1

From the Docs of Hyperledger-Fabric

"In Endorsement Policy , Currently, two roles are supported: member and admin."

What are these members and Admins. Is they are equal to Peers ?. In Orgs crypto-config folder there are Admin certs and User certs , is these are the certificates that are used to Sign the Endorsement?.

Say I gave an endorsement policy that admin of org1 has to sign , then i enrolled into the network by using "Jim" credentials , then upon submitting transaction how does the admin signs that Endorsement Policy?

jaswanth
  • 1,759
  • 2
  • 10
  • 16
  • I have similar [question](https://stackoverflow.com/questions/49292170/endorsement-policy-doesnt-work), can you help me . – T_murder Mar 16 '18 at 09:18

2 Answers2

2

As per my understanding, the Roles" Admin & Member" considered in the Endorsement policy are as the ones mentioned against the Organization section "Role.Admin" and "Role.Member" in the channel configuration. And not the roles of the individual users of the Organization.

Please refer to the answer to this post also When I generate MSP for some organization, I can confirm Admin and User. What does this mean?

If an organization has Admin Role in a channel, then while it signs the transaction received from the clients of that channel, it would use the Admin Certificate to sign the proposal. [ I do not have information reg. which of the certificates mentioned in the msp folder of the peer/org are used to sign. Documentation is not clear in these areas ]

Also its my understanding that as of v1.0.5, the Endorsement policy works only with the membership "Role.Member" [ May be this understanding is also wrong. You could setup the Channel and EPs with AND conditions and check. Or check with 1.1.preview]

Our experiments were with the JavaSDK. It would be better to go through the link Transaction flow of Fabric Doc Also, take a look at the configtx.yaml file located at fabric/sampleconfig/configtx.yaml in the fabric.git repository.

Ashishkel
  • 953
  • 11
  • 20
  • Thanks for the reply. if I invoke a transaction on peer-1 ( lets say i have 3 peers and my policies is org1.member and org2.member) then the peers would simulate the transaction and if all the endorsing peers results are same it gives the endorsement cert , then where is the policy running. I am also confused how to decide/ how to mention which peers can endorse my tx – jaswanth Jan 05 '18 at 08:36
  • Say you want your transaction to be endorsed by Peer1 & Peer2 in a network with Peer1, Peer2 & Peer3. Then you only have to sent the txn to Peer1 & 2. They will send the Proposal Responses back to you. You accumulate them and verify them to be same. If they are same, then your SDK Client sends them to Orderer. – Ashishkel Jan 05 '18 at 08:41
  • And @ this point,each individual peer would run the Transaction received, through VSCC to validate the endorsement. If valid, then they are taken into the ledger, else discarded. So in short, endorsement policy is validated against the content sent by Orderer by each of the peers in the network. – Ashishkel Jan 05 '18 at 08:44
  • ok . now i understood how the endorsement works . now say if i gave an endorsement policy of `OR('Org1.admin', AND('Org1.member', 'Org2.member'))` , when this policy fails , I know that if Org1.admin and Org1.member did not sign the tx it fails but on what basis they opt not to sign the tx – jaswanth Jan 05 '18 at 08:50
  • Glad that I could help. Consider accepting the answer if it suits. The only way I have seen a non-signing situation is when they are not available in the network to sign. – Ashishkel Jan 05 '18 at 08:53
2

Remember that endorsement policy is not "human" signature workflow. The goal of endorsement policy to set the rules about the number of peers / orgs which must reach agreement on the execution of a chaincode given a set of inputs. Signatures are used as a means to ensure that the response was not tampered with and used to identity which org/peer actually responded.

So not only do you need some number of peers to sign endorsement responses, they must actually sign identical responses as well.

You generally will not have the case where a peer will not "sign" the endorsement response (unless you have a malicious peer where someone has actually written there own version of the peer code). Things which can occur:

  • peer is not available (note it's possible for an org to run multiple peers for availability as well)
  • peer produces a different result than other peers
  • the actual chaincode logic results in a rejected proposal
Gari Singh
  • 11,418
  • 2
  • 18
  • 41