Git

Git is used to clone the fabric-samples repository from GitHub to your local machine. If you don’t have Git installed, you can download it from https://git-scm.com/downloads. Once you download and install it, verify Git installation with the following command:

$ git --version
git version 2.26.2

cURL

We use cURL to download the Fabric binaries from the web. You can download cURL from https://curl.haxx.se/download.html. Once it’s downloaded and installed, verify the installation by executing the following command:

$ curl -V
curl 7.54.0 (x86_64-apple-darwin18.0) libcurl/7.54.0 LibreSSL/2.6.5 zlib/1.2.11 nghttp2/1.24.1
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps
telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets HTTPS-
proxy

Node.js and npm

We will be using JavaScript for developing our Fabric smart contracts. Fabric uses Node.js and npm for processing smart contracts. The supported versions of Node.js are 10.15.3 and higher, and 12.13.1 and higher. The supported versions of npm are 6 and higher. Node.js includes npm in the installation. You can download Node.js from https://nodejs.org/en/download. You can verify the installation of Node.js and npm by executing the following commands:

$ node -v
v10.15.3

$ npm -v
6.11.2

Docker and Docker Compose

Hyperledger Fabric consists of several components, each of which operates as a separate executable service, so Fabric maintains Docker images of each component. The images are hosted on the official Docker Hub website. At minimum, you need Docker version 17.06.2-ce. You can get the latest version of Docker at https://www.docker.com/get-started. When Docker is installed, Docker Compose is also installed. You can verify the Docker version by executing the following command:

$ docker -v
Docker version 19.03.13, build 4484c46d9d

Then verify your Docker Compose version by executing this:

$ docker-compose --version
docker-compose version 1.27.4, build 40524192

Before proceeding, start Docker, because Docker needs to be running to complete the installation of the Fabric installation script.

Fabric Installation Script

Create and change to the directory you will use to install the Fabric binaries and sample projects. Docker must be running because the script requires Docker to download the Fabric images.

The script will do the following:

1. Download the Fabric binaries

2. Clone fabric-samples from the GitHub repo

3. Download the Hyperledger Fabric Docker images

Here is the command to execute the script:

curl -sSL https://bit.ly/2ysbOFE | bash -s

But we are not going to execute this command yet. First, we are going to save the command output, so we can examine it. Make sure you are in the directory you have created to install the Fabric binaries and sample projects, and then execute the following command:

curl -sSL https://bit.ly/2ysbOFE > FabricDevInstall.sh

Now you can open FabricDevInstall.sh in your favorite editor and examine the script to see how it clones fabric-samples from GitHub, downloads the Fabric binaries, and downloads the Docker images. Understanding the operation of this script may help you later if you want to customize your Fabric development environment or optimize it based on your workflow.

After you finish examining the script, open a shell and change FabricDevInstall.sh to an executable by executing the following command:

$ chmod +x FabricDevInstall.sh

Now let’s execute FabricDevInstall.sh with the following command:

FabricDevInstall.sh

Once the script completes execution, we should be all set. The fabric-samples directory, Docker images, and Fabric binaries are installed in the fabric-samples/bin directory. In the directory where you ran the command, there should now be a directory called fabric-samples. Everything we need is in fabric-samples. First, we will dig into the Fabcar sample smart contract, which you can find in the fabric-samples directory.

Fundamental Requirements of a Smart Contract

The Fabcar example smart contract is a valid, functional example of a basic smart contract. We have much more to add before it would be ready for production, including security, error management, reporting, monitoring, and testing. We want to remember several important points from this example smart contract. Let’s go through them:

Contract class

Smart contracts extend the Contract class. This is a simple class with few functions. We will look at this class later in the chapter.

Transaction context

All smart contract transaction functions pass a transaction context object as their first argument. This transaction context object is a Context class. When we look at the Contract class, we will look at this class too.

Constructor

All smart contracts must have a constructor. The constructor argument is optional and represents the name of the contract. If not passed, the class name will be used. We recommend you pass a unique name and think of this in terms of a namespace, like a reverse domain name structure.

