I am using Hyperledger fabric 1.4 and am using CouchDB as a peer state database but if I go and update any data by going inside the CouchDB by using it's UI some.IP.address/_utils/#login I am able to update the data and i want to stop it because then it will not adhere to blockchain principle that invalid user can't update the data. I've tried searching how to stop accessing CouchDB from UI but I want to ask what is the right way to achieve it.
What wrong I'm doing and what can I do to stop it?
There are many approaches to achieve this Let me explain one by one
Hyperledger fabric handles this, blockchain network is meant to be distributed, where multiple organizations join the network and install their copy of the chaincode, if someone updates the value from the couchdb of one organization and endorsement policy is set to the majority which is recommended the invoke operations will fail on that value as in order to pass the endorsement read write set from multiple executions is compared. Inorder to update the value all the couchdb must be updated which is difficult.
Couchdb ports should not be publically exposed on production network.
If you are changing data in couchDB using couch db url, it is not going to affect the data on blockchain. It is just changing the data present on your device in world state. So, suppose if you increase your balance by backend update and start a transaction for the amount, it will fail as your balance value at other nodes are still the old one (balance value at other nodes didn't get affected by your update). Couch db is just for viewing the state, it can't bring a change to the state.
