Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to avoid the Fabric CA beeing a single point of failure?

Tags:

hyperledger-fabric

hyperledger

if I understood correctly, every peer in a fabric blockchain network (somehow interconnected through gossip) will only accept incoming connections from other peers if they use a HTTPS connection with a public key signed by the Fabric CA.

Is that correct?

So in my understanding, the Root-CA becomes the single point of failure because one could modify it and from then on modified Root-CA certificates will propagate to the nodes and eventually no node can connect to each other anymore.

Is this correct?

like image 228
Romeo Kienzler Avatar asked Jul 25 '17 16:07

Romeo Kienzler

1 Answers

Let me try to answer the two questions also, perhaps a little more directly.

QUESTION1: if I understood correctly, every peer in a fabric blockchain network (somehow interconnected through gossip) will only accept incoming connections from other peers if they use a HTTPS connection with a public key signed by the Fabric CA. Is that correct?

ANSWER1: No, this is not correct. You said "the Fabric CA", but each fabric blockchain network has multiple trusted CAs where each may be a Fabric CA or another CA or a combination. There is no single trusted CA root in this model. Also, the connections from peers are over GRPC rather than HTTPS.

QUESTION2: So in my understanding, the Root-CA becomes the single point of failure because one could modify it and from then on modified Root-CA certificates will propagate to the nodes and eventually no node can connect to each other anymore. Is this correct?

ANSWER2: No, this is not correct. There is no SPoF (Single Point of Failure) because: a) a single Fabric CA can run in a cluster b) there are multiple Fabric CA clusters (or other CAs) in a blockchain network. c) the peers and orderers do not connect directly to a CA. They operate off of crypto material that is locally available from the file system or its copy of the ledger. There is also no SPoT (Single Point of Trust) because: a) their are multiple root CAs without a common root key, and b) configuration updates which affect who trusts whom may require signatures from multiple identities from different roots of trust. For example, changing a trust policy could require signature from an administrator from every organization in the blockchain (or in hyperledger terminology, in the channel).

like image 115
Keith Smith Avatar answered Oct 03 '22 23:10

Keith Smith
Sign in to Comment

Related questions

Can I use the public/private key generated by the MSP in Hyperledger Fabric v1.0 for encrypting/decrypting data?
Fabric-Sample: Cannot create ledger from genesis block, due to LedgerID already exists
Configure Multiple Channel in Hyperledger Fabric
Getting connection failed in Hyperledger Fabric sample
Hyperledger fabric v1.0: multiple orderers
How do the different MSP roles (member, admin, peer, client) affect Hyperledger Fabric Endorsement policies?
Hyperledger fabric gRPC interaction

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!