Transaction function

A transaction function to initialize a smart contract can be created and called prior to client requests. You can use this to set up and execute your smart contract with any required resources. These resources could be tables or maps of data used for lookups, translations, decoding, validating, enriching, security, and so forth.

World state

We can query the world state in multiple ways. The simple query is a key lookup, and a range query gets a set. There is another called a rich query. We look at world state in Chapter 5.

putState

To write data to the ledger, we use the putState function. It takes as arguments a key and value. The value is a byte array, so the ledger can store any data. Typically, we will store the equivalent of business objects that are marshaled into byte arrays prior to being passed as the value argument.

ChaincodeStub

The ChaincodeStub class contains several functions used to interact with the ledger and world state. All smart contracts get an implementation of this class as the stub object contained and exposed by the Context class implementation called ctx, which all transaction functions receive as their first argument.

Read/write transactions

An update in a smart contract is executed in three steps: a read transaction, an update to the in-memory data returned from the read transaction, followed by a write transaction. This creates a new world state for the key while maintaining the history of the key in the immutable file-based ledger.

This point is important to remember: you cannot update (or write to) the ledger and read back what you wrote in the same transaction. It does not matter how many other transaction functions you call from a transaction function. You need to think about the data flow of a transaction request. Clients submit transaction requests to peers, which endorse the request transaction (this is where the smart contract executes); the endorsements with read and write sets are sent back to clients; and endorsed requests are sent to an orderer, which orders the transactions and creates blocks. The orderer sends the ordered requests to commit peers, which validate the read and write sets prior to committing the writes to the ledger and updating the world state.

In the simplest form, a smart contract is a wrapper around ChaincodeStub, because smart contracts must use the interface exposed through this class to interact with the ledger and world state. This is an important point to remember. You should consider implementing business logic in a modular design, treating your Contract subclass like a datasource. This will facilitate evolving your code over time and partitioning logic into functional components that can be shared and reused. In Chapter 5, we look into design in the context of packaging and deploying, and in Chapter 6, we delve into modular design and implementation to facilitate maintenance and testing.

Multiple peers, the endorsing peers, will be executing your smart contracts. Today the architecture places the smart contracts behind a gateway, which is middleware in the smart contract SDK. The gateway receives smart contract requests, processes them, and dispatches them to one or more peers. The peers instantiate the chaincode for execution.

SDK

Fabric provides an SDK implemented in Go, Java, and Node.js (JavaScript) for developing smart contracts. We are interested in the Hyperledger Fabric smart contract development SDK for Node.js, which is called fabric-chaincode-node. While you do not need to download it for smart contract development, you can download or clone fabric-chaincode-node from GitHub.

The fabric-chaincode-node SDK has a lot going on. We are interested in a few components that are central to developing smart contracts. The remaining files are low-level interfaces, support artifacts, tools, and more required to implement the Contract interface with Node.js. This SDK helps developers like us by providing a high-level API so we can learn fast and focus on our smart contract business logic and design.

The first API we are interested in is fabric-contract-api. It is located under the apis subdirectory of fabric-chaincode-node. The other API you see, fabric-shim-api, is the type definition and pure interface for the fabric-shim library, which we look at later in this chapter.

When we start our smart contract project and execute npm install, which we will do in Chapter 5, npm will download fabric-contract-api as a module from the npm public repository as well as fabric-shim. This download happens because we have two explicit smart contract dependencies for developing Hyperledger Fabric smart contracts. These are displayed in this excerpt from the package.json file of the Fabcar smart contract:

"dependencies": {
    "fabric-contract-api": "^2.0.0",
    "fabric-shim": "^2.0.0"
},

fabric-contract-api and fabric-shim are the only modules we need to develop our smart contracts. fabric-contract-api contains the contract.js and context.js files, which implement the Contract and Context classes.

