Oracle Blockchain Platform tutorial, Part 1 of 3: Building a Hyperledger Fabric network

Introduction

For this first article on Coding around the block, I want to begin writing about Oracle's blockchain as a service offering. Hyperledger Fabric is an open source, permissioned, blockchain platform that is ideal for enterprise use. Building your own HLF network is an investment in time to say the least. Fortunately, Oracle has a blockchain as a service offering that makes it very easy to build and deploy a HLF network in a short amount of time by eliminating the infrastructure tasks that would normally be involved.

This tutorial is going to walk through how to set up a Hyperledger Fabric network on Oracle cloud. This is going to be the first of a three part series on the topic with the second article focusing on how to configure and utilize the Oracle Blockchain Platform Rich History Database, using Autonomous Data Warehouse. The last piece in the series will look at how to report and analyze blockchain data in the RHDB with Oracle Analytics Cloud (OAC)

Oracle blockchain as a service 

Overview

For this first section I'm going to copy a lot of material from Oracle's website. The fact is they did a good job writing this up so I'm not going to waste time trying to reword it. It is here for reference and just to get us level set so we can dive in deeper to other topics. For those of you already familiar with Oracle's blockchain platform, feel free to jump ahead to the next section.

Product details

Oracle's Blockchain Platform (OBP) is a comprehensive distributed ledger cloud platform to provision blockchain networks, join other organizations, and deploy & run smart contracts to update and query the ledger. Organizations can reliably share data and conduct trusted transactions with suppliers, banks, and other trade partners through integration with existing or new cloud-based or on-premises applications.

A Pre-assembled, Managed PaaS that auto-provisions Hyperledger Fabric components, REST proxy, and administration and operations console. Includes built-in identity management, object store and other infrastructure for rapid provisioning and simplified administration of blockchain networks, reducing cost & setup time from weeks to minutes.

The open architecture built on Hyperledger Fabric, an open-source project governed by Linux foundation, OBP is interoperable with non-Oracle versions of Fabric using compatible releases, it is accessible from cloud and on-prem applications via REST APIs and Hyperledger SDKs.

Product features

Build Trusted Business Networks

• Simple Provisioning
• Provision a blockchain platform instance and get all required infrastructure services as embedded resources: compute, containers, local storage, identity management, object store, network, etc.
• Complete Blockchain Platform
• Start with a complete, production-ready blockchain platform based on Hyperledger Fabric, including membership services, peer nodes, ordering service, with Oracle-added REST proxy and operations console tools.
• Enterprise-Grade
• The only enterprise-grade managed blockchain service with 99.95% SLA with enhanced security, built-in High Availability and embedded ledger backups for continuous operations.
• Add Partner Organizations
• Add partners locally or in different geographies easily. Provision a new service instance in any supported Oracle Cloud Infrastructure region and complete the guided process to join the new organization.
• Hybrid Networks
• Join partners running Hyperledger Fabric outside of Oracle Cloud by importing the organization's certificate into an Oracle blockchain platform instance.

Automate with Smart Contracts

• Business logic for blockchain
• Create smart contracts (a.k.a. chaincodes) for real-time B2B transactions or to check conditions like matching POs, invoices, and shipping information prior to triggering payment and updating the ledger. Expose through REST proxy gateway or invoke via client SDK.
• Event Notifications
• Automate manual tasks and synchronization with systems of record by publishing custom events from smart contracts that trigger notifications for client SDKs and enable actions based on event payload.
• Quickly build and deploy chaincode
• In the chaincode define data schema, initialize data values, and create methods to contain the business logic invoked by external transactions to update or query data.
• Endorsement Policies
• Define an endorsement policy specifying the number of required signatures and specific organizations' whose endorsements are required.

