Hyperledger Global Forum

Hyperledger Fabric is a popular permissioned blockchain framework for the enterprise, which enables decentralized applications including supply chain management and trade finance. In this presentation, IBM and Intel introduce Fabric Private Chaincode (FPC), a joint effort to enable privacy-sensitive use cases in Fabric, including: analytics on medical and genetic information, sealed-bid auctions and private voting systems.

FPC enhances privacy by running the Fabric chaincode application in a Trusted Execution Environment, supported by hardware-based technology such as Intel SGX. In particular, FPC executes the chaincode from encrypted memory, thereby hiding sensitive information even from operators of Peers, and their respective organizations. Also, it enables remote Peers and Clients to verify the expected chaincode execution by means of a hardware-based cryptographic attestation.

The combination of these features enables a chaincode to maintain secret information and to authenticate itself remotely. Clients can thus establish a secure channel with the chaincode, so to transfer any sensitive data (invocation requests and responses) without exposing it to the hosting Peer. Similarly, the chaincode can store any state on the ledger, or in data collections, in encrypted form across the execution of multiple transactions. At commit-time, Peers then validate endorsed encrypted data.

From a user perspective, FPC is designed to maintain Fabric’s programming model (transaction flow, chaincode interface) and to enable the implementation using diverse Trusted Execution Environments. The presentation reports on the latest SGX-based FPC prototype and discusses plans to support additional platforms through collaborations with the Confidential Computing Consortium.