Consensus manipulation when using only two peers on a Hyperledger Fabric channel?

Question

What happens in Hyperledger Fabric on a private channel block-chain consisting of only two peers if one of the peers is faulty and manipulates it's private block chain?

So the two copies of the block chain will diverge and finally it will be impossible for a consensus algorithm to tell which one is correct.

Is this a valid problem? If so, how would this be mitigated? Would it help to add additional peers to the channel (e.g. placed at a regulator's data center) which are not in control of the two peers mentioned above? Or is there a better solution to tackle this problem?

Answer 1

Adding additional peers to each organization would defend against any single node becoming compromised. Adding additional nodes to the channel(s) at an independent 3rd party (auditor, regulator, or other trusted provider) would be another valid strategy to defend against a counter-party with malicious intent.

Answer 2

The consensus is achieved in the Ordering Service, the Peers are independent from it. I think that they are two different things:

1. The Peers don't manipulate the Blockchain. They could send incorrect or invalid transactions. The result of the execution of those transactions depends on the Smart Contrac that you have on the Peers, and the Endorsement Policy that you have defined. Then, each Peer sends the validated transactions to the Ordering Service.
2. The Blocks are created by the Ordering Service, so the blocks will be equal to both peers.

The solution to that issue would be to create an Ordering Service where the orderers are located in additional and independent 3rd party.

Nowadys, the Ordering Services gives you the chance to choose among different Services: two different are developed, a third one will be ready soon. More info about it, here.