Hyperledger Fabric: How private keys are stored in Hyperledger?

Question

Scenario:

Every peer sends a private number to the blockchain and the smart contract should add these numbers and publicly share the result. Each node can only see its number.

In a hyperledger numbers are encrypted so users can't view the numbers. But, the smart contract has access to decryption keys which is a must in order to add the numbers. Knowing that the smart contract is replicated to all peers and it is stored locally. So, users have access to smart contracts which by its turn has access to decryption keys. Thus, users can obtain the decryption keys by tampering the machine. If this is the case then it is not completely secure. Am I right?

Question 2: Are private keys stored at all nodes?

Question 3: Can a code be run only be the endorser to limit the number of nodes having the private keys?

Answer 1

There are multiple assumptions/concepts which may not be 100% true. I would request you to spend some more time on understanding how HLF works.

• Smart Contracts (read Chaincode for Hyperledger Fabric)are always public, at least to the admins or to the decision makers of all the parties involved in a contract. Generally Smart contracts are insulated from end users of each parties so it won't be as easy for an end users to access a chaincode. Also, in HLF, Chaincodes are built before deploying which could add one more layer of security. Now coming to your point, If you put private key on chaincode, It'll be exposed to all the participants of that contract (How widely, that depends on each party)

• By Private keys, I assume that you're talking about the private keys of end users. Now this is up-to the end user or the org about where to store the keys. Hyperledger doesn't store any private/public keys by-default. Again it's all about how you're managing your users for each orgs.

• Yes, Chaincode can be run on limited numbers of the nodes and it has nothing to do with private keys (assuming these are users' private keys you're talking about)