hyperledger fabric: towards scalable blockchainfor business · hyperledger fabric: towards scalable...
TRANSCRIPT
© 2015 IBM Corporation
Hyperledger fabric: towards scalable blockchain for business
Marko Vukolić, IBM Research - Zurich
Trust in Digital LifeThe Hague, Netherlands, June 17 2016
© 2015 IBM Corporation
Blockchain – shared, replicated, ledger
Counter-partyrecords Bank records
Party C’s Records Auditor records
Party B Records
Party A’s Records
Ledger
Ledger
Ledger
Ledger
Ledger
Ledger
Participants have possibly multiple shared ledgers
Consensus protocol ensures ledger replicas are identical*
© 2015 IBM Corporation
What is a Blockchain?
• A chain (sequence) of blocks of transactions- Each block consists of a number of transactions
• Bitcoin transactions- simple virtual cryptocurrency transfers- (address A, address B, amount)
• Transactions do not have to be simple nor related to cryptocurrency- E.g., smart contracts (Ethereum)- chaincode (Hyperledger)
3
#234 #235 #236…#1#0
Genesis block
© 2015 IBM Corporation
Growing Proof-of-Work (PoW)-based Blockchain
§ Block “mining”:─ Every participant (“miner”) tries to find nonces─ such that the hash of the block h is lower than a 256-bit target
§ Bitcoin─ Target dynamically adjusted: 1 block generated roughly every 10 minutes─ Already in 2014, this required more than 280 expected hashes
4
#234… #235 #236
A =hash of block #236B = Root hash of
Merkle tree of txhashes
C = nonce 1D = nonce 2
Block #237
Transactions(payload)
h = hash of Block #237 = SHA256(A||B||C||D)
© 2015 IBM Corporation
Example (longest/most difficult chain wins)
5
#234… #235 #236
#237A
#237B
#238B
#239B
© 2015 IBM Corporation6
#234… #235 #236
#237A
#237B
#238B
#239B
Orphaned block
Example (longest/most difficult chain wins)
© 2015 IBM Corporation
Implications and the performance issue
PoW way of extending the ledger heavily and negatively impacts system scalability and overall throughput
§ Bitcoin: With 1 block every 10 minutes and fixed block size of 1 MB─ Peak throughput: only 6-7 tx/sec─ Latency (of 6 block confirmations): about 1h
§ Better performance by tuning PoW parameters?─ shorter block generation times (increasing block frequency)?─ larger blocks?─ Different conflict resolution rules?─ Limited benefits, potentially weaker security
7
© 2015 IBM Corporation
Introducing smart contracts/chaincode
Modern crypto ledgers (e.g., Ethereum, Hyperledger)
aim at supporting “smart contracts” or “chaincodes”
A smart contract is an event driven program, with state, which runs on a replicated, shared ledger and which can take custody over assets on that
ledger. [Swanson2015]
“Smart contract” à (replicated) state machine
8
© 2015 IBM Corporation
State machine replication (SMR)
§ Classical Distributed Computing problem
What machine faults?
§ Crash faults (CFT): A machine simply stops execution and halts─ Paxos, RAFT, Zookeeper AB,…
§ Non-crash (a.k.a. Byzantine) faults (BFT)─ A model that cryptocurrencies adopt
9
#234… #235 #236
#237A
#237B
#238B
#239B
No forks!
© 2015 IBM Corporation
BFT Consensus (example of PBFT [TOCS2002])
10
Party A (leader)
Party BParty C
Party D
Tx1
Commit the block to the local copy of blockchain(if 2f+1 out of 3f+1 agree)
Many other things burden the implementation (it is not simple as it might look)• Leader election• State transfer (new, slow Party)• Reconfiguration
Tx2Tx3Tx4
Seq #24View no
Validate the block… #21 #22 #23 Tx1
Tx2Tx3Tx4
Seq #24View no
© 2015 IBM Corporation
PoW vs. SMR for Blockchain (simplified overview)
11
Proof of Work (Bitcoin, Ethereum,...) State machine replication (Ripple, Hyperledger, …)
Membership type
Permisionless Permissioned
User IDs(Sybil attack)
Decentralized, Anonymous(Decentralized protection by PoWcompute/hash power)
Centralized, all Nodes know all other Nodes (Centralized identity management protects against Sybil attacks)
Scalability(no. of Nodes)
Excellent, >100k Nodes Verified up to few tens (or so) Nodes(scalability limits not well explored)
Scalability(no. of Clients)
Excellent Excellent
Latency Poor, up to 1h Depends on the implementation/deployment (order of ms)
Throughput 7 tx/sec upper bound (Bitcoin) >10k tx/sec with existing implementations in software
Power efficiency
>1 GW (Bitcoin) Good (commodity hardware)
Temporary forks in blockchain
Possible (leads to double-spending attacks)
Not possible
Consensus Finality
No Yes
Open research problem:Given the use case, network, no. of nodes
What is the most suitable and scalable Blockchain technology/protocol?
