I am wondering that how your data is safe when an admin can change the latest state in Couchdb
using Fauxton
or cURL
provided by Couchdb
directly.
According to my understanding Hyperledger Fabric
provides immutable data feature and is best for fraud prevention(Blockchain feature).
The issue is :- I can easily change the data in couchdb
and when I query from my chaincode
it shows the changed data. But when I query ledger
by using GetHistoryForKey()
it does not shows that change I made to couchdb
. Is there any way I can prevent such fraud? Because user will see the latest state always i.e data from couchdb
not from ledger
Any answer would be appreciated.
Thanks
The state database in Hyperledger Fabric peer nodes on Managed Blockchain networks created using Hyperledger Fabric 1.4 and later supports two types of peer state databases: CouchDB is a state database in Managed Blockchain that models ledger data as JSON.
the actual private data; data is stored in a private database on the peer nodes of authorized organizations and is accessed from chaincode on these authorized peers; and. a hash of that private data; endorsed, ordered, and written to the ledgers of every peer on the channel.
Hyperledger Fabric now simply uses Crash Fault Tolerant (CFT) consensus algorithms, which is that it can't accept any malicious threat. The work is currently going on Byzantine Fault Tolerant (BFT) algorithms, that can accept up to 1/3 malicious of the existing network.
Yes, you can enter CouchDB directly using the web interface and modify data.
You should not expose the CouchDB port beyond the peer's network to avoid the data getting tampered. Only the peer's administrator should be able to access CouchDB, and the administrator has no incentive to tamper their own data. Let me explain further...
The Hyperledger Fabric state database is similar to the bitcoin unspent transaction database, in that if a peer administrator tampers with their own peer’s database, the peer will not be able to convince other peers that transactions coming from it are valid. In both cases, the database can be viewed as a cache of current blockchain state. And in both cases, if the database becomes corrupt or tampered, it can be rebuilt on the peer from the blockchain. In the case of bitcoin, this is done with the -reindex flag. In the case of Fabric, this is done by dropping the state database and restarting the peer.
In Fabric, peers from different orgs as specified in the endorsement policy must return the same chaincode execution results for transactions to be validated. If ledger state data had been altered or corrupted (in CouchDB or LevelDB file system) on a peer, then the chaincode execution results would be inconsistent across endorsing peers, the 'bad’ peer/org will be found out, and the application client should throw out the results from the bad peer/org before submitting the transaction for ordering/commit. If a client application tries to submit a transaction with inconsistent endorsement results regardless, this will be detected on all the peers at validation time and the transaction will be invalidated.
You must secure your couchdb from modification by processes other than the peer, just as you must generally protect your filesystem or memory.
If you make your filesystem world writable, other users could overwrite ledger contents. Similarly, if you do not put access control on couchdb writes, then you lose the immutability properties.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With