1

I can modify Hyperledger's endorsement policy at instantiate time as described in the docs here. However, is there some guideline on how many peers should endorse a transaction?

I understand that not all peers need to be endorsing peers but generally, what would be the minimum acceptable number in terms of total number of peers? Of course it varies from application to application, but would be nice to have some guideline/insights.

OneMoreQuestion
  • 1,693
  • 3
  • 25
  • 51

1 Answers1

3

what would be the minimum acceptable number in terms of total number of peers?

The number of peers is of lesser significance than the number of organizations.

The idea behind the endorsement policy, is that the peer block processing logic wants to be able to "know" that the transaction contains a write set (values that mutate the world state) which was executed "correctly".

Now, imagine that you have a chaincode which 3 organizations use. You would not want to have an endorsement policy of "Org1.member or org2.member or org3.member" because that would mean that if any of the organizations (1,2,3) is malicious, it could dictate anything it wants, and completely ignore the chaincode business rules.

So, ideally you would want to have an endorsement policy that proves that a majority of the organizations agree to a certain execution result, and therefore set it to something like "2 of the 3 organizations".

Next - comes a notion of number of peers. If you have i.e 10 peers and you are afraid that someone would hack into one or more of them, you could set the endorsement policy to reflect that.

yacovm
  • 5,120
  • 1
  • 11
  • 21
  • So if you have 100 organizations on the Blockchain then ideally you would want 67 of them too endorse? – OneMoreQuestion Feb 13 '18 at 17:56
  • Depends, do they all have that chaincode installed? Also - it is up to you as the creator of the chaincode. – yacovm Feb 13 '18 at 18:53
  • I think that's too simplistic. With 100 Orgs it would be quite hard to hack even 30 at the same time, so 30 might be enough. Also, imagine one of the Orgs is a regulator. The policy might be Regulator.member AND (2/3rds). Or if the regulator had 10 peers, maybe just 2/3 of Regulator peers is enough and no one else. Whatever makes the network comfortable. – jworthington Feb 13 '18 at 18:56
  • Say if all of them have the same chaincode installed, would it be significantly slower to have 60 peers endorse vs 30 peers. The speed would be twice as costly of course but did anyone actually test this? – OneMoreQuestion Feb 13 '18 at 18:58
  • 1
    The speed is not that of a problem since you can do it in parallel. The big problem, however - is if you need lots of endorsements for a single transaction - the peers have to verify the ECDSA signature of all of these endorsements, which is costly. Also - each endorsement includes in it, the peer's identity which when using the standard native MSP - is an x509 based identity which is ~ 700 bytes and therefore makes transactions balloon in size. – yacovm Feb 13 '18 at 19:05
  • but, we are investigating ways of dealing with these problems :) – yacovm Feb 13 '18 at 19:05
  • @yacovm I see, so as long as I have a reasonable number of endorsing peers that is hard to hack then I should be good, does not have to be 2/3 of all peers – OneMoreQuestion Feb 13 '18 at 19:12