constructor(name) {
    this.__isContract = true;
    if (typeof name === 'undefined' || name === null) {
        this.name = this.constructor.name;
    } else {
        this.name = name.trim();
    }
    logger.info('Creating new Contract', name);
}

async beforeTransaction(ctx) {
// default implementation is do nothing
}

async afterTransaction(ctx, result) {
    // default implementation is do nothing
}

getName() {
    return this.name;
}

createContext() {
    return new Context();
}

const AssetList = require('./assetlist.js');

class MyContext extends Context {
    constructor() {
        super();
        this.assetList = new AssetList(this);
    }

}

class AssetContract extends Contract {
    constructor() {
        super('org.my.asset');
    }

    createContext() {
        return new MyContext();
    }
}

async queryCar(ctx, carNumber) 
async createCar(ctx, carNumber, make, model, color, owner)
async queryAllCars(ctx)

async CreateAsset(ctx, id, amount, owner) {
        const asset = {
            ID: id,
            Amount: amount,
            Owner: owner
        };
        return ctx.stub.putState(id,Buffer.from(
           JSON.stringify(asset)));
}

func (c *Asset) Invoke(stub shim.ChaincodeStubInterface) pb.Response {
    function, args := stub.GetFunctionAndParameters()
    if function == "Process" {
        return c.Process(stub, args)
    } 
    return shim.Error("Invalid function name")
}

getState(key: string): Promise<Uint8Array>;
putState(key: string, value: Uint8Array): Promise<void>;
deleteState(key: string): Promise<void>;

Create and Execute Queries

Smart contracts often need to look up or query data from the world state while processing a transaction. Remember the update to our Fabcar sample smart contract? To perform an update, a smart contract typically must find and load the existing object to update. Then it updates the in-memory data and writes the updated data to the ledger—remember putState to write and getState to read.

Unlike a relational database in which we can update a field without selecting the row first, with Fabric smart contracts, we must load the value of a key and update the value. That may be a single field in a very large and complex JSON data structure, or it may be a simple object with one field, the field we are updating. Why is this? Because all data is tied to a unique key. If a key’s associated value is an object with four fields, we think of each field as a value—but to the ledger, it is all just one value object identified by a single unique key.

Here are the available stub functions you can use for finding data:

• getState(key: string): Promise<Uint8Array>;

• getStateByRange(startKey: string, endKey: string): Promise<Iterators.StateQueryIterator> & AsyncIterable<Iterators.KV>;

• getStateByRangeWithPagination(startKey: string, endKey: string, pageSize: number, bookmark?: string): Promise<StateQueryResponse<Iterators.StateQueryIterator>> & AsyncIterable<Iterators.KV>;

• getQueryResult(query: string): Promise<Iterators.StateQueryIterator> & AsyncIterable<Iterators.KV>;

• getQueryResultWithPagination(query: string, pageSize: number, bookmark?: string): Promise<StateQueryResponse<Iterators.StateQueryIterator>> & AsyncIterable<Iterators.KV>;

• getHistoryForKey(key: string): Promise<Iterators.HistoryQueryIterator> & AsyncIterable<Iterators.KeyModification>;

We discuss these in Chapter 5, when we use them in a smart contract and invoke them from a client.

Define Assets by Using Key-Value Pairs

When designing smart contracts, you may need to think in terms of assets. Assets are generic and can represent many things, including tangible and intangible objects. They could be machine parts, dog food, currency, or green derivatives. We use name-value pairs, or key-value pairs, depending on how you want to think about it, to create our data structures. Here is an example we can discuss:

const assets = [
    {
        color: 'blue',
        make: 'Honda',
        model: 'Accord',
        owner: 'Jones',
    },  
    {
        color: 'red',
        make: 'Ford',
        model: 'Mustang',
        owner: 'Smith',
    },
];
for (let i = 0; i < assets.length; i++) { 
    assets[i].docType = 'asset';
    await ctx.stub.putState('ASSET' + i,
      Buffer.from(JSON.stringify(assets[i])));
}

We’ve seen this before in the Fabcar example. It is a good example of basic processing, from which you can advance based on your unique use case. This example creates an array of objects that represent assets. The key-value pairs define the attributes, or characteristics, of each asset. The array acts as a simple database of assets. Each asset is written to the ledger by calling ctx.stub.putState, which takes a key and value. The value must be a byte array, so we convert the JSON object to a string and then convert the string to the byte array. You will do this a lot and may want to simplify it and start building a utility or library. This particular code was used to initialize the smart contract.