Conduct Private Transactions

• Confidentiality domains
• "Subnet" blockchain members on separate channels, thereby isolating access to ledgers and transactions to organizations who've been authorized to join specific channels.
• Easily Control Member Access Privileges
• Add read-only peers to a channel to provide visibility to the ledger without ability to run smart contracts. Enforce access control in chaincode logic.
• Run chaincode across multiple channels
• Initialize the chaincode on specific channels to deploy, compile and bind it. Run same chaincode in multiple channels on their specific ledgers.
• Dynamically Create Channels
• Create channels programmatically through client SDK calls enabling applications to create new channels on demand and request peers to join.

Integrate Blockchain Transactions in Applications

• REST API-driven development
• Simplify integrations by invoking transactions running chaincode methods through REST proxies. Use REST APIs to run transactions and queries synchronously and receive a response when transaction commits.
• SDK-based Development
• Enroll members, add peers, create channels, deploy smart contracts, register for events, and run transactions or query ledger data using Java, GO, or Node.js.
• Plug-n-play Integration
• Extend Oracle and third-party SaaS and on-prem applications to use Oracle Blockchain Platform through enterprise application & technology adapters and workflow tools in Oracle Integration Cloud.
• Build New Apps
• Build new applications or SaaS extensions to running transactions on the blockchain using Oracle Java, Application Container, Mobile, Application Builder, Integration or SOA Cloud Services.
• Leverage OOTB support for Blockchain API
• Leverage Blockchain out-of-the-box through the REST APIs in Oracle Digital Innovation Platform for open banking and Netsuite SuiteCloud Platform.

Comprehensive Administration and Monitoring

• Automated Operations
• Industry's 1st & only blockchain cloud platform to automate day-to-day operations and enable customers to focus on applications with Oracle-managed service monitoring, integrated identity management, embedded backup, automated recovery, adaptive intelligence-enabled cyber threat detection and remediation, and zero-downtime patching and upgrades.
• Intuitive Admin Console
• View network status from dashboard or navigate to Network, Nodes, Channels, and Chaincodes tabs to view blockchain components and manage the network.
• Dynamically Change the Configuration
• Manage the blockchain network, peers, orderers and membership service dynamically. Configure network channels and set policies. Deploy or upgrade smart contracts.
• Easy Monitoring & Troubleshooting
• Monitor peer, orderer, and other network components status and view network topology. View channel and peer metrics, node utilization, browse ledgers and logs for troubleshooting.

Building an Oracle blockchain platform network

Creating a Founder node for your Hyperledger Fabric network

Let's get started building a Hyperledger Fabric network on Oracle blockchain platform. Follow these easy steps to complete the tasks.

First, log in to your Oracle cloud infrastructure console, click the hamburger menu icon in upper left, and navigate to Platform Services > Blockchain Platform

Click the Create Instance button

Fill in all the fields. Be sure Create a new Network is checked, which will set up this node as the Founder. I also recommend adding tags to help find and filter your objects in OCI. Be aware that tags are case sensitive.

For this example I am going to create a Developer network and will give each of my nodes 2 peers. I am also not choosing to upload a Root CA Archive. By not providing certificates from my own CA, Hyperledger Fabric will create and provide certificates.

**Terms like founders and peers are standard Hyperledger Fabric concepts. If you are not familiar with them I recommend reading the Hyperledger Fabric documentation and the Oracle blockchain documentation

Click Next to confirm details and then Create

Once the service is done being created, you can click on the instance name to review details. Then, click on the instance hamburger menu, on the right, and select Blockchain console.

Explore the console to see all the content provided.

Creating Participant nodes for your Hyperledger Fabric network

For testing purposes we are going to create the Founder and the participant nodes all in the same single cloud tenancy. In a real production scenario it is more conceivable that the Founder and the participants will exist in different tenancies owned by each member of the consortium that have agreed to work together on a blockchain network. Since OBP is based on open source Hyperledger Fabric it is conceivable that the participants will not only be on a different tenancy but they could potentially be on another cloud provider's platform, such as AWS, Azure, IBM, or they could be running their own instance of Hyperledger Fabric on-premise or in a cloud IaaS. Oracle also offers an Enterprise Edition of OBP that can run on-premise. So you can see there are many different options for how this network will ultimately come together and grow, which is why open standards are important for a decentralized network. This wouldn't work if the Founder got to dictate the platform all other participants must use. The beauty of an open source platform such as HLF is the ability to bring disparate organizations together for the purpose of a shared initiative.

