2

Is there a way to make transactions in SawTooth private?

I know HyperLedger Fabric has "channels" and Quorum has private transactions, so looking for something similar but don't see it:

https://sawtooth.hyperledger.org/docs/core/releases/latest/architecture.html

Of course theoretically one could implement encrypt/decrypt process, but this cumbersome to track (if it is an encrypted or decrypted payload)

ASX
  • 635
  • 7
  • 18
  • From what I have read, specifically in the Validator Network Scenarios topic of the Permissioning Requirements section of the documentation, it appears to support private it is a matter of registering allowed Batch/Transaction signers that are permissioned to interact within your "channel". All other comers will be rejected. – Frank C. Feb 25 '18 at 11:28
  • @ASX did you find any solution? – Rohit Khatri Jun 20 '18 at 07:20

3 Answers3

2

Since Sawtooth is permissioned it is possible to set up users that have different roles and access rights. This would allow you to create transactions that are private to specific identities.

You can configure a validator to only accept transactions from identities listed in a local config file. Or, use the identity namespace to set the allowed identities, which will be checked when a transaction is received from a client or when a block is validated.

See the identity transaction family for more details of how Sawtooth manages identities and permissions:

The identity system described here is an extensible role and policy based system for defining permissions in a way which can be utilized by other pieces of the architecture. This includes the existing permissioning components for transactor key and validator key, but in the future may also be used by transaction family implementations.

The identity namespace:

  1. Encompasses ways to identify participants based on public keys
  2. Stores a set of permit and deny rules called “policies”
  3. Stores the roles that those policies apply to
grkvlt
  • 2,577
  • 1
  • 21
  • 38
1

There is an experimental feature called Sawtooth Private Data Objects (PDO). Blockchain objects that are kept private through encryption.

For more information, see https://github.com/hyperledger-labs/private-data-objects/tree/master/sawtooth For docs, see links in this tweet: https://twitter.com/kellymolson/status/1019299515646406656

Alternatively, you can encrypt your payload so others without a private key cannot see it in the blockchain. Or you can just store a hash/checksum in your payload.

Dan Anderson
  • 2,265
  • 1
  • 9
  • 20
0

We can use Private Transaction Families provided by the Hyperledger labs.

https://github.com/hyperledger-labs/private-transaction-families

The system is based on a generic distributed ledger infrastructure (Hyperledger Sawtooth) and an Intel® SGX (Software Guard Extensions) 'hardened' Transaction Processor which provides a mechanism to enable Hyperledger Sawtooth to contain private information that is both not publicly available but required to validate transactions.

For more information about how Private Transaction Families work, see the following link

https://github.com/hyperledger-labs/private-transaction-families/blob/master/SPECIFICATION.md

agentfrankz
  • 23
  • 5