1

I am trying to implement my own custom endorsement plugin in hyperledger fabric. I am getting the below error.

Error: endorsement failure during invoke. response: status:500 message: "endorsing with plugin failed: plugin with name custom could not be used: plugin with name custom wasn't found"

The core.yaml structure is given below

endorsers:``
  custom:
    name: CustomEndorsement
    library: /etc/hyperledger/fabric/plugins/CustomEndorsement.so
  escc:
    name: DefaultEndorsement

Please help me as I wanted to add certain checks on endorsing function. And that is why I am choosing to implement it as a plugin.

The peer section of config file is

peer:

# The peer id pro   vides a name for this peer instance and is used when
# naming docker resources.
id: peer0

# The networkId allows for logical separation of networks and is used when
# naming docker resources.
networkId: fabric_test

# The Address at local network interface this Peer will listen on.
# By default, it will listen on all network interfaces
listenAddress: 0.0.0.0:7051

# The endpoint this peer uses to listen for inbound chaincode connections.
# If this is commented-out, the listen address is selected to be
# the peer's address (see below) with port 7052
# chaincodeListenAddress: 0.0.0.0:7052

# The endpoint the chaincode for this peer uses to connect to the peer.
# If this is not specified, the chaincodeListenAddress address is selected.
# And if chaincodeListenAddress is not specified, address is selected from
# peer address (see below). If specified peer address is invalid then it
# will fallback to the auto detected IP (local IP) regardless of the peer
# addressAutoDetect value.
# chaincodeAddress: 0.0.0.0:7052

# When used as peer config, this represents the endpoint to other peers
# in the same organization. For peers in other organization, see
# gossip.externalEndpoint for more info.
# When used as CLI config, this means the peer's endpoint to interact with
address: 0.0.0.0:7051

# Whether the Peer should programmatically determine its address
# This case is useful for docker containers.
# When set to true, will override peer address.
addressAutoDetect: false

# Settings for the Peer's gateway server.
gateway:
    # Whether the gateway is enabled for this Peer.
    enabled: true
    # endorsementTimeout is the duration the gateway waits for a response
    # from other endorsing peers before returning a timeout error to the client.
    endorsementTimeout: 30s
    # dialTimeout is the duration the gateway waits for a connection
    # to other network nodes.
    dialTimeout: 2m


# Keepalive settings for peer server and clients
keepalive:
    # Interval is the duration after which if the server does not see
    # any activity from the client it pings the client to see if it's alive
    interval: 7200s
    # Timeout is the duration the server waits for a response
    # from the client after sending a ping before closing the connection
    timeout: 20s
    # MinInterval is the minimum permitted time between client pings.
    # If clients send pings more frequently, the peer server will
    # disconnect them
    minInterval: 60s
    # Client keepalive settings for communicating with other peer nodes
    client:
        # Interval is the time between pings to peer nodes.  This must
        # greater than or equal to the minInterval specified by peer
        # nodes
        interval: 60s
        # Timeout is the duration the client waits for a response from
        # peer nodes before closing the connection
        timeout: 20s
    # DeliveryClient keepalive settings for communication with ordering
    # nodes.
    deliveryClient:
        # Interval is the time between pings to ordering nodes.  This must
        # greater than or equal to the minInterval specified by ordering
        # nodes.
        interval: 60s
        # Timeout is the duration the client waits for a response from
        # ordering nodes before closing the connection
        timeout: 20s


# Gossip related configuration
gossip:
    # Bootstrap set to initialize gossip with.
    # This is a list of other peers that this peer reaches out to at startup.
    # Important: The endpoints here have to be endpoints of peers in the same
    # organization, because the peer would refuse connecting to these endpoints
    # unless they are in the same organization as the peer.
    bootstrap: 127.0.0.1:7051

    # NOTE: orgLeader and useLeaderElection parameters are mutual exclusive.
    # Setting both to true would result in the termination of the peer
    # since this is undefined state. If the peers are configured with
    # useLeaderElection=false, make sure there is at least 1 peer in the
    # organization that its orgLeader is set to true.

