How Membership Service Providers Govern Hyperledger Fabric
Open Source For You|June 2019
How Membership Service Providers Govern Hyperledger Fabric

This article continues our discussions on the Hyperledger Fabric project. It is aimed at open source technology enthusiasts who are interested in blockchain technologies and have a working knowledge of the Hyperledger Fabric project.

Swapnil Kulkarni

A Hyperledger Fabric blockchain network can be governed by one or more membership service providers (MSPs). This provides modularity of membership operations, and interoperability across different membership standards and architectures. An MSP is a component that aims to offer an abstraction of the membership operations architecture.

In particular, the MSP abstracts away all the cryptographic mechanisms and protocols behind issuing and validating certificates and user authentication. An MSP may define its own notions of identity and the rules by which those identities are governed (by identity validation and authenticated by signature generation and verification).

MSP configuration

To set up an instance of the MSP, its configuration needs to be specified locally at each peer and orderer (to enable peer and orderer signing), and on the channels to enable peer, orderer, client identity validation and respective signature verification (authentication) by, and for all channel members.

First, a name needs to be specified for each MSP, in order to refer to it in the network (e.g., msp1, org2 and org3.divA). This is the name under which the membership rules of an MSP, representing a consortium, organisation or division within a larger firm, are to be referred to in a channel. This is also referred to as the MSP identifier or MSP ID. The MSP identifiers are required to be unique for each MSP instance.

In the case of default implementations of an MSP, a set of parameters needs to be specified to allow for identity (certificate) validation and signature verification. These parameters are deduced by RFC5280 and include the following:

- A list of self-signed (X.509) certificates to constitute the root of trust.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

June 2019