Blockchain Explored IBM Blockchain Proof of Technology Workshop
Blockchain Explored
IBM BlockchainProof of Technology Workshop
The Participants in a Blockchain NetworkSystemsContext
BlockchainUser
Certificate Authority
Blockchain Developer
Blockchain Network Operator Traditional
Processing Platforms
Traditional Data Sources
Blockchain
B2B transactions
access to logic
access to data
creates applications
operates
accesses security
certificates
Regulator
performs oversight
The Participants in a Blockchain Network
R U
D
O
ü
3
Blockchain Participants
the business user, operating in a business network. This role interacts with the Blockchain using an application. They are not aware of the Blockchain.
the overall authority in a business network. Specifically, regulators may require broad access to the ledger’s contents.
the developer of applications and smart contracts that interact with the Blockchain and are used by Blockchain users.
defines, creates, manages and monitors the Blockchain network. Each business in the network has a Blockchain Network operator.
manages the different types of certificates required to run a permissioned Blockchain.
an existing computer system which may be used by the Blockchain to augment processing. This system may also need to initiate requests into the Blockchain.
an existing data system which may provide data to influence the behavior of smart contracts.
BlockchainUser
BlockchainDeveloper
Certificate Authority
BlockchainRegulator
Traditional Processing
Platform
Traditional Data
Sources
BlockchainNetworkOperator
U
R
D
O
ü
4
The Components in a BlockchainComponentModel
Blockchain Components
Membership
Smart Contract
Systems Management
Events
ConsensusNetwork
Wallet
Ledger contains the current world state of the ledger and a Blockchain of transaction invocations
f(abc); encapsulates business network transactions in code. transaction invocations result in gets and sets of ledger state
…
E T
a collection of network data and processing peers forming a Blockchain network. Responsible for maintaining a consistently replicated ledger
manages identity and transaction certificates, as well as other aspects of permissioned access
creates notifications of significant operations on the Blockchain (e.g. a new block), as well as notifications related to smart contracts. Does not include event distribution.
provides the ability to create, change and monitor Blockchain components
securely manages a user’s security credentials
i
Blockchain
Systems Integration
responsible for integrating Blockchain bi-directionally with external systems. Not part of Blockchain, but used with it.
6
Blockchain Components
Application
Membership
Smart Contract
Systems Management
Ledger
Events
ConsensusNetwork
Wallet SystemsIntegration
…
T E
i
7
BlockchainU
sers
Inte
rest
sD
evel
oper
sIn
tere
sts
Time when topic is investigated in detail
f(abc);
How Applications use the LedgerThekeyelementsofaBlockchainapplication
World/Ledgerstate
Blockchain
block
txn txn txn txn …
*SmartContractimplementedusingchaincode
Blockchaindeveloper
SmartContract
invokesdevelops
develops
each‘put’or’delete’invokerecorded
*
Application
Blockchain Applications and the Ledger
Accesses(RestAPI)
event
emits
emits
D
9
Ledger
‘get’ ‘put,‘delete’
Blockchain Applications
• Application– FocusesonBlockchainuserbusinessneedsandexperience– Callssmartcontractforinteractionswithledgerstate– Canaccesstransactionledgerdirectly,ifrequired– Canprocesseventsifrequired