© 2015 IBM Corporation12
Marko Vukolić.The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT ReplicationProceedings of the 2015 International workshop on open problems in network security (iNetSec 2015).
© 2015 IBM Corporation13 https://www.hyperledger.org/https://github.com/hyperledger
© 2015 IBM Corporation
Existing blockchains unify many functionalities in one node
This limits achievable performance and harms scalabilityAt odds with confidentiality
Transaction validation
Ledger/state maintenance
Consensuslogic
Smart contract execution
© 2015 IBM Corporation
Hyperledger fabric v2 – architecting a scalable blockchain§ Hyperledger fabric v2 (late 2016/early 2017)
─ Separation of concerns
Consensus fabric
Architecture-level approach to scalable and confidential blockchainGoal: Towards hundreds of consenters/peers running many thousands tpshttps://github.com/hyperledger/fabric/wiki/Next-Consensus-Architecture-Proposal
Chaincode A execution
Chaincode A validation
Chaincode B execution
Chaincode B validation
© 2015 IBM Corporation
Blockchain fabric comparison
Feature Attribute Bitcoin(digital cash)
Ripple(inter-bank remittances)
Ethereum(distributed applications)
Hyperledger fabric(generic blockchainfabric)
Open Membership Permissioned vs.
Permissionless
Permissionless Permissioned Permissionless Permissioned
No transaction, once verified, can be changed by any party
Consensus algorithm
Proof of work (custom-made)Byzantine fault-tolerant (BFT) consensus
Proof of work, Proof of stake
Pluggable consensus framework(currently: proven practical BFT)Prevention of asset double-spending
Business logic can self-execute with assurance that the terms can not be altered by any party without agreement from stakeholders
Smart contracts support
Very limited(stack-based scripting language)
None(had Codius, but discontinued)
Solidity domain specific language (DSL) (Turing-complete)
Go (golang), Java (in progress)+Support for other languages and DSLs envisioned in future
Transaction execution evolves around a blockchain-specific digital currency
Native cryptocurrency
Yes (BTC) Yes (XRP) Yes (ETH) No
Transaction confidentialityEncryption,
key-distributionCryptographic mechanisms
No No Smart contract level confidentiality
Smart contract (chaincode) level + fabric-level confidentiality
https://github.com/hyperledger/fabric
©2016 IBM Corporation
Thank You!
© 2015 IBM Corporation
Hyperledger (v2) transaction flow
client (C) submittingpeer (SP)
endorsingpeer (EP1)
endorsingpeer (EP2)
endorsingpeer (EP3)
peer (P1)
consensusservice
consenters
Simulate/Execute txPayloadComputeverDepstateUpdate
Simulate/Execute txPayloadVerify
verDepstateUpdate
SignTRANSACTION-VALID
CollectTRANSACTION-VALIDsigsintoendorsementtosatisfyendorsementPolicy(chaincodeID)
1
2
3
4
5
VerifyverDep,endorsement
IfOKapplystateUpdates
5
Consensus service API:• Broadcast(blob) blob=(tran-proposal, endorsement)• Deliver(seqno,prevHash,blob)
45
<TRANSACTION-VALID, txID,sigEPi>3
<SUBMIT,cID,chaincodeID,txPayload,sigC>1<PROPOSE,txPayload,tran-proposal,sigSP> (tran-proposal := (spID,clientID,chaincodeID,HASH(txPayload),stateUpdate,verDep))2