We can also define assets by using a smart contract transaction. The createAsset transaction function shown next illustrates how simple it is to create an asset and write it to the ledger. This function would be called by a client. The client could be a user or process. What’s important to remember is the asset will not be available until the transaction is committed to the ledger. So you can’t write a bunch of assets to the ledger and later in your smart contract expect to read and use their data to continue processing. This disconnected state is something to think about when you begin designing and brainstorming. Here’s the createAsset transaction function:

async createAsset(ctx, assetNumber, make, model, color, owner) {
        const asset = {
        color,
        docType: 'asset',
        make,
        model,
        owner,
        };
    await  ctx.stub.putState(assetNumber, Buffer.from(JSON.stringify(asset)));
}

Collect Private Data

The private data collection (PDC) is a partition of ledger data belonging to an organization that stores private data and keeps data private from other organizations on that channel. This includes private data and the hash value of private data. Chapter 9 provides more details. The need to keep specific data private is important to developing smart contracts. Many smart contracts need to be compliant with privacy and security requirements. Fabric supports private data for transaction functions and smart contracts.

The private data can be shared or kept isolated and secure. We can expire the private data after a number of blocks are created or on demand. The data placed into the PDCs remains separate from the public data, and PDCs are local and protected. The world state can be used in conjunction with PDCs by the use of hashes as well as public keys.

Table 4-1 lists several functions that are available from stub.

Employing private data can be tricky, and patterns exist for using it under differing circumstances. We will cover most of these functions in Chapter 5, when we implement private data functions to invoke, and again in Chapter 6, when we use them in maintenance and testing.

Set Attribute-Based Access Control

Eventually, you will need a way to implement granular authentication and authorization. Clients have an identity that controls access. The identities must belong to authorized organizations, and organizations belong to channels that host chaincode. A certificate represents the client’s identity. It supports attributes that can be used to implement transactions and smart-contract-level authentication control and authorization policies.

You access this information from the clientIdentity object contained in the transaction context. This object has two functions related to attribute values:

assertAttributeValue(attrName: string, attrValue: string): boolean;
getAttributeValue(attrName: string): string | null;

Use assertAttributeValue to check for the presence of an attribute and use getAttributeValue to retrieve a specific attribute. It is good practice to assert the attribute before retrieving it. In Chapters 5 and 6, we will employ attributes for security and other purposes.

Initialize the Ledger State

The initialization of the ledger is often a required task. The following example from the Fabcar code we looked at earlier illustrates how to initialize your smart contract state. You will initialize it right after it has been committed. After that, you can start to submit transactions and query ledger data by invoking smart contract methods.

You create a function that you will call to execute your initialization; here, it is called initLedger. In the initLedger function, you can perform what you need to do to initialize. In this example, we create an array of business objects, loop through the cars array, and then add an additional attribute docType to each car object in the cars array. Here is the initLedger logic:

async initLedger(ctx) {
    const cars = [
         {
              color: 'blue',
              make: 'Toyota',
              model: 'Prius',
              owner: 'Tomoko',
         },
         .
         .
         .
         {
              color: 'brown',
              make: 'Holden',
              model: 'Barina',
              owner: 'Shotaro',
              },
    ];
    for (let i = 0; i < cars.length; i++) {
              cars[i].docType = 'car';
              await ctx.stub.putState('CAR' + i,
              Buffer.from(JSON.stringify(cars[i])));
              console.info('Added <--> ', cars[i]);
    }
}

The initLedger function writes the array objects to the ledger by using the putState function. To execute the initLedger function, we need to invoke the smart contract. We can use the peer CLI invoke command. Let’s take a look at how we can call initLedger through the invoke command.