• SmartContract– Chaincodeencapsulatesbusinesslogic.Choiceofimplementationlanguage– Contractdeveloperdefinesrelevantinterfaces(e.g.queryOwner,updateOwner …)– Differentinterfacesaccessledgerstateaccordingly– consistentreadandwriteprovided– Eachinvocationofasmartcontractisa“Blockchaintransaction”
• Ledger– World/Ledgerstateholdscurrentvalueofsmartcontractdata
• e.g.vehicleOwner=Daisy– Blockchainholdshistoricsequenceofallchaincodetransactions
• e.g.updateOwner(from=John,to=Anthony);updateOwner (from=Anthony,to=Daisy);etc
10
Operating Blockchain NetworksConfiguringforareplicatedledger
Maintaining a consistent ledger
Keepallpeersup-to-dateFixanypeersinerror
Quarantineallmaliciousnodes
CONSENSUS
before after
LEDGER STATE
peer
12
ABC DEF
ABC
ABC ABC
ABC JKLJKL
BlockchainOperator
configures,operatesSmart
Contract
Application
deployed toandexecutesonpeernodes
invokeSC
peer
Exactnetworkstructuredependsonconsensusmechanism.e.g.PBFThasleader,validatingand
non-validatingpeers
ConsensusNetwork
Consensus and the Blockchain Network
O
consensusmsg
consensusmessagesflowbetweenappropriatepeerstoensuretheBlockchainSCtransactionsarekeptinorder;worldstateiskeptconsistentthroughlocal
transactionreplay
……
scscsc
…
…scscsc
…
…
…scscsc
…scscsc
13
How a PBFT Network Works (1/4) – Submission
Non-validatingpeer
Validatingpeer
ValidatingLeader
456
Transaction submitted to network 123
Transaction submitted to network
789
Transaction submitted to network
…789 123 456
…456 789 123
…456 123 789
…123 456 789
How a PBFT Network Works (2/4) – Ordering
Non-validatingpeer
Validatingpeer
ValidatingLeader
456 123
789…
123 456 789
…123 456 789
…123 456 789
…123 456 789
15
…123 456 789
Consensusnetworkestablishesorderas
How a PBFT Network Works (3/4) – Execution
Non-validatingpeer
Validatingpeer
ValidatingLeader
…123 456 789
…123 456 789
…123 456 789
…123 456 789
16
…123 456 789
Consensusnetworkestablishesorderas
Δ
Δ
Δ
Δ
How a PBFT Network Works (4/4) – Distribution
Non-validatingpeer
Validatingpeer
ValidatingLeader
…123 456 789
…123 456 789
…123 456 789
…123 456 789
17
…123 456 789
Consensusnetworkestablishesorderas
Blockchain Networks
• BlockchainNetwork– Comprisesaconnectedsetofpeernodes,eachowningacopyoftheledger– Peerscollaboratetomaintainconsistentreplicatedcopiesoftheledger
• Differentmechanismsforcollaboration– so-called“consensusprotocols”– Peersmanagedbykeynetworkparticipants
• ConsensusProtocolOptions– PBFTexcellentfirstchoice.NOOPs(NoOperation)availableforstarternetworks– Otherprotocolscanbeadded(non-trivial!)
• PBFTOverview– Definesnon-validatingpeers,validatingpeers,with1-validatingleader– Leaderreceivestransactionsfromconnectedapplications– Leaderorganizesanddistributestransactionswithvalidatornetwork
• Copeswitherringandmaliciousvalidatorsatverylowcomputecost– Eachv-peerexecutestransactionstobringlocalledgercopyup-to-date– Non-validating-peers’ledgersmaintainedfromconnectedvalidating-peer’s– Castro&Liskov's paper‘PracticalByzantineFaultToleranceandProactiveRecovery’
18
Synchronization
• Ifanodedropsfromthenetworkorreceivesdifferenttransactionresultsoranewnodejoins,thereare3optionsforgettingbackuptospeed:
19
…
…
…
Type 1Get Delta
Type 2Get Blocks
Type 3Get Snapshot
• GetDeltas(Smallest)– Thenode receivesthedeltasofthechangesfromprevioustransactionstoupdateitsworldstate
– Smallesttransfersize
• GetBlocks– TheNodereceivesthesequentialsetofblocksitismissing
• GetSnapshot– TheNodereceivesasnapshotoftheWorldState
– Largesttransfersize
…
Consensus ConsiderationsTransactionandidentityprivacy
Non-Deterministic Number Errors
21
…123 456 789
…123 456 789
…123 456 789
…123 456 789
ExternalSystem
1005
– Ifeachsmartcontractcallsout toexternalsystemtoreceiveinformation orusesanon-deterministicvariable,itwillpreventconsensusbeingachieved.
