Is it possible to dynamically set access to private data in Hyperledger fabric 1.4? Unlike the collections file where we have to add the organizations that can have access to a particular "collection", is it possible to add access through chaincode?
Asked
Active
Viewed 371 times
4
-
What do you call the "collection file"? Moreover, from what I understand from your question, you can implement an access list in your world state and manage it through chaincode to permit access or not to data. However, people that can access directly to the peer will be able to get the data accessing the database directly. – Itération 122442 Apr 04 '19 at 15:53
1 Answers
2
Had to do some research on this myself, but since Fabric v1.4 it is possible to dynamically add peers to private data collections. Private data reconciliation ensures that all private data state in that collection, which was created prior to the peer joining, will be delivered to the new peer.
In more detail: With the collections file you specify an initial endorsement policy. This endorsement policy can be updated later through a SDK function called SetPrivateDataValidationParameter. After this update takes place, new private data key-value-pairs will be delivered according to the new endorsement policy.
Additionally, if you want to update the collections definition file itself, you can specify a new one when upgrading the chaincode. The collections definition file specifies, which peers are allowed to see the data, so in order to change that, you need to upgrade your chaincode.
Sigmatics
- 615
- 4
- 17