Hyperledger是像以太坊一样真正安全的区块链吗? [英] Is Hyperledger a truly secure blockchain like ethereum?

问题描述

在Hyperledger中，我们有一个称为网络管理员的东西，该管理员将有权访问区块链上的所有卡和资产(至少我尝试使用acl拒绝管理员对资产的访问，但我无法部署更改，每次都会超时).因此，是否有可能将admin与我们的业务网络隔离?还是像以太坊这样的所有区块链也都有网络管理员?

In Hyperledger we have something called a network admin and this admin will have access to all the cards and assets on the blockchain (at least I have tried to deny the admin access to assets using the acl, but I couldn't deploy the change, it timed out Everytime). So, is it possible to isolate admin from our business network? Or all the blockchains like ethereum too have the network admin?

推荐答案

我相信您在问题中所指的是Hyperledger Composer而不是Hyperledger Fabric或Hyperledger Foundation组件的任何部分，所以我认为重要的是这里有区别.您也没有指定尝试使用的Hyperledger Composer版本，所以我的答复是针对Composer 0.19.x的，这是撰写本文时的最新版本.

I believe you are referring in your question to Hyperledger Composer rather than Hyperledger Fabric or any part of the Hyperledger Foundation components, so I think it important that a distinction is made here. You also don't specify the version of Hyperledger Composer you tried to use so I the answer here is specific to Composer 0.19.x which is the current release at time of writing.

超级账本编辑器是一个利用超级账本结构的DLT功能的框架.这样，任何业务网络都是通过超账结构的机制进行管理和控制的.因此，要安装/启动/升级业务网络，需要适当的Hyperledger Fabric权限才能执行链码安装/实例化/升级.为了与业务网络进行交互，您需要经过Hyperledger Fabric授权的身份.

Hyperledger composer is a framework that makes use of the DLT capabilities of hyperledger fabric. As such any business network is managed and controlled via the mechanisms of hyperledger fabric. So to install/start/upgrade a business network requires the appropriate Hyperledger Fabric permissions to perform chaincode install/instantiate/upgrade. In order to interact with a business network you need an identity that is authorised by hyperledger fabric to do so.

在Composer中，没有网络管理员(即具有整体权限的单个参与者或一组参与者)之类的东西. ANY参与者的所有访问都由业务网络定义的acl定义控制.更改业务网络(从而更改ACL)的能力由身份控制，该身份被允许执行Hyperledger Fabric Chaincode升级(或如果进行首次部署则开始).

In Composer there is no such thing as a network administrator (ie a single participant or set of participants that have overall authority). All access for ANY participant is controlled by the acl definitions that a defined by the business network. The ability to change the business network (and thus the acls) are controlled by the identity who is allowed to perform a hyperledger fabric chaincode upgrade (or start if doing first deployment).

Composer仅出于开发目的提供了非常简单的超级账本结构设置，还提供了一个示例ACL，该ACL授予了预定义的参与者类型NetworkAdmin(也许此内置的默认名称令人困惑，因为它没什么特别的)，从而允许它完全访问所有内容.同样，在所有教程中，所有内容都以这种方式称为管理和设置"，以便轻松进入开发业务网络应用程序，当然，它也不是如何建立生产网络的指南或表示.

Composer provides a very simple hyperledger fabric setup for development purposes only as well as a sample ACL that grants a predefined participant type of NetworkAdmin (perhaps this built in default name is confusing as it isn't anything special) allowing it full access to everything. Also in all the tutorials everything is referred to admin and setup that way in order to provide an easy entry into developing business network applications and certainly isn't a guide or representation of how a production network should be set up.

总而言之，超级账本编辑器受超级账本结构具有的任何访问权限约束(并且请注意，正在引入更多有关超级账本结构的功能，例如零知识证明).然后，Composer将其自己的访问控制概念添加到ACL定义的控制中，使用所有这些功能，您可以完全控制身份和参与者在超级账本结构分类账中可以执行的操作和查看的操作.

In conclusion, hyperledger composer is bound by whatever capabilities hyperledger fabric has for access (and note that more capabilities to hyperledger fabric are being introduced such as zero knowledge proof). Composer then adds on to this it's own concept of access control governed by the ACL definition, using all of these capabilities you have complete control over what identities and participants can do and see within a hyperledger fabric ledger.

这篇关于Hyperledger是像以太坊一样真正安全的区块链吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！