Shulou(Shulou.com)06/02 Report--

This article is suitable for readers who are familiar with the open source blockchain technology Hyperledger Fabric and who want to use Huawei's cloud blockchain services more efficiently. Of course, any readers who are interested in blockchain technology are welcome to read this article. I believe readers will benefit from it.

Huawei Cloud released the enterprise blockchain service BCS (Blockchain Service) on February 1, 2018, which is based on open source blockchain technology and Huawei's years of accumulation in distributed parallel computing, data management, security encryption and other core technologies. It is designed to help all industries and enterprises quickly and efficiently build enterprise blockchain industry solutions and applications on Huawei Cloud.

As mentioned earlier, building a blockchain is not the goal, the key is to facilitate the application to use the blockchain more efficiently. The RESTFUL chain code to be introduced in this article called API was developed by Huawei Cloud Block chain for this purpose. Before introducing API in detail, give a brief introduction to the chain code to facilitate readers without Fabric knowledge background to understand.

We know that a block chain is a chain structure formed by a series of blocks. account data is recorded on each block, which can not be tampered with once written. So how is the data written? If users with write rights are allowed to write data at will, the existence of blockchain will be lost, so the introduction of the concept of chain code is of great significance. Chain code, also known as intelligent contract, as the name implies, is the pre-agreed code for writing data to the block chain. It is a piece of logic, which can be simple restrictions and constraints, or very complex business-related logic. According to the user's input, the logic operation is carried out, and finally the data set written to the block chain is obtained. then write the data to the block chain. If this description is too abstract, let's use an example of account transfer to illustrate it.

As shown in the above figure, the block chain on the right of the figure records the balance of the original account, an is 100 yuan and b is 200 yuan. In the figure, the client application on the left initiates a transfer transaction: a to b to x yuan This transaction will not be written directly into the block chain, but will first be calculated through the middle chain code to check whether there is enough balance in a's account before allowing the transfer transaction to be carried out. Write the balance of the final an and b accounts to the latest block chain.

The whole transaction process and the role of the chain code are actually very easy to understand, but in fact, the process of our application making calls to the chain code is still a bit complicated. Because the call request for blockchain is different from a normal RPC remote call, the client needs to have the following things:

1. Package the call information of the chain code, such as channel ID, chain code ID, call parameters, caller information, etc.

2. Sign the packaged binary content with the user's private key

3. Depending on the endorsement strategy of the chain code, you may need to initiate calls to the chain code on the nodes of multiple organizations

Thus, it is not realistic for the client to implement this calling process, so it needs to be implemented with the help of SDK. At present, according to the language of the client, SDK also has different language versions. For example, golang language has fabric-sdk-go implementation, and javascript also has nodejs version of SDK implementation. Let's first take a look at the configuration files required to use SDK and the sample code snippet that uses SDK to make calls:

The image above is a snippet of a 200-line SDK configuration file

This is an example of using the nodejs version of SDK. From this, we can see the disadvantages of client applications using SDK directly:

Although Huawei Cloud already provides SDK configuration file download function, it is still very expensive for developers who use SDK for the first time.

2 Fabric SDK SDK language-related and high learning cost although many languages provide SDK, there is still a certain learning cost to learn, and the class library names and method names of different languages are called differently, so the learning cost of switching between different languages increases exponentially.

3Jing SDK is too thick and heavy applications need to introduce SDK class library when using SDK. Although SDK without development language is packaged with different sizes, it is still very heavy for some thin clients (such as Android or IOS mobile apps).

In order to facilitate developers to use blockchain services, Huawei Cloud provides RESTFUL API on the server to overcome the above shortcomings of using SDK directly:

As shown in the above architecture diagram, Huawei Cloud Block chain service directly exposes API in the form of RESTFUL for developers to use, and encapsulates the call to SDK on the server side. Because Huawei Cloud manages the organizational structure of the blockchain and various certificates for users, it naturally has the required SDK configuration files and does not need to be manually generated by users. Here is an example of RESTFUL chain code calling the requested Header and Body for readers' reference:

HEADER:

X-bcs-signature-sign: 1f8b08000000000000ff14cbb11503510c02b081d260c098bfff6279d74bb90a5ca7384e3cae9b5825af7cb076b65e039be41da8e8b1e38700d599fa4aee37d6c159a94355ada783dbb4d66e17e967db39cef36bcd0b5adc8be3e178698ef9070000ffff

BODY:

{

"channelId": "testchannel"

"chaincodeId": "zmmcode"

ChaincodeVersion: 1. 0

"userId": "User1"

"orgId": "7258adda1803f4137eff4813e7aba323018200c5"

"opmethod": "invoke"

"args": "[" invoke "," a "," b "," 1 "]"

"timestamp": "2018-10-31T17:28:16+08:00"

Cert: "- BEGIN CERTIFICATE-\ nMIIDBzCCAq2gAwIBAgIQEXPZlMsReamxVtVNnKwCCzAKBggqhkjOPQQDAjCCAQQx\ nDjAMBgNVBAYTBUNISU5BMRAwDgYDVQQIEwdCRUlKSU5HMRAwMwUQYD14eH+jTTBLMA4GA1Ud\ nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIFBXQ5TC4acFeTlT\ nJuDZg62XkXCdnOfvbejSeKI2TXoIMAoGCCqGSM49BAMCA0gAMEUCIQCadHIKl0Mk\ nYn0WZizyDZYR4rT2q0nzjFaiW+YfV5FBjAIgNalKUe3rIwXJvXORV4ZXurEua2Ag\ nQmhcjRnVwPTjpTE=\ n-END CERTIFICATE-\ n"

}

When you see this, the reader may be confused about the signature in Header above and the cert certificate information in Body. Please don't worry, first introduce the implementation principle of Huawei Cloud Block chain RESTFUL interface, and readers will naturally be able to allay their doubts.

According to the previous article, we have learned that the main difference between block chain calls and ordinary RPC remote calls is that they need a user signature to prove that the transaction was initiated by the specified user, so RESTFUL calls are also inevitable. Therefore, when using the Huawei Cloud Block chain RESTFUL API, we still need to use the user's private key to sign the entire request message body, as shown in  in the figure. The signature result is placed under the specified name in HEADER. The signature will be verified by the user's public key on the server side, and the verification can only be continued through the transaction.

In some cases, the user's public and private key pair is not managed by Huawei Cloud Block chain service, but is signed by the user using the organization's private key. At this time, the server lacks the user's public and private key. In this case, you need to use the cert field to upload the user's public key in the request message body. The server uses the public key uploaded by the user to verify whether the signature in the HEADER is the legitimate signature of the private key to the message body. Then the problem arises: any forger can make an asymmetric public-private key pair, then sign the private key of an illegal message body, and put the public key in the message body to pass the verification of the server. To avoid this vulnerability, the server verifies the validity of the public key uploaded by the user before verifying the signature, as shown in  above. Because the public key uploaded by the user is actually a certificate, the certificate contains the signature of the user's public key and the organization private key to the certificate, and the forger cannot forge the signature without the organization private key, so that the server can determine the validity of the user's uploaded certificate.

When the server uses a legitimate user certificate to verify that the signature in the request HEADER is the signature of the user's private key, the server can really initiate the call to the blockchain code. Here, the way the server uses SDK is no different from the way the client uses SDK directly, except that if the client certificate is signed by itself, the server does not have a user private key. At this point, the block chain code call is initiated using the organization's admin certificate.

Now that the RESTFUL invocation mechanism is clear to the reader, the advantages of RESTFUL invocation are easy to understand:

1. Easy to use, Huawei Cloud Block chain service encapsulates the complexity of SDK.

Since most languages already have a very mature RESTFUL call class library, there is basically no learning cost to call RESTFUL. There is no need to introduce SDK class library, which is suitable for lighter clients.

The above is a detailed description of the principle of calling API in the RESTFUL chain code of Huawei cloud blockchain. At present, the RESTFUL interface is still in public testing. Readers are welcome to come to Huawei Cloud for free experience and make valuable comments.

Reference: API referenc

Source: CSDN

Original: https://blog.csdn.net/weixin_43682574/article/details/85077234

Copyright notice: this article is the original article of the blogger, please attach a link to the blog article to reprint it!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.