Explore Courses Blog Tutorials Interview Questions
0 votes
1 view
in Blockchain by (12.8k points)

I am creating a blockchain app in Hyperledger that performs a bidding process for a manufacturing company. The bidding process involves 4 suppliers (Supplier A to Supplier D). The one with the lowest bid wins.

I am able to create the chaincode for this. However, since it is a blockchain, the suppliers can see each other's bid (e.g., by simply looking at the contents of the blocks). In addition, the non-winning suppliers will know who actually won the bidding process.

I want to enforce the following privacy rules in the blockchain:

a. the bid of a particular supplier should be viewable only by the manufacturing company and the supplier itself (e.g., supplier A cannot see the bid of supplier B)

b. only the manufacturing company and the winning supplier knows who won (e.g., if supplier A loses the bid, supplier A only knows that it lost the bid but has no idea who won)

I have looked at the purpose of the transaction certificate, and I think this will address my privacy concerns.

I am able to request for multiple transaction certificates using the REST API. However, I am not sure how to utilize the transaction certificates.

Is it meant to be used outside of the chaincode (e.g., is it is used to encrypt parameters that will be passed to an invoke function)?

Or is it meant to be passed as a parameter to a chaincode function and use it inside the chaincode to encrypt a particular data before storing it in the blockchain?

How do I perform the actual encryption using the transaction certificates?

I am currently using v0.6 of the Hyperledger fabric for my chaincode. For my front end, I'm using Node.JS HFC SDK v0.6.5.

Is there a sample code that I can use as a basis to understand how transaction certificates are used to address privacy?

1 Answer

0 votes
by (29.8k points)

Enrolled users can request transaction certificates. Then, these certificates are for invoking Chaincode transactions on the blockchain. I think that these certificates don't let your privacy, they are more to authenticate the owner of the transaction.

The v1.0 gives you the chance to creating isolated Blockchains inside your network. That's possible thanks to the channels. When you define a Channel, you define who are the members of it, so, only those peers could send transactions through that channel. Therefore, only members of the channel could see your transactions. So, for your approach, you should create four channels, each one for each supplier. The manufacturing company should be a member of all channels.

Browse Categories