipants,assetsandbusinessprocesses

• Spendtimethinkingaboutrealisticbusinessusecases

• Getsomehands-onexperiencewiththetechnology

• DoaFirstProjectin2017!

• IBMcanhelpwithyourjourney

30

Thank You!

31