0

Is the uploading of .card files to Composer REST server a huge trust issue because the server will have a copy of a participant's private key?

According to docs, Business Network Cards (.card) files contain:

  • A Connection Profile. (.json)
  • A metadata file containing the data for the Identity to use to connect to the Business Network. (metadata.json)
  • An optional credentials directory containing a certificate and private key.

https://hyperledger.github.io/composer//playground/id-cards-playground

The recommended way to do multi-user authentication with the Hyperledger Composer REST API is for all of them to upload their .card file to a restful endpoint called "wallet".

https://hyperledger.github.io/composer//integrating/enabling-rest-authentication

dtylam
  • 128
  • 6

1 Answers1

1

In order for the rest server to be able to transact on behalf of the user, it must have access to the private key to be able to sign transactions. The storing of the private key can be determined through the configuration of the rest server in where it persists this information, you can then control the access to this persistence mechanism as required. I would also expect that at the least granular level, each organisation run it's own rest server so private keys never leave the organisation. Alternatively you could employ a HSM (Hardware Security Module) to manage the private keys for you. The private keys would never leave the HSM and so no private keys would be persisted by the rest server.

david_k
  • 5,843
  • 2
  • 9
  • 16