– Allexternaldatasourcesshould return thesameresultforthesamecallsandvariablesmustbedeterministic,anynon-deterministicvaluesmustbedefined aspartofthetransaction
Requested current mileage of moving car
1006
1007
1008
Duplicating Results
22
…123 456 789
…123 456 789
…123 456 789
…123 456 789
ExternalSystem
+100
+100
+100+100
– Ifeachsmartcontractstorescallsouttoalterinformationinanexternalsystem,itcouldleadtoduplication
– TheUUIDofeachtransactionorthenoncecanbeusedsoonlyoneinstanceofthecallwillbeaddedtoanyexternalsystem
+100 or +400 ?
Permissioned Ledger AccessTransactionandidentityprivacy
Requestscertificates
1xEcert,NxTcert
ConsensusNetwork
BlockchainUserA
usesEcert
Tcert invokesSCtxn(signedwithTkeyA,
encryptedwithTkeyA,TkeyB…)TkeyA
Smartcontract
deployedoneveryvalidatingpeer
Enrollmentcertificates(Ecerts)andTransactioncertificates(Tcerts)canonlybelinkedbyCAand
user …
(signedwithEkey oforigin,encrypted withvalidators’key)
BlockchainUserB
TkeyB
TkeyB
sharesTcertpublickey
Accessesledger
Permissioned Ledger Access
U
U
Application
Application
uses
TkeyB
ü
sc
Membership
CertificateAuthority
(storedinwallet)
24
Transaction and Identity Privacy
• TransactionCertificates,Tcerts– Disposablecertificates,typicallyusedonce,requestedfromTransactionCA– Tcert derivedfromlongtermidentity- EnrollmentCertificate,Ecert– OnlyTransactionCAcanlinkEcert andTcert
• PermissionedInteractions– ConsumersharespublicTcert toprovider– Providerinvokeschaincodetransactionasusual,but
• Signswithprovider’sprivateTcert forauthentication• EncryptswithproviderandconsumerTcerts forsubsequentaccess
– Consumerscansubsequentlyaccessledgerdatausingtheirprivatekey
• Securechaincode– CCcanalsobesignedandencrypted,tokeepverifyandsecurecontractdetails– Signingisbycontractowner/author– Encryptionensuresonlyvalidatorscanseeandexecutetransactionchaincode
25
Integrating with Existing Systems
Blockchainnetwork
…
Integrating with Existing Systems
Transform Existingsystems
4. Systemevents
3. Blockchainevents
Smartcontract
1. Callout toexistingsystemstoenrichsmartcontractlogic
27
2. CallintoBlockchainnetworkfromexistingsystems
Integrating with Existing systems
• BlockchainisnetworkSystemofRecord
• Smartcontractscancallouttoexistingsystems– Queryismostlikelyinteractionforsmartdecisions
• e.g.allpaymentsmadebeforeassettransfer?– TransactionsexecuteoneverypeerintheBlockchainnetwork
• Careoverpredictability… transactionmustprovidesameoutputseachtimeitexecutes
• Two-wayexchange– EventsfromBlockchainnetworkcreateactionsinexistingsystems– CumulativeactionsinexistingsystemsresultinBlockchaininteraction
• TransformationbetweenBlockchainandexistingsystems’formats– GBO,ASBOismostlikelyapproach– StandardapproachwillbeforGatewayproductstobridgetheseformats– GatewayconnectstopeerinBlockchainnetworkandexistingsystems
28
Summary and Next StepsForusers
Summary and Next Steps
• WeareatthebeginningoftheBlockchainjourney!
• ApplysharedledgersandsmartcontractstoyourBusinessNetwork
• Thinkaboutyourparticipants,assetsandbusinessprocesses
• Spendtimethinkingaboutrealisticbusinessusecases
• Getsomehands-onexperiencewiththetechnology
• DoaFirstProjectin2017!
• IBMcanhelpwithyourjourney
30
Thank You!
31