To create a Participant node in your network, you follow the same steps we performed to create the Founder with one key difference, you must ensure you uncheck the Create a new Network check box.

You can also see I chose to place this node in the Phoenix region to better simulate a distributed network and take better advantage of the fault tolerance that is provided by having my nodes running in separate geographies.

When I hit Next I get an error due to my Instance Name being too long. There is a 15 character maximum for Instance Name, so I will need to shorten the name to TESTPART1.

I click the Create Instance button to build my instance.

I then repeat this process and create another instance named TESTPART2.

I now have three instances (1 Founder and 2 Participants) in my blockchain network.

Joining Participants to Founder's network

Open the blockchain console for the TESTPART1 instance by clicking on the right side hamburger menu.

You will see that because the participant node has not been joined to a network yet, OBP nicely provides step by step instructions for doing so.

To join a network:

1. Go to step 2: Export Certificates to export your organization's certificates to a JSON file.
2. Provide the JSON file to the founding organization to import using Add Organizations wizard on its Network tab. Then the founding organization needs to export the orderer settings to a JSON file and provide it to you.
3. Go to step 3: Import Orderer Settings to import the JSON file provided by the founding organization with its orderer settings.
4. Click on step 4 to complete the process and exit the wizard.

Follow the instructions for both TESTPART1 and TESTPART2 instances.

Once you have completed these steps you should now see 2 participating organizations in your Founder instance's dashboard

Click on the 2 Participating Organizations tile in the dashboard and it will take you to the network tab where you can see the two participant instances have been added to the network

Click on the mind-map icon to visualize the network

You can see that the Founder instance has 2 peer nodes, 1 Orderer node, and 1 CA node.

Now, go to your TESTPART1 console, go to Network tab and click on mind-map icon.

Note that you are now seeing the network from the perspective of a participant. You can see that TESTPART1 has 2 Peers and 1 CA node.

You can do the same for TESTPART2 and it should look the same.

Let's take a deeper look at the nodes. Go back to the Founders console and click on the Nodes tab.

On the Nodes tab you will see all the nodes that were set up. Nodes run in containers on the blockchain service platform.

There's a console node that runs our console, there are the Peers, the Orderer, and the CA, along with REST proxy nodes that will be used when connecting into the network from chaincode.

What you don't currently see in the Nodes tab are the Peers for the participants. This can be accomplished by exporting the Peer info from the Participants and importing it into the Founder. Likewise we can export the Founder's peer nodes and import their information into the Participants console.

First let's export the Founder's Peers by clicking on the Export/Import Peers button. Select Export. Then click on the Peer List bar and select your peers. Since we have two peers in this instance (peer0 and peer1), we will select both of them. Click the Export button and save the JSON file to your PC.

Go to the TESTPART1 console and go to the Nodes tab. You will see the list of nodes and it should look very similar to the Founder node with the exclusion of the Orderer node. Look closely though and you will see that the URL for the nodes in TESTPART1 do not match the URLs for the nodes in TESTFOUNDER, these are not the same REST proxies or Console nodes. Remember that in a real world implementation it is unlikely the nodes will all be in the same tenancy so it makes sense that from an infrastructure perspective all participants will need their own unique nodes running in their own environment.

Click on the Export/Import Peers button for TESTPART1, select Import and choose the JSON file you exported from TESTFOUNDER. You should now see two additional nodes added to TESTPART1. Look closely at the URLs and you will see that they match the URLs in the TESTFOUNDER console.

Click on the mind-map icon to see the Founder's peers represented.

Repeat the steps for Exporting/Importing all the peers with each instance.

When you are done the TESTFOUNDER console will show the entire blockchain network.

Creating Channels

A Hyperledger Fabric channel is a private “subnet” of communication between two or more specific network members, for the purpose of conducting private and confidential transactions.

