From 8a705b75070b7a7021ec6f897a80898abf6a1e45 Mon Sep 17 00:00:00 2001
From: yacovm <yacovm@il.ibm.com>
Date: Sat, 14 Oct 2017 20:56:09 +0300
Subject: [PATCH] [FAB-6620] Prevent private data send in instantiate

Currently the collection configurations are stored in the LSCC namespace.
Therefore, if an instantiate transaction contains private data -
it's impossible to obtain the collection configuration in order to
know to which peers to disseminate to, etc.

Therefore we should just disable private data dissemination upon
endorsement altogether.

This change set makes the endorsement fail if private data is
detected in the simulation results in instantiate.

Change-Id: Icb6d0e9df2505e93f2350063d43913b71e3f2761
Signed-off-by: yacovm <yacovm@il.ibm.com>
---
 core/endorser/endorser.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/endorser/endorser.go b/core/endorser/endorser.go
index 8188876f399..ab681b1cf4c 100644
--- a/core/endorser/endorser.go
+++ b/core/endorser/endorser.go
@@ -265,6 +265,10 @@ func (e *Endorser) simulateProposal(ctx context.Context, chainID string, txid st
 		}
 
 		if simResult.PvtSimulationResults != nil {
+			if cid.Name == "lscc" {
+				// TODO: remove once we can store collection configuration outside of LSCC
+				return nil, nil, nil, nil, errors.New("Private data is forbidden to be used in instantiate")
+			}
 			if err := e.distributePrivateData(chainID, txid, simResult.PvtSimulationResults); err != nil {
 				return nil, nil, nil, nil, err
 			}