Abstract
Implement client side security for the Climate SIG's Hyperledger Fabric application, so that transactions could be signed using Metamask through TrustId.
...
| Week | Task/Plan | Status | |
|---|---|---|---|
| May 24 - May 28 | Set up project plan. | ||
| May 31 - June 11 | Review TrustID from our previous call. Develop plan for integrating Fabric, TrustID, and Metamask. Integrate TrustID with Fabric. | ||
| June 14 - June 25 | Finish integration of TrustID with Fabric. Integrate Metamask into TrustID to sign Fabric transactions. This Task has been revised as these weeks I have simply been understanding how to sign transactions on Fabric with private key and csr generated by the client offline (not the Fabrik SDK). The key only needs to be stored on the client wallet ( metamask), as singing can be done off the server. We could also share the pKey generated by the Fabric (TrustID app) with the client to upload to their wallet. However, the key generator must be compatible with the client Wallet. In the case of Ethreum (e.g. Metamask) we need to generate secp256k1 key, however fabric certificate signer does not support this EC. Trust ID is a good solution as it can register a public key (DID) generated from custom private key that is authorized by Fabric CA to commit endorsements to the chaincode. Note, Trust ID currently only supports infra EC P-521, but this should be easy to update. | Based on discussion with the mentors, the first task was reframed as completing the offline signing of transactions on Fabric using a private key (secp256k1 for ethereum compatibility) generated by the client and store on their wallet (not on the server). The next task Next we want to use the private key to establish a DID (e.g. using TrustID) that can be used to access other networks | |
| June 28 - July 2 | Get ready for first Evaluation. Return to TrustID integration to register secp256k1 DID to execute transactions on Fabric. Understand why REST-API for connecting to utilityemissionschannel is returning error when sending endorsement proposal to peers. This is happening with both self-signed (offlie private key) and Fabric generated certificates. Error: No valid responses from any peers. Errors:\n peer=peer1.auditor1.carbonAccounting.com:7051, status=500, message=error in simulation: transaction returned with failur | ||
| July 5 - July 9 | Demo of signing Fabric transaction with Metamask thru TrustId. Eval 1 | In | |
| July 12 - July 23 | |||
| July 26 - August 6 | |||
| August 9 - August 13 | |||
| August 16 - August 27 | Eval 2 | ||
| August 30 - Sept 3 | |||
| Sept 6 - Sept 17 | |||
| Sept 20 - 24 | |||
| Sept 27 - Oct 1 | Eval 3 | ||
| Oct 4 - Oct 15 | |||
| Oct 18 - Oct 29 | |||
| Nov 1 - Nov 5 | |||
| Nov 8 - Nov 12 | Eval 4 Final evaluation and presentation of project |
...
The project will enable users of the fabric utility emissions channel to use offline private key to sing transaction proposals. This includes standard crypto keys used by publicthe Ethereum/permissionless networks like ethereum where BTC networks and as used by the Net Emissions Token network is hosted.
Note: Fabric has a tutorial using offline private keys and CSR files provided by the client. While this was investigated as a quick solution to integrating Metamask into utility emissions channel, Fabric CA does not support secp256k1 keys used by Ethereum/Bitcoin. TrustID on the other hand can be used to register DIDs with customized private keys infrastructure on a Fabric CA to provide secure access to a Fabric network.
Offline signing will be integrated into the channels the javascript REST API using the Metamask plugin.We will also look into potentially using TrustID for securing access of DIDs to different networks of the blockchain carbon accounting project. TustID generated DID credentials will be used to sign transactions on the utility emissions channel Fabric network.
The first step in this project is to setup offline signing following this tutorial. This includes several steps:
...