Search code examples
hyperledger-fabrichyperledgerca

how to make a user upload private key file before any transaction in hyperledger fabric?

I understand that Hyperledger stores private key of users in a directory called keystore. i don't want my network to store it rather user should upload this file before any transaction. How to do it.

Solution

  • I don't have a full code to provide to you and I don't have time to write it. However, here is a flow you can follow:

    • FRONT END: Allow user to upload files (Example (assuming you are building a web application): http://reusableforms.com/d/o3/html5-contact-form-with-file-upload)
    • BACK END: Retrieve the file from the request.
    • BACK END: Create the user context from these files
    • BACK END: Build/send transaction
    • FABRIC: Process transaction
    • BACK END: If transaction is VALID, delete all the information about the user (private key in particular)
    • BACK END: Send response back to FRONT END

    I do not know what is your scenario, but:

    • I think having the user manage its own keys is a risk, as he can lose it or someone may "hack" the user device to get it.
    • Having private keys moving on the network may be a security issue, has someone may be able to intercept it.

    But as I said, I don't know your scenario. If you are in a closed network then transfering PK might not be a problem. If your client application manages the keys for the user, it may be ok too, but what if the user deletes it by mistake? Or what if the device is broken?