    # Defines whenever peer will initialize dynamic algorithm for
    # "leader" selection, where leader is the peer to establish
    # connection with ordering service and use delivery protocol
    # to pull ledger blocks from ordering service.
    useLeaderElection: false
    # Statically defines peer to be an organization "leader",
    # where this means that current peer will maintain connection
    # with ordering service and disseminate block across peers in
    # its own organization. Multiple peers or all peers in an organization
    # may be configured as org leaders, so that they all pull
    # blocks directly from ordering service.
    orgLeader: true

    # Interval for membershipTracker polling
    membershipTrackerInterval: 5s

    # Overrides the endpoint that the peer publishes to peers
    # in its organization. For peers in foreign organizations
    # see 'externalEndpoint'
    endpoint:
    # Maximum count of blocks stored in memory
    maxBlockCountToStore: 10
    # Max time between consecutive message pushes(unit: millisecond)
    maxPropagationBurstLatency: 10ms
    # Max number of messages stored until a push is triggered to remote peers
    maxPropagationBurstSize: 10
    # Number of times a message is pushed to remote peers
    propagateIterations: 1
    # Number of peers selected to push messages to
    propagatePeerNum: 3
    # Determines frequency of pull phases(unit: second)
    # Must be greater than digestWaitTime + responseWaitTime
    pullInterval: 4s
    # Number of peers to pull from
    pullPeerNum: 3
    # Determines frequency of pulling state info messages from peers(unit: second)
    requestStateInfoInterval: 4s
    # Determines frequency of pushing state info messages to peers(unit: second)
    publishStateInfoInterval: 4s
    # Maximum time a stateInfo message is kept until expired
    stateInfoRetentionInterval:
    # Time from startup certificates are included in Alive messages(unit: second)
    publishCertPeriod: 10s
    # Should we skip verifying block messages or not (currently not in use)
    skipBlockVerification: false
    # Dial timeout(unit: second)
    dialTimeout: 3s
    # Connection timeout(unit: second)
    connTimeout: 2s
    # Buffer size of received messages
    recvBuffSize: 20
    # Buffer size of sending messages
    sendBuffSize: 200
    # Time to wait before pull engine processes incoming digests (unit: second)
    # Should be slightly smaller than requestWaitTime
    digestWaitTime: 1s
    # Time to wait before pull engine removes incoming nonce (unit: milliseconds)
    # Should be slightly bigger than digestWaitTime
    requestWaitTime: 1500ms
    # Time to wait before pull engine ends pull (unit: second)
    responseWaitTime: 2s
    # Alive check interval(unit: second)
    aliveTimeInterval: 5s
    # Alive expiration timeout(unit: second)
    aliveExpirationTimeout: 25s
    # Reconnect interval(unit: second)
    reconnectInterval: 25s
    # Max number of attempts to connect to a peer
    maxConnectionAttempts: 120
    # Message expiration factor for alive messages
    msgExpirationFactor: 20
    # This is an endpoint that is published to peers outside of the organization.
    # If this isn't set, the peer will not be known to other organizations.
    externalEndpoint:
    # Leader election service configuration
    election:
        # Longest time peer waits for stable membership during leader election startup (unit: second)
        startupGracePeriod: 15s
        # Interval gossip membership samples to check its stability (unit: second)
        membershipSampleInterval: 1s
        # Time passes since last declaration message before peer decides to perform leader election (unit: second)
        leaderAliveThreshold: 10s
        # Time between peer sends propose message and declares itself as a leader (sends declaration message) (unit: second)
        leaderElectionDuration: 5s

    pvtData:
        # pullRetryThreshold determines the maximum duration of time private data corresponding for a given block
        # would be attempted to be pulled from peers until the block would be committed without the private data
        pullRetryThreshold: 60s
        # As private data enters the transient store, it is associated with the peer's ledger's height at that time.
        # transientstoreMaxBlockRetention defines the maximum difference between the current ledger's height upon commit,
        # and the private data residing inside the transient store that is guaranteed not to be purged.
        # Private data is purged from the transient store when blocks with sequences that are multiples
        # of transientstoreMaxBlockRetention are committed.
        transientstoreMaxBlockRetention: 1000
        # pushAckTimeout is the maximum time to wait for an acknowledgement from each peer
        # at private data push at endorsement time.
        pushAckTimeout: 3s
        # Block to live pulling margin, used as a buffer
        # to prevent peer from trying to pull private data
        # from peers that is soon to be purged in next N blocks.
        # This helps a newly joined peer catch up to current
        # blockchain height quicker.
        btlPullMargin: 10
        # the process of reconciliation is done in an endless loop, while in each iteration reconciler tries to
        # pull from the other peers the most recent missing blocks with a maximum batch size limitation.
        # reconcileBatchSize determines the maximum batch size of missing private data that will be reconciled in a
        # single iteration.
        reconcileBatchSize: 10
        # reconcileSleepInterval determines the time reconciler sleeps from end of an iteration until the beginning
        # of the next reconciliation iteration.
        reconcileSleepInterval: 1m
        # reconciliationEnabled is a flag that indicates whether private data reconciliation is enable or not.
        reconciliationEnabled: true
        # skipPullingInvalidTransactionsDuringCommit is a flag that indicates whether pulling of invalid
        # transaction's private data from other peers need to be skipped during the commit time and pulled
        # only through reconciler.
        skipPullingInvalidTransactionsDuringCommit: false
        # implicitCollectionDisseminationPolicy specifies the dissemination  policy for the peer's own implicit collection.
        # When a peer endorses a proposal that writes to its own implicit collection, below values override the default values
        # for disseminating private data.
        # Note that it is applicable to all channels the peer has joined. The implication is that requiredPeerCount has to
        # be smaller than the number of peers in a channel that has the lowest numbers of peers from the organization.
        implicitCollectionDisseminationPolicy:
           # requiredPeerCount defines the minimum number of eligible peers to which the peer must successfully
           # disseminate private data for its own implicit collection during endorsement. Default value is 0.
           requiredPeerCount: 0
           # maxPeerCount defines the maximum number of eligible peers to which the peer will attempt to
           # disseminate private data for its own implicit collection during endorsement. Default value is 1.
           maxPeerCount: 1