peer chaincode invoke 
-o localhost:7050 
--ordererTLSHostnameOverride orderer.example.com 
--tls true 
--cafile /OReilly/fabric-samples/test-network/organizations/ordererOrganizations
/example.com/orderers/orderer.example.com/msp/tlscacerts/tls/
ca.example.com-cert.pem 
-C mychannel 
-n fabcar 
--peerAddresses localhost:7051 
--tlsRootCertFiles /OReilly/fabric-samples/test-network/organizations
/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt 
--isInit 
-c '{"function":"initLedger","Args":[]}'

[chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

peer chaincode query 
-C mychannel 
-n fabcar 
-c '{"Args":["queryAllCars"]}'

[{"Key":"CAR0","Record":{"color":"blue","docType":"car",
"make":"Toyota","model":"Prius","owner":"Tomoko"}},
.
.
.
{"Key":"CAR9","Record":{"color":"brown","docType":"car","make":"Holden",
"model":"Barina","owner":"Shotaro"}}]

Package the Chaincode

The first thing we need to do is package our code. As you can see from the following command, we use the peer CLI to perform this step and all remaining steps.

To prepare our smart contract, we use the following peer package command:

peer lifecycle chaincode package fabcar.tar.gz \ 
        --path ../chaincode/fabcar/javascript/ \
        --lang node \
        --label fabcar_1

Once this command completes, we have a tar.gz file containing our smart contract. Next, we need to install this package.

Install the Chaincode

After we have packaged our smart contract, we can install it. If several organizations are collaborating, there is no need for all organizations to package smart contracts separately. One smart contract package can be used by all organizations. Once an organization receives the package, it is installed on their endorsing peers. Chapter 9 covers this in more detail.

Here is the installation command, which shows a successful output message:

peer lifecycle chaincode install fabcar.tar.gz

[cli.lifecycle.chaincode] submitInstallProposal -> INFO 001 Installed

Once the contract is installed, you may want to verify it.

Query the Installation

You can execute the following command to get the details of the latest chaincode installed:

peer lifecycle chaincode queryinstalled

Installed chaincodes on peer:
Package ID: fabcar_1:5a00a40697…330bf5de39, 
Label: fabcar_1

You may receive many package IDs, depending on the number of installed packages. You can use a script to filter the output if you need to automate a task that is dependent on a particular package being installed or not installed. Once a chaincode package is installed, it must be approved.

Approve the Package

After installing a package, an organization must approve it before it can be committed and accessed. This command has a lot of parameters. The one of most interest, for our purposes, is –package-id. We can get it from the output of the preceding queryinstalled command. package-id is used as the identifier for the chaincode installation package:

peer lifecycle chaincode approveformyorg 
-o localhost:7050 
--ordererTLSHostnameOverride orderer.example.com 
--tls true 
--cafile /OReilly/fabric-samples/test-network/organizations/ordererOrganizations
/example.com/orderers/orderer.example.com/msp/tlscacerts/
tlsca.example.com-cert.pem 
--channelID mychannel 
--name fabcar 
--version 1 
--init-required 
--package-id fabcar_1:5a00a406972168ac5856857b5867f51d5244208b876206b7e0e418330bf5de39 
--sequence 1

Once the approve command completes, we are ready to determine whether we can commit it. We use the checkcommitreadiness command.

Check Commit Readiness

A number of organizations must approve the chaincode package before it can be committed. The number depends on the policy, which could demand that all organizations or a subset of organizations approve. Ideally, you want all organizations to approve. We can use the checkcommitreadiness command to determine whether we can commit the package. In this case, we cannot because Org2 has not approved yet. Once it does, this command will show true for Org1 and true for Org2:

peer lifecycle chaincode checkcommitreadiness 
--channelID mychannel 
--name fabcar 
--version 1 
--sequence 1 
--output json 
--init-required

{
    "approvals": {
        "Org1MSP": true,
        "Org2MSP": false
    }
}

In a Hyperledger configuration, we can define different types of life-cycle endorsement policies. The default is MAJORITY Endorsement. This requires a majority of the peers to endorse a chaincode transaction for validation and execution in the channel and commit the transaction to the ledger. Chapter 9 covers this in more detail. Once all approvals are true, we can commit the chaincode package.

