Use access control in your blockchain smart contracts to streamline supply chain operations

Summary

This pattern demonstrates an end-to-end blockchain application that connects to Hyperledger Fabric 1.4. It implements attribute-based access control, user management, event management, and an Angular front-end UI to interact and query the blockchain ledger. The pattern takes you through ordering, shipping, and enlisting the product for the customer to purchase. The customer can trace the order history through the supply chain, providing end-to-end visibility. In addition, a regulator has access to all orders in the system to ensure correct practices are followed.

In supply chain, confidentiality is mandatory because some consumers might be given discounted rates compared to others. In this scenario, other consumers should not be able to access their competitors’ rates. Given that Hyperledger Fabric is optimized for a broad range of industry use cases, including supply chain, the open source framework provides a way to implement confidentiality at the chaincode layer using attribute-based access control. This example shows you how to implement such functionality, by registering each user with a specific attribute, called usertype. The usertype can be either an admin, a regulator, a producer, a shipper, a retailer, or a customer, and it is generated when a specific user registers in the application. When that user logs in successfully and connects to an instance of the Hyperledger Fabric network, their usertype gives them access to certain transactions that have been submitted on the network. For example, the regulator (such as the FDA) is able to view all transactions on the network in order to reliably audit the network, but the retailer is only able to view the transactions that they are a part of. Once you understand how to apply these access control rules, you can apply them to any use case and start building innovative and secure blockchain networks.

When you complete this code pattern, you will understand how to:

  • Implement attribute-based access control in Hyperledger Fabric
  • Build a chaincode where certain users have access to certain transactions
  • Use an Angular UI to interact with a Hyperleder Fabric network

Technologies

  • Blockchain: A tamper-evident, shared digital ledger that records transactions in a public or private peer-to-peer network. The blockchain acts as a single source of truth, and members in a blockchain network can view only those transactions that are relevant to them.

  • Node.js: A runtime environment to run JavaScript code outside the browser.

Flow

flow

Flow Description

  1. The user interacts with an Angular Web UI to update and query the blockchain ledger and state.
  2. The UI calls Node.js application APIs running on a backend server.
  3. The Node.js application server calls Fabric SDK APIs.
  4. The Fabric SDK interacts with and submits transactions to a Hyperledger Fabric 1.4.1 network (or a IBM Blockchain Platform 2.0 network).

Instructions

Find the detailed steps for this pattern in the readme file. The steps show you how to:

  1. Clone the repo.
  2. Start the Hyperledger Fabric runtime.
  3. Install and instantiate contract.
  4. Export connection details.
  5. Export local wallet.
  6. Build and run the app.
  7. Submit transactions in the app.