Channels are one of the core features of HLF that make it useful for Enterprises. Even though we are participating in a decentralized environment, there still exists the need for confidentiality. A supplier may not want two different customers to know they were being charged different prices for the same product. Channels allow us to segregate interactions on the network between specific peers. For example, TESTFOUNDER and TESTPART1 may want to have a separate ledger for their activity. Likewise TESTPART1 and TESTPART2 may want to have a private ledger that only they share.

For this tutorial, let's go ahead and create a new channel for all three participating parties to be a part of.

Go to the TESTFOUNDER console, Channels tab, and then click the Create a New Channel button. Note that there should already be a default channel set up; you can ignore the default channel for now.

Give the new channel a name testch1 then select the other two participants to join the channel. Lastly, select peer0 and peer1 to join the channel. *Note that it is possible to have an organization join the channel as a readonly participant. This can be useful for various reasons, the one that immediately jumps to my mind is regulatory where an reviewer can be added to a channel with read only rights to satisfy audit requirements surrounding the transactions that are happening on the channel.

Click submit. You are going to see a warning that a channel cannot be deleted and you need to confirm you want to keep it. This is one of the first places we see the concept of blockchain immutability. By creating a channel we are creating a ledger and a genesis block. Once that is added to the blockchain, it cannot be removed.

Go back to the Nodes tab and click on the mind-map icon to check out a Sankey chart of the relationships between the organizations by channel.

Come back to the Channels tab and click on the new testch1 channel. Review the Ledger tab and you will see that one genesis block has been created.

We're going to discuss chaincode in the next section. Channel Policies and ACLs are beyond the scope of this tutorial.

Lastly, go to a participants console and click on Channels. You will see testch1 is there but it cannot be clicked on. Go to the hamburger menu on the right and choose to Join Peers to Channel. Select available peers to join the channel and you will now be able to explore the channel's ledger from that participant's console.

Chaincode

In Hyperledger Fabric, chaincode is the 'smart contract' that runs on the peers and creates transactions. More broadly, it enables users to create transactions in the Hyperledger Fabric network's shared ledger and update the world state of the assets.

Developing chaincode is a lengthy exercise depending on your requirements. Fortunately OBP comes with some sample code to experiment with.

Go to the TESTFOUNDER console and click on Developer Tools tab. There is a lot of good information and useful links here to explore. Go to Sample tab. Oracle provides three chaincode samples to work with; Balance Transfer, Car Dealer, and Marbles.

Let's go ahead and use Car Dealers for this exercise. I worked in a car dealership when I first graduated college, so it will be a little nostalgic for me.

Click the Install Button for Car Dealers chaincode. Choose the peers you want the code to be installed on (peer0 and peer1) then select the programing language you want to use. I'm going to select Golang. Note that Golang is the default programming language for HLF. Additional support is provided for Java and Node.js but Golang has the most support and functionality.

Next we are going to instantiate the chaincode on our channel. Click the Instantiate button, then select testch1 from the drop down list and select the REST proxies you want the chaincode to run on. Depending on how many REST proxies you select, it may take a few moments for the instantiation to complete.  Invoke the chaincode by clicking the Invoke button. Fill in the required fields and Execute

Go to the Channels tab and select testch1. You should see 3 blocks now exist. Click on Block #1, then expand the TxID details. Here you will see the deployment of the chaincode into the channel. It is good to notice that activity on the chain is not restricted to just transactional activity. All events are recorded. So, when a chaincode gets deployed it is entered onto the chain to provide an immutable entry when the chaincode was altered. 

Click on Block #2 and you will see the transaction we executed. 

Go to TESTPART1 and TESTPART2's consoles to review the activity from the perspective of a participant.

We've accomplished quite a bit so far, congratulations! We've created and deployed a full Hyperledger Fabric network with multiple participants. We've established our network topology and created a channel to share transactions across our network. We deployed chaincode to our channel and executed a transaction, which was successfully written to our blockchain.

In my next article we're going to look at the Rich History feature of OBP and how we can get the activity on our blockchain into a data warehouse, in near real-time, for reporting and analytics.