Commit the Chaincode Definition

Once all organizations or subsets of the organization have been approved to satisfy the policies mentioned, the chaincode can be committed to the ledger. To commit the chaincode, we use the commit command shown here:

peer lifecycle chaincode commit 
-o localhost:7050 
--ordererTLSHostnameOverride orderer.example.com 
--tls true 
--cafile /OReilly/fabric-samples/test-network/organizations/ordererOrganizations
/example.com/orderers/orderer.example.com/msp/tlscacerts/
tlsca.example.com-cert.pem 
--channelID mychannel 
--name fabcar 
--peerAddresses localhost:7051 
--tlsRootCertFiles /OReilly/fabric-samples/test-network/organizations
/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
--version 1 
--sequence 1
--init-required

Here is the output after the command runs:

[chaincodeCmd] ClientWait -> INFO 001 txid
[ef59101c320469be3242daa9ebe262771fc8cc8bd5cd0854c6424e1d2a0c61c2] committed with status (VALID) at
localhost:9051

Next, we can check whether the chaincode is committed with querycommitted.

Query Whether the Chaincode Is Committed

Chaincode must be committed before it can be invoked. To determine whether chaincode is committed, use the querycommitted chaincode command:

peer lifecycle chaincode querycommitted 
--channelID mychannel 
--name fabcar

Here is the output:

Committed chaincode definition for chaincode 'fabcar' on channel 'mychannel':
Version: 1, Sequence: 1, Endorsement Plugin: escc, Validation Plugin: vscc, Approvals: [Org1MSP: true,
Org2MSP: true]

Running the querycommitted command tells us our chaincode is ready. This chaincode contains a smart contract that needs initialization. To initialize it, we will invoke it.

Initialize the Contract

We can finally initialize our smart contract because the chaincode is approved and committed. We can use the invoke command to execute smart contract transactions:

peer chaincode invoke 
-o localhost:7050 
--ordererTLSHostnameOverride orderer.example.com 
--tls true 
--cafile /OReilly/fabric-samples/test-network/organizations/ordererOrganizations
/example.com/orderers/orderer.example.com/msp/tlscacerts/
tlsca.example.com-cert.pem 
-C mychannel 
-n fabcar 
--peerAddresses localhost:7051 
--tlsRootCertFiles /OReilly/fabric-samples/test-
network/organizations/peerOrganizations/org1.example.com/peers
/peer0.org1.example.com/tls/ca.crt 
--peerAddresses localhost:9051 
--tlsRootCertFiles /OReilly/fabric-samples/test-network/organizations
/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt 
--isInit
-c '{"function":"initLedger","Args":[]}'

After executing the invoke command, we will see the following output; it returns a 200 response status if chaincode invocation is successful:

[chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

At the bottom of the invoke command, we see the -c command flag and command object, which contains the function key and value initLedger with no arguments. This means the smart contract transaction function initLedger will be executed. The output shows a successful result. Our smart contract is now initialized and ready for clients. We can test our smart contract now by executing a query.

Execute a Query

We have gone through the steps to take your smart contract source-code project and instantiate it. We can test it by executing a query like this one:

peer chaincode query 
-C mychannel 
-n fabcar 
-c '{"Args":["queryAllCars"]}'

Here is the output after executing the queryAllCars command:

[{"Key":"CAR0","Record":{"color":"blue","docType":"car",
"make":"Toyota","model":"Prius","owner":"Tomoko"}},
.
.
.
{"Key":"CAR9","Record":{"color":"brown","docType":"car",
"make":"Holden","model":"Barina","owner":"Shotaro"}}]

This query executes the smart contract transaction function called queryAllCars. Writes get committed and thus require endorsing, which involves several peers. A query should not have to task more than one peer for execution. This is what the client-side code does for us. This example illustrates how a transaction function wraps a ChaincodeStub function, in this case a rangeQuery abstracted as queryAllCars.