Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AssetTransfer Private - Incorrect Endorsement Policy #922

Merged
merged 1 commit into from Mar 22, 2023
Merged

AssetTransfer Private - Incorrect Endorsement Policy #922

merged 1 commit into from Mar 22, 2023

Conversation

mbwhite
Copy link
Member

@mbwhite mbwhite commented Jan 31, 2023

For the asset transfer example (https://hyperledger-fabric.readthedocs.io/en/release-2.5/private_data_tutorial.html#pd-use-case) there are three private data collections, one per org and one shared between the orgs.

The shared collection didn't have an endorsement policy so inherited the chaincodes; this was specifically set away from the default to be OR(Org1MSP,Org2MSP). The documentation says this is to ensure that either organization can create an asset. Whilst this is strictly correct, it is misleading - it doesn't need to be a chaincode wide policy, but specifically to the shared collection.

Therefore it is better to leave the chaincode policy at its default and move the specific policy down to the collection.
With the context of this example as coded, this is exactly functionally the same - but gives a more accurate impression.

@mbwhite mbwhite requested a review from a team as a code owner January 31, 2023 09:41
@mbwhite mbwhite force-pushed the relmain/private-data-policy branch 2 times, most recently from 72eb010 to 2cb2f1f Compare January 31, 2023 09:58
@denyeart
Copy link
Contributor

denyeart commented Feb 2, 2023

This is a good change - fix is coming to Fabric:
hyperledger/fabric#3986

@mbwhite
Correct the private data collection information
f6becc2 
For the asset transfer example (https://hyperledger-fabric.readthedocs.io/en/release-2.5/private_data_tutorial.html#pd-use-case)
the are three private data collections, one per org and one shared between the orgs.

The shared collection didn't have an endorsement policy so inheritted the chaincodes; this was specifically set away from the default
to be OR(Org1MSP,Org2MSP).   The documentation says this is to ensure that either organization can create and asset.

However this isn't really necassary, the endorsement policy should be lowest level; so this PR moves the endorsement policy to
the collection.  The documentation does I believe lead to a false understanding

Signed-off-by: Matthew B White <whitemat@uk.ibm.com>
@mbwhite mbwhite force-pushed the relmain/private-data-policy branch from 2cb2f1f to f6becc2 Compare March 22, 2023 13:50
@mbwhite mbwhite mentioned this pull request Mar 22, 2023
Closed
@denyeart denyeart merged commit 67ae2c9 into hyperledger:main Mar 22, 2023
41 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@denyeart denyeart denyeart approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mbwhite @denyeart