Property Level Privacy in Hyperledger Fabric 1.0

Question

Is it possible to achieve property level privacy in Fabric 1.0. For example: If I have a chaincode representing a tenancy contract. I want only tenant & lessor to see all the details, banks to see only payment terms and actual owner to see everything except payment terms. How can I achieve this in Fