Using Blockchain to Increase Supply Chain Transparency

@horeaporutiu IBM Developer
Horea Porutiu
Developer Advocate, IBM
January 2019
Using Blockchain to Increase
Supply Chain Transparency

Slides
IBM Developer@horeaporutiu
@pluralsight
• Available on Twitter after talk
• http://slideshare.net/HoreaPorutiu

Agenda
1. Hyperledger Fabric
2. Hyperledger vs. Ethereum
3. Actors in Fabric Network
4. Endorsement Policy
5. Demo
@pluralsight

Hyperledger Fabric
IBM Developer@horeaporutiu https://www.pinterest.com/pin/215469163401716164/

What is Hyperledger Fabric
@horeaporutiu IBM Developerhttps://www.hyperledger.org/projects/fabric
• Open source platform used for smart contract
development, aimed at the enterprise

•Hosted by the Linux Foundation

• Major differences to modern cryptocurrency - there is
no concept of ‘mining’ blocks

• Major differences to modern cryptocurrency - there is
no concept of ‘mining’ blocks
•Permissioned blockchain, you need to be invited to join
the network

Hyperledger vs. Ethereum Throughput
• Approximate throughput - Ethereum: 1,000 / minute

• Approximate throughput - Hyperlegder: 500,000 /
minute

• No concept of cryptocurrency in Hyperledger
minute

minute
• No cryptocurrency = no mining = more efﬁcient in terms of
electricity

• Enterprise needs high throughput = Hyperledger is made for
enterprise
minute
• No cryptocurrency = no mining = more efﬁcient in terms of
electricity

Concepts
• NOT central database

Concepts
• Data is distributed

Concepts
• If you make a mistake, you need to have another
transaction to ﬁx it.

Concepts
•No ‘delete’ operation in Hyperledger

Concepts
•No ‘delete’ operation in Hyperledger
• Cannot change ledger

Concepts Part 2
• If you replay all events in the ledger, you get the
‘current state’

Concepts Part 2
‘current state’
• All data is cryptographically signed

Concepts Part 2
‘current state’
• No requirements on hardware, network
infrastructure, software, security

Concepts Part 2
‘current state’
• No requirements on hardware, network
• Can be adjusted for any use case

Concepts Part 2
‘current state’
• Flexible requirements on hardware, network
• Can be adjusted for any use case
• Not vulnerable to 51% attack (unlike Bitcoin)

Concepts Part 3
• Main use case - Party A doesn’t trust Party B

Concepts Part 3
• Party A records don’t match Party B

Concepts Part 3
• How to resolve? Settlement process (lawyers,
audits) - expensive, time-intensive

Concepts Part 3
• Instead, you can use 3rd party (veriﬁcation
authority), and send all data to them. Very expensive

Concepts Part 3
• Need to all trust veriﬁcation authority

Concepts Part 3
• Need to all trust veriﬁcation authority
• Veriﬁcation authority run by humans = prone to mistakes

Concepts Part 4
• No bulletproof way to work with two parties that don’t
trust each other

Concepts Part 4
trust each other
• All info is enforced by Hyperledger - all participants see this

Concepts Part 4
trust each other
• All info is enforced by Hyperledger - all participants see this
• Not possible for any party to alter data - must pass
through smart contract (chain code)

Actors in Hyperledger
•Michael Scott,
a.k.a. the peer
node. The peer,
(M. Scott) runs
the show
(chaincode). The
manager of The
Ofﬁce.
http://mtncatholic.com/2016/10/06/no-joke-dante-puts-michael-scott-hell/

•Michael Scott,
a.k.a. the peer
node. The peer,
(M. Scott) runs
the show
(chaincode). The
manager of The
Office.
• Toby, a.k.a the
CA(Certificate
Authority). The
CA hands out
certificates to
members of the
network. The
H.R. of The
Office - hands
out offer letters.
http://theoffice.wikia.com/wiki/Toby_Flenderson

•Michael Scott,
a.k.a. the peer
node. The peer,
(M. Scott) runs
the show
(chaincode). The
manager of The
Office.
• Toby, a.k.a the
CA(Certificate
Authority). The
CA hands out
certificates to
members of the
network. The
H.R. of The
Office - hands
out offer letters.
http://theoffice.wikia.com/wiki/Toby_Flenderson https://www.dailybreak.com/break/chilis-lifts-ban-on-pam-beesly
• Pam, a.k.a. the
orderer
broadcasts
messages to
peers. As the
receptionist in the
office, she relays
messages to other
employees.

Endorsement Policy
• This is consensus mechanism of Fabric

Endorsement Policy
• Operation must be veriﬁed before we update the ledger

Endorsement Policy
• Endorsement policy speciﬁes who must validate

Endorsement Policy
• Example: All peers, majority of peers, ONLY 1 peer (this
is dangerous)

Endorsement Policy
• If you have a channel with 10 CC, then every single
chaincode can have a different policy 🙀🙀🙀🙀🙀🙀
is dangerous)

Approaches for development
Cloud
• Run docker
containers (peer,
orderer, certiﬁcate
authority, couchDb)
Local

Cloud
• Run docker
containers (peer,
authority, couchDb)
Local
• Inviting other orgs,
viewing blocks is hard

Cloud
• Run docker
containers (peer,
authority, couchDb)
• Network setup is
done for you
Local

Cloud
• Run docker
containers (peer,
authority, couchDb)
done for you
Local
• Nice interface to view
all blocks

Cloud
• Run docker
containers (peer,
authority, couchDb)
done for you
Local
• Nice interface to view
all blocks
• Easy to invite other
organizations to the
network

Our approach
Cloud - via the IBM
Blockchain Platform

Blockchain use-cases
•Medicalchain

•Digital Identity

• Concert Tickets -
True Tickets

Demo

Hyperledger Fabric v. Composer
• Original project
@horeaporutiu IBM Developerhttps://www.hyperledger.org/projects/composerhttps://www.hyperledger.org/projects/fabric

• Learn Fabric SDK -
Node.js, Java
@horeaporutiu IBM Developerhttps://www.hyperledger.org/projects/composerhttps://www.hyperledger.org/projects/fabric

Node.js, Java
• Uses channels to
divide communication
between participants
https://www.hyperledger.org/projects/composerhttps://www.hyperledger.org/projects/fabric

Node.js, Java
•Status: active

Node.js, Java
• Original project • Tool for using Fabric
•Status: active

Node.js, Java
• Easy to generate
REST API
• Tool for using Fabric
•Status: active

Node.js, Java
REST API
•Status: active
• Learn Composer
modeling language

Node.js, Java
REST API
•Status: active
• Learn Composer
modeling language
• Test your contracts in
a sandbox, online

Node.js, Java
REST API
•Status: active
• Learn Composer
modeling language
• Test your contracts in
a sandbox, online
•Status: incubation

IBM Blockchain Starter Plan
•http://goo.gl/i9WZcH
• Need either business or student
email address, gmail wont work
• Takes a few business days to
process, please be patient

Code Patterns
• Hello world Hyperledger Fabric Car Auction -
https://github.com/IBM/car-auction-network-
fabric-node-sdk
@horeaporutiu IBM Code
• Blockchain Bean UI - https://www.ibm.com/
thought-leadership/blockchainbean/index.html
• Blockchain Bean Code -https://github.com/IBM/
blockchainbean

Contact
• Questions: horea.porutiu@ibm.com
• Social: Tweets @horeaporutiu
• Site: https://horeaporutiu.github.io/
• Medium: https://medium.com/@horeaporutiu

Hopefully you will feel like this after
IBM Developer@horeaporutiu https://www.pinterest.com/pin/427630927097492361

Questions?
http://www.freeiconspng.com/img/5437

How do you get started?
• Intro to Hyperledger Node SDK code pattern -
https://github.com/IBM/car-auction-network-
fabric-node-sdk
• Step by step guide on how to connect local
Node.js app to IBM Blockchain Platform

Hyperledger Fabric SDK Overview
Blockchain
network - 1 org
Certiﬁcate Authority
Orderer
Peer
(Local)
Node.js app +
Fabric SDK

Node.js app +
Fabric SDK
Blockchain
network - 1 org
Orderer
Peer
(Local)
1. Enrollment - Register
admin with Certificate Auth
Hyperledger Fabric SDK Overview
Chaincode
Database
Blockchain
network - 1 org
Certificate AuthorityCertificate Authority
Orderer
Peer
Chaincode
Database
1.

Enrollment
• Enrollment - process of generating keys and
certiﬁcates from the Certiﬁcate Authority

Enrollment
• First generate certificate for our admin identity
and use those to register a new client identity
• Enrollment - process of generating keys and
certificates from the Certificate Authority

Hyperledger Fabric SDK - Enrollment
Node.js app +
Fabric SDK
Blockchain
network - 1 org
(Local)
1.
Orderer
Peer
Chaincode
Database

Node.js app +
Fabric SDK
Blockchain
network - 1 org
Orderer
(Local)
2. Register users
🔑
Hyperledger Fabric SDK - Enrollment
Peer
Chaincode
Database
Blockchain
network - 1 org
Orderer
Peer
Chaincode
Database
Blockchain
network - 1 org
Orderer
Peer
Chaincode
Database
2.
1.

Hyperledger Fabric SDK - Transaction
Node.js app +
Fabric SDK
Blockchain
network - 1 org
Orderer
(Local)
2. Register users
3. Send transaction to peer
🔑
Peer
Chaincode
Database
Blockchain
network - 1 org
Orderer
Peer
Chaincode
Database
Blockchain
network - 1 org
Orderer
Peer
Chaincode
Database
3.
2.
1.

Using Fabric SDK - Invoking Chaincode 1/2
Node.js app +
Fabric SDK
(Local)
3. Send transaction
proposal to peer
var request = {
chaincodeId: ‘carauction’, //name of chaincode to execute
fcn: ‘initLedger’, // which chaincode function to execute
args: [‘’], //array of args for chaincode function
txId: fabric_client.newTransactionID(); //assign new txn id
}
🔑
Peer
Chaincode
Database
3.

var request = {
}
var channel = fabric_client.newChannel(‘defaultchannel’);
return channel.sentTransactionProposal(request);
var fabric_client = require(‘fabric-client);

Node.js app +
Fabric SDK
(Local)
3. Send transaction
proposal to peer🔑
Peer
Chaincode
Database
3.
• Check endorsement policy - which peers need to
endorse transaction

Node.js app +
Fabric SDK
(Local)
3. Send transaction
proposal to peer🔑
Peer
Chaincode
Database
3.
• Check endorsement policy - which peers need to
endorse transaction
• The transaction proposal will go to the peers in the
endorsement policy

Using Fabric SDK - Writing to the ledger
let member = {
member.balance = 5000; //set balance of member’s account
member.firstName = ‘Amy’; //set first name of member
member.lastName = ‘Williams’; //set last name of member
member.email = ‘amyWilliams@email.com’; //set email
}
await stub.putState(‘amyWilliams@email.com’,
Buffer.from(JSON.stringify(member)));
• putState takes a key value pair, and writes to the ledger

Node.js app +
Fabric SDK
Blockchain
network - 1 org
Orderer
Peer
(Local)
1.
2. Register application
2.
3. Send (txn)transaction to peer
4. Peers return endorsed txn
Using Fabric SDK - Invoking Chaincode
🔑
Peer
Chaincode
Database
4.
3.

Using Fabric SDK - Reading from the ledger
await stub.getState(‘amyWilliams@email.com’);
• getState reads the member object from the ledger.
Note, this does not create a block on the network.
• This will return:
{
balance: ‘5000’;
firstName: ’Amy’;
lastName: ‘Williams’;
email: ‘amyWilliams@email.com’;
}

Node.js app +
Fabric SDK
Peer
(Local)
4. Peers return endorsed
transaction
4.
• Check transaction proposal has not been submitted in
the past and is well formed
🔑

Node.js app +
Fabric SDK
Peer
(Local)
transaction
4.
• Check that signature is valid
🔑

Node.js app +
Fabric SDK
Peer
(Local)
transaction
4.
• Take args from chaincode function, and execute function
🔑

Node.js app +
Fabric SDK
Peer
(Local)
transaction
4.
• Take args from chaincode function, and execute function
• Transaction results + enduring peer signature is sent
back to SDK
🔑

Node.js app +
Fabric SDK
Blockchain
network - 1 org
Orderer
Peer
(Local)
1.
2. Register application
2.
3. Send (txn)transaction to peer
4. Peers return endorsed txn
Using Fabric SDK - Invoking Chaincode
🔑
Peer
Chaincode
Database
4.
3.
5. App sends endorsed txn to ordering service to add to ledger
5.

Using Fabric SDK - Ordering Service
Node.js app +
Fabric SDK
Orderer
(Local)
5. App sends endorsed txn to
ordering service to add to ledger
• App ‘broadcasts’ transaction proposal and response to
the ordering service
5.
🔑

Node.js app +
Fabric SDK
Orderer
(Local)
5.
• Order chronologically and create blocks
🔑

Node.js app +
Fabric SDK
Orderer
(Local)
5.
• Order chronologically and create blocks
• Order transactions from all channels - order
chronologically by channel and create blocks
🔑

Ledger Updated
• Each peer appends block to the channel’s chain,
•For each valid transaction the write sets are committed to
current state database
• Client is notiﬁed that transaction has been immutably
appended to the chain

Problem
1 in 10 people fall ill
every year from eating
contaminated food -
World Health
Organization

Use Case - IBM Food Trust
• One of the ﬁrst solutions in-production using blockchain

• Smarter, safer, more sustainable food supply chain

• Built on open-source framework - Hyperledger Fabric

• How to join: register your organization with the network

• Solution: Trace - allows user to search the origin of a
product by product name, Purchase Order or GTIN
(Global Trade Item Number)

• Solution: Trace - allows user to search the origin of a
product by product name, Purchase Order or GTIN
(Global Trade Item Number)
• Solution: Certiﬁcate Manager - upload regulation and
inspection documents (fair-trade, organic, etc.)

What if we ﬁnd out
that all products
from Grandma’s
Farm are
contaminated?

Food Contamination - Grandma’s Farm
IBM Developer@horeaporutiu https://tenor.com/view/michael-scott-no-nogod-please-gif-5739001

• Every operation inside Hyperledger must be
cryptographically signed with certiﬁcate
Actors - Certiﬁcate Authority

• Doesn’t matter if you just read data, or if you update,
still need to sign with certiﬁcate

• Can generate your own certiﬁcates

• CA (if you use out of box) provides X.509 certiﬁcates -
same certiﬁcate you use to make your website work on
HTTPS

• CA (if you use out of box) provides X.509 certificates -
same certificate you use to make your website work on
HTTPS
• Inside certificate, you can add info to the system -
smart contract can read this, make decision based on
certificate

Actors - Certiﬁcate Authority Part 2
• CA (Certiﬁcate Authority) follows best crypto standards

• Don’t have to use X.509 or Public Key Infrastructure,
but that’s a very advanced topic

• Enrollment - create accounts, register users, create
attributes

attributes
• Provide user / pass to CA and it gives you certiﬁcate ->
can enforce expiration date

attributes
• Can use OpenSSL

attributes
• Can use OpenSSL
• CA can be attached to active directory, all users can be
taken from active directory

• Fabric CA can be chained

• For example - you have 1 root CA and more
intermediate CA that trust the root CA

• When you use SDK, you sign all requests with certiﬁcate

• Can track certiﬁcate (identity) on the network - see
who invoked transactions
• When you use SDK, you sign all requests with certiﬁcate

Actors - Peer
• Main working horse

Actors - Peer
• Where ledger / blockchain is stored

Actors - Peer
• Need more than 1 peer

Actors - Peer
• Request from SDK is sent to peer

Actors - Peer
• 1 peer can be part of many channels (cover this later)

Actors - Peer
• Endorse then update ledger. Endorsement is heart of system

Actors - Peer
• Back up of system? Peers ﬁnd each other and sync

Actors - Peer
• Back up of system? Peers ﬁnd each other and sync
• Need to increase throughput? Simple - add more peers

Actors - Ordering Service
• Heart of consensus algorithm

• Provide order of operation

• Before being committed to ledger, must pass thru
ordering service

• Creates blocks
ordering service

• Creates blocks
ordering service
• Sends blocks to peers, peers add block to ledger

• Creates blocks
ordering service
• Sends blocks to peers, peers add block to ledger
• Decides which operation comes before or after another
operation

Actors - Ordering Service Part 2
• Only 1 instance? Solo orderer - use only in test /
development

development
• Production? Use multiple instances, use Kafka orderer

development
• Kafka orderer is distributed, can put these in different
data centers in different continents - if one fails, your
network is still running

development
• Must use Kafka for maximum throughput

development
• Throughput also dependent on hardware - can’t use old
laptop for thousands of transactions per second

development
• Throughput also dependent on hardware - can’t use old
laptop for thousands of transactions per second
• Must use server for higher throughput

Channels
• Main way of data isolation

Channels
• Separate instance of Hyperledger Fabric

Channels
• One channel doesn’t depend on another channel - they
never exchange data

Channels
• Each channel has different chaincode that is
independent
never exchange data

Channels
• If party A and party B want to communicate in private,
they create their own channel. No way for Party C to
even see that this channel exists
independent
never exchange data

Channels
• If party A and party B want to communicate in private,
they create their own channel. No way for Party C to
even see that this channel exists
independent
• Peer must be part of channel to do anything - must join
peer to channel
never exchange data

Channels Part 2
• Before you join channel, you must create channel

Channels Part 2
• Genesis block, says which parties are allowed to join
channel

Channels Part 2
• Genesis block, says which parties are allowed to join
channel
• If you later want to add another party that is not
speciﬁed if genesis block, must alter channel
conﬁguration

Chaincode
• Chaincode = smart contract

Chaincode
• How you read and update ledger

Chaincode
• SDK makes transactions and executes chaincode

Chaincode
• Only way to read/update ledger is through chaincode

Chaincode
• You use Node.js? Can use any external libraries from
NPM you want in your chaincode

Chaincode
• Chaincode must be part of channel

Chaincode
• Chaincode must be part of channel
• Why? Bc chaincode is responsible with working with
ledger, but ledger is inside a speciﬁc channel

Chaincode Part 2
• You may have one chaincode that handles everything
(this is what I will demo later) or 5,10,12 separate ones

Chaincode Part 2
• Must be installed and instantiated

Chaincode Part 2
• Must install on every peer that is inside of that channel

Chaincode Part 2
• CC (chaincode) must be part of peer

Chaincode Part 2
• Instantiation starts container of the CC make all
connections and make it ready for use

Chaincode Part 2
• When you instantiate, you must provide a policy

Chaincode Part 2
• What is policy?

Endorsement Policy
is dangerous)

Endorsement Policy
is dangerous)
• Example: for business process that is not important -
endorsement policy says only 1 peer must validate.

Endorsement Policy
is dangerous)
• Example: for business process that is not important -
endorsement policy says only 1 peer must validate.
• For vital operations (transfer money) ALL peers validate

Recap
• Inside 1 channel, can have as many chain codes as you want

Recap
• When you make a request you say I want to execute
operation on:

Recap
operation on:
1. Channel X

Recap
operation on:
1. Channel X
2. Chaincode X

Recap
operation on:
1. Channel X
2. Chaincode X
3. With these arguments

Recap
operation on:
1. Channel X
2. Chaincode X
3. With these arguments
4. With this certiﬁcate

Recap in code
var request = {
}
1

Recap in code
var request = {
}
1
2

Recap in code
var request = {
}
1
2
3

Recap in code
var request = {
}
1
2
3
4

IBM Blockchain Platform UI

Using Blockchain to Increase Supply Chain Transparency

More Related Content

What's hot (20)

Similar to Using Blockchain to Increase Supply Chain Transparency (20)

Recently uploaded (20)

Using Blockchain to Increase Supply Chain Transparency