hyperledger fabric private data

关于

简要记录hyperledger fabric私有数据的实验，参照官方文档https://hyperledger-fabric.readthedocs.io完成。

实验环境

• Ubuntu18.04
• fabric版本：1.2.0
• docker版本：18.06
• docker-compose版本：1.23.0
• go版本：1.10.3

实现

tonasy@tonasy-Inspiron-3542:~/hyperledger-fabric/fabric-samples/first-network$ docker exec -it cli bash

安装链码，当前是默认的peer0.org1

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode install -n marblesp -v 1.0 -p github.com/chaincode/marbles02_private/go/
2019-01-07 02:22:24.260 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2019-01-07 02:22:24.260 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2019-01-07 02:22:24.568 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response: 

peer1.org1安装链码

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer1.org1.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode install -n marblesp -v 1.0 -p github.com/chaincode/marbles02_private/go/
2019-01-07 02:28:36.952 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2019-01-07 02:28:36.952 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2019-01-07 02:28:37.100 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response: 

peer0.org2安装链码

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_LOCALMSPID=Org2MSP

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export PEER0_ORG2_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer0.org2.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode install -n marblesp -v 1.0 -p github.com/chaincode/marbles02_private/go/
2019-01-07 02:36:20.219 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2019-01-07 02:36:20.219 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2019-01-07 02:36:20.372 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response: 

peer1.org2安装链码

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer1.org2.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode install -n marblesp -v 1.0 -p github.com/chaincode/marbles02_private/go/
2019-01-07 02:37:10.941 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2019-01-07 02:37:10.941 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2019-01-07 02:37:11.094 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response: 

实例化链码，用到了collections_config.json

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile $ORDERER_CA -C mychannel -n marblesp -v 1.0 -c '{"Args":["init"]}' -P "OR('Org1MSP.member','Org2MSP.member')" --collections-config  $GOPATH/src/github.com/chaincode/marbles02_private/collections_config.json
2019-01-07 02:52:12.881 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2019-01-07 02:52:12.881 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc

存储私有数据（“marble1”,“blue”,“35”,“tom”,“99”）

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_LOCALMSPID=Org1MSP

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export PEER0_ORG1_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

拼写错误。。。

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls -cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["initMarble","marble1","blue","35","tom","99"]}'
Error: error getting broadcast client: failed to load config for OrdererClient: unable to load orderer.tls.rootcert.file: open : no such file or directory

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["initMarble","marble1","blue","35","tom","99"]}'
2019-01-07 03:16:48.177 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 

peer0.org1查询私有数据，拼写错误。。。

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C channel -n marblesp -c '{"Args":["readMarble","marble1"]}'
Error: error endorsing query: rpc error: code = Unknown desc = access denied: channel [channel] creator org [Org1MSP] - proposal response: 

readMarble，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarble","marble1"]}'
{"color":"blue","docType":"marble","name":"marble1","owner":"tom","size":35}

readMarblePrivateDetails，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
{"docType":"marblePrivateDetails","name":"marble1","price":99}

切换到peer0.org2,查询私有数据

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer0.org2.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_LOCALMSPID=Org2MSP

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export PEER0_ORG2_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp

查询一般数据，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarble","marble1"]}'
{"color":"blue","docType":"marble","name":"marble1","owner":"tom","size":35}

查询“price”，失败

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
Error: endorsement failure during query. response: status:500 message:"{\"Error\":\"Failed to get private details for marble1: GET_STATE failed: transaction ID: 24272685f4611dee28f9967c39505fd3e4d384d6ce634f23ca2731e2c893c08f: Private data matching public hash version is not available. Public hash version = &version.Height{BlockNum:0x6, TxNum:0x0}, Private data version = (*version.Height)(nil)\"}" 

切换到peer0.org1，purge私有数据

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_LOCALMSPID=Org1MSP

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# export PEER0_ORG1_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

查询marble1 price，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
{"docType":"marblePrivateDetails","name":"marble1","price":99}

Create a new marble2，相当于添加了一个block7

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["initMarble","marble2","blue","35","tom","99"]}'
2019-01-07 08:01:34.878 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 

查询marble1 price，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
{"docType":"marblePrivateDetails","name":"marble1","price":99}

transfer marble2，相当于添加了一个block8

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","joe"]}'
2019-01-07 08:02:48.413 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 

查询marble1 price，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
{"docType":"marblePrivateDetails","name":"marble1","price":99}

transfer marble2，相当于添加了一个block9

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","tom"]}'
2019-01-07 08:03:43.479 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 

查询marble1 price，成功

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
{"docType":"marblePrivateDetails","name":"marble1","price":99}

transfer marble2，相当于添加了一个block10

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","jerry"]}'
2019-01-07 08:05:14.294 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 

查询marble1 price，失败

root@5cff955cf849:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'
Error: endorsement failure during query. response: status:500 message:"{\"Error\":\"Marble private details does not exist: marble1\"}" 

purge 私有数据的logs如下(新开一个终端)：

(first time)
tonasy@tonasy-Inspiron-3542:~$ docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'
2019-01-07 01:53:25.651 UTC [kvledger] CommitWithPvtData -> INFO 02c Channel [mychannel]: Committed block [0] with 1 transaction(s)
2019-01-07 01:53:25.651 UTC [pvtdatastorage] func1 -> INFO 02d Purger started: Purging expired private data till block number [0]
2019-01-07 01:53:25.651 UTC [pvtdatastorage] func1 -> INFO 02e Purger finished
2019-01-07 01:53:43.113 UTC [kvledger] CommitWithPvtData -> INFO 03b Channel [mychannel]: Committed block [1] with 1 transaction(s)
2019-01-07 01:53:46.001 UTC [kvledger] CommitWithPvtData -> INFO 03f Channel [mychannel]: Committed block [2] with 1 transaction(s)
2019-01-07 01:54:43.716 UTC [kvledger] CommitWithPvtData -> INFO 04b Channel [mychannel]: Committed block [3] with 1 transaction(s)
2019-01-07 01:55:12.521 UTC [kvledger] CommitWithPvtData -> INFO 04f Channel [mychannel]: Committed block [4] with 1 transaction(s)
2019-01-07 02:52:44.207 UTC [kvledger] CommitWithPvtData -> INFO 054 Channel [mychannel]: Committed block [5] with 1 transaction(s)
2019-01-07 03:16:50.964 UTC [kvledger] CommitWithPvtData -> INFO 058 Channel [mychannel]: Committed block [6] with 1 transaction(s)
2019-01-07 03:16:51.499 UTC [couchdb] CreateDatabaseIfNotExist -> INFO 059 Created state database mychannel_marblesp$$pcollection$marble$private$details
2019-01-07 03:16:51.971 UTC [couchdb] CreateDatabaseIfNotExist -> INFO 05a Created state database mychannel_marblesp$$hcollection$marble$private$details

(after add 4 block)
tonasy@tonasy-Inspiron-3542:~$ docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'
2019-01-07 01:53:25.651 UTC [kvledger] CommitWithPvtData -> INFO 02c Channel [mychannel]: Committed block [0] with 1 transaction(s)
2019-01-07 01:53:25.651 UTC [pvtdatastorage] func1 -> INFO 02d Purger started: Purging expired private data till block number [0]
2019-01-07 01:53:25.651 UTC [pvtdatastorage] func1 -> INFO 02e Purger finished
2019-01-07 01:53:43.113 UTC [kvledger] CommitWithPvtData -> INFO 03b Channel [mychannel]: Committed block [1] with 1 transaction(s)
2019-01-07 01:53:46.001 UTC [kvledger] CommitWithPvtData -> INFO 03f Channel [mychannel]: Committed block [2] with 1 transaction(s)
2019-01-07 01:54:43.716 UTC [kvledger] CommitWithPvtData -> INFO 04b Channel [mychannel]: Committed block [3] with 1 transaction(s)
2019-01-07 01:55:12.521 UTC [kvledger] CommitWithPvtData -> INFO 04f Channel [mychannel]: Committed block [4] with 1 transaction(s)
2019-01-07 02:52:44.207 UTC [kvledger] CommitWithPvtData -> INFO 054 Channel [mychannel]: Committed block [5] with 1 transaction(s)
2019-01-07 03:16:50.964 UTC [kvledger] CommitWithPvtData -> INFO 058 Channel [mychannel]: Committed block [6] with 1 transaction(s)
2019-01-07 03:16:51.499 UTC [couchdb] CreateDatabaseIfNotExist -> INFO 059 Created state database mychannel_marblesp$$pcollection$marble$private$details
2019-01-07 03:16:51.971 UTC [couchdb] CreateDatabaseIfNotExist -> INFO 05a Created state database mychannel_marblesp$$hcollection$marble$private$details
2019-01-07 08:01:37.412 UTC [kvledger] CommitWithPvtData -> INFO 05c Channel [mychannel]: Committed block [7] with 1 transaction(s)
2019-01-07 08:02:50.902 UTC [kvledger] CommitWithPvtData -> INFO 05d Channel [mychannel]: Committed block [8] with 1 transaction(s)
2019-01-07 08:03:45.902 UTC [kvledger] CommitWithPvtData -> INFO 05e Channel [mychannel]: Committed block [9] with 1 transaction(s)
2019-01-07 08:05:16.868 UTC [kvledger] CommitWithPvtData -> INFO 05f Channel [mychannel]: Committed block [10] with 1 transaction(s)