    # Gossip state transfer related configuration
    state:
        # indicates whenever state transfer is enabled or not
        # default value is false, i.e. state transfer is active
        # and takes care to sync up missing blocks allowing
        # lagging peer to catch up to speed with rest network.
        # Keep in mind that when peer.gossip.useLeaderElection is true
        # and there are several peers in the organization,
        # or peer.gossip.useLeaderElection is false alongside with
        # peer.gossip.orgleader being false, the peer's ledger may lag behind
        # the rest of the peers and will never catch up due to state transfer
        # being disabled.
        enabled: false
        # checkInterval interval to check whether peer is lagging behind enough to
        # request blocks via state transfer from another peer.
        checkInterval: 10s
        # responseTimeout amount of time to wait for state transfer response from
        # other peers
        responseTimeout: 3s
        # batchSize the number of blocks to request via state transfer from another peer
        batchSize: 10
        # blockBufferSize reflects the size of the re-ordering buffer
        # which captures blocks and takes care to deliver them in order
        # down to the ledger layer. The actual buffer size is bounded between
        # 0 and 2*blockBufferSize, each channel maintains its own buffer
        blockBufferSize: 20
        # maxRetries maximum number of re-tries to ask
        # for single state transfer request
        maxRetries: 3

# TLS Settings
tls:
    # Require server-side TLS
    enabled:  false
    # Require client certificates / mutual TLS for inbound connections.
    # Note that clients that are not configured to use a certificate will
    # fail to connect to the peer.
    clientAuthRequired: false
    # X.509 certificate used for TLS server
    cert:
        file: tls/server.crt
    # Private key used for TLS server
    key:
        file: tls/server.key
    # rootcert.file represents the trusted root certificate chain used for verifying certificates
    # of other nodes during outbound connections.
    # It is not required to be set, but can be used to augment the set of TLS CA certificates
    # available from the MSPs of each channel’s configuration.
    rootcert:
        file: tls/ca.crt
    # If mutual TLS is enabled, clientRootCAs.files contains a list of additional root certificates
    # used for verifying certificates of client connections.
    # It augments the set of TLS CA certificates available from the MSPs of each channel’s configuration.
    # Minimally, set your organization's TLS CA root certificate so that the peer can receive join channel requests.
    clientRootCAs:
        files:
          - tls/ca.crt
    # Private key used for TLS when making client connections.
    # If not set, peer.tls.key.file will be used instead
    clientKey:
        file:
    # X.509 certificate used for TLS when making client connections.
    # If not set, peer.tls.cert.file will be used instead
    clientCert:
        file:

# Authentication contains configuration parameters related to authenticating
# client messages
authentication:
    # the acceptable difference between the current server time and the
    # client's time as specified in a client request message
    timewindow: 15m

# Path on the file system where peer will store data (eg ledger). This
# location must be access control protected to prevent unintended
# modification that might corrupt the peer operations.
fileSystemPath: /var/hyperledger/production

# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
    Default: SW
    # Settings for the SW crypto provider (i.e. when DEFAULT: SW)
    SW:
        # TODO: The default Hash and Security level needs refactoring to be
        # fully configurable. Changing these defaults requires coordination
        # SHA2 is hardcoded in several places, not only BCCSP
        Hash: SHA2
        Security: 256
        # Location of Key Store
        FileKeyStore:
            # If "", defaults to 'mspConfigPath'/keystore
            KeyStore:
    # Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
    PKCS11:
        # Location of the PKCS11 module library
        Library:
        # Token Label
        Label:
        # User PIN
        Pin:
        Hash:
        Security:

# Path on the file system where peer will find MSP local configurations
mspConfigPath: /home/cps16/Documents/Medical_Records/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp

#/home/cps16/Documents/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp
# Identifier of the local MSP
# ----!!!!IMPORTANT!!!-!!!IMPORTANT!!!-!!!IMPORTANT!!!!----
# Deployers need to change the value of the localMspId string.
# In particular, the name of the local MSP ID of a peer needs
# to match the name of one of the MSPs in each of the channel
# that this peer is a member of. Otherwise this peer's messages
# will not be identified as valid by other nodes.
localMspId: Org1MSP

# CLI common client config options
client:
    # connection timeout
    connTimeout: 3s

# Delivery service related config
deliveryclient:
    # Enables this peer to disseminate blocks it pulled from the ordering service
    # via gossip.
    # Note that 'gossip.state.enabled' controls point to point block replication
    # of blocks committed in the past.
    blockGossipEnabled: true
    # It sets the total time the delivery service may spend in reconnection
    # attempts until its retry logic gives up and returns an error
    reconnectTotalTimeThreshold: 3600s

    # It sets the delivery service <-> ordering service node connection timeout
    connTimeout: 3s

    # It sets the delivery service maximal delay between consecutive retries
    reConnectBackoffThreshold: 3600s

    # A list of orderer endpoint addresses which should be overridden
    # when found in channel configurations.
    addressOverrides:
    #  - from:
    #    to:
    #    caCertsFile:
    #  - from:
    #    to:
    #    caCertsFile:

# Type for the local MSP - by default it's of type bccsp
localMspType: bccsp

# Used with Go profiling tools only in none production environment. In
# production, it should be disabled (eg enabled: false)
profile:
    enabled:     false
    listenAddress: 0.0.0.0:6060

# Handlers defines custom handlers that can filter and mutate
# objects passing within the peer, such as:
#   Auth filter - reject or forward proposals from clients
#   Decorators  - append or mutate the chaincode input passed to the chaincode
#   Endorsers   - Custom signing over proposal response payload and its mutation
# Valid handler definition contains:
#   - A name which is a factory method name defined in
#     core/handlers/library/library.go for statically compiled handlers
#   - library path to shared object binary for pluggable filters
# Auth filters and decorators are chained and executed in the order that
# they are defined. For example:
# authFilters:
#   -
#     name: FilterOne
#     library: /opt/lib/filter.so
#   -
#     name: FilterTwo
# decorators:
#   -
#     name: DecoratorOne
#   -
#     name: DecoratorTwo
#     library: /opt/lib/decorator.so
# Endorsers are configured as a map that its keys are the endorsement system chaincodes that are being overridden.
# Below is an example that overrides the default ESCC and uses an endorsement plugin that has the same functionality
# as the default ESCC.
# If the 'library' property is missing, the name is used as the constructor method in the builtin library similar
# to auth filters and decorators.
# endorsers:
#   escc:
#     name: DefaultESCC
#     library: /etc/hyperledger/fabric/plugin/escc.so
handlers:
    authFilters:
      -
        name: DefaultAuth
      -
        name: ExpirationCheck    # This filter checks identity x509 certificate expiration
    decorators:
      -
        name: DefaultDecorator
    endorsers:
      escc:
        name: DefaultEndorsement
        library: 
      custom:
        name: CustomEndorsement
        library: /etc/hyperledger/fabric/plugins/CustomEndorsement.so
    validators:
      vscc:
        name: DefaultValidation
        library: 

#    library: /etc/hyperledger/fabric/plugin/escc.so
# Number of goroutines that will execute transaction validation in parallel.
# By default, the peer chooses the number of CPUs on the machine. Set this
# variable to override that choice.
# NOTE: overriding this value might negatively influence the performance of
# the peer so please change this value only if you know what you're doing
validatorPoolSize:

# The discovery service is used by clients to query information about peers,
# such as - which peers have joined a certain channel, what is the latest
# channel config, and most importantly - given a chaincode and a channel,
# what possible sets of peers satisfy the endorsement policy.
discovery:
    enabled: true
    # Whether the authentication cache is enabled or not.
    authCacheEnabled: true
    # The maximum size of the cache, after which a purge takes place
    authCacheMaxSize: 1000
    # The proportion (0 to 1) of entries that remain in the cache after the cache is purged due to overpopulation
    authCachePurgeRetentionRatio: 0.75
    # Whether to allow non-admins to perform non channel scoped queries.
    # When this is false, it means that only peer admins can perform non channel scoped queries.
    orgMembersAllowedAccess: false

# Limits is used to configure some internal resource limits.
limits:
    # Concurrency limits the number of concurrently running requests to a service on each peer.
    # Currently this option is only applied to endorser service and deliver service.
    # When the property is missing or the value is 0, the concurrency limit is disabled for the service.
    concurrency:
        # endorserService limits concurrent requests to endorser service that handles chaincode deployment, query and invocation,
        # including both user chaincodes and system chaincodes.
        endorserService: 2500
        # deliverService limits concurrent event listeners registered to deliver service for blocks and transaction events.
        deliverService: 2500

# Since all nodes should be consistent it is recommended to keep
# the default value of 100MB for MaxRecvMsgSize & MaxSendMsgSize
# Max message size in bytes GRPC server and client can receive
maxRecvMsgSize: 104857600
# Max message size in bytes GRPC server and client can send
maxSendMsgSize: 104857600
Pranay
  • 11
  • 3
  • upload your `core.yaml` and i will look at it – yacovm May 11 '22 at 10:16
  • I think you need to override the `escc` not add `custom` – yacovm May 11 '22 at 10:20
  • thanks yavcom, I will add my core.yaml – Pranay May 11 '22 at 10:59
  • Hi yacovm, can you please share your Gmail here? I will share this on google docs. I can't upload the code file here it seems. I also tried overriding escc but that also did not work to me. – Pranay May 11 '22 at 11:08
  • upload it to pastebin: https://pastebin.com/ – yacovm May 11 '22 at 12:31
  • And this pluggable endorsement should work, after all - we test it in integration tests: https://github.com/hyperledger/fabric/blob/main/integration/pluggable/pluggable_test.go#L119-L122 – yacovm May 11 '22 at 12:32
  • Hi yacovm, please check this https://pastebin.com/UR9SFHcj. Thank you. – Pranay May 12 '22 at 04:53
  • try to change `DefaultEndorsement` to `CustomEndorsement` and remove the `custom:` thing – yacovm May 12 '22 at 21:07
  • I am not getting any error, but how will I know if this plugin is working. I tried to add print statements there but it is not working it seems. I tried with conditions also, it seems no effect on the endorsement process. – Pranay May 13 '22 at 05:06
  • Should I need to create a different core.yaml for every peer and mount that path in the docker-compose file? Please suggest me if I am going in wrong direction. I am currently testing this plugin in a single node network setup. – Pranay May 13 '22 at 11:23
  • take a look here: https://pastebin.com/X6KfnQFQ – yacovm May 13 '22 at 13:21
  • Hi I checked this file, it still seems to be not having any effect after customization. Should I send my plugin code ? – Pranay May 14 '22 at 08:31
  • yeah ok you can upload it and i can take a look. – yacovm May 14 '22 at 16:23
  • thanks, I have added it : https://pastebin.com/ZnM8v2q7 – Pranay May 17 '22 at 06:04
  • Also please check my core.yaml: https://pastebin.com/bPecppq6. Please tell me if I am doing something wrong here. – Pranay May 17 '22 at 06:06
  • hi @yacovm, did you find problem in my plugin or my core.yaml ? – Pranay May 19 '22 at 11:27
  • sorry I didn't have time to look at it yet. I can try in the weekend if i have time – yacovm May 19 '22 at 18:09
  • ok, no problem. – Pranay May 20 '22 at 04:49
  • Hi @yacovm just a little update on this. I am able to set the path correctly in core.yaml. I am now facing issues when I am loading the go plugin. Please check this error - 2022-12-08 07:24:26.778 UTC 0018 PANI [core.handlers] loadPlugin -> Error opening plugin at path /etc/hyperledger/fabric/plugin/escc.so: plugin.Open("/etc/hyperledger/fabric/plugin/escc.so"): Error relocating /etc/hyperledger/fabric/plugin/escc.so: __vfprintf_chk: symbol not found. Please check this when you are free, thank you. – Pranay Dec 08 '22 at 08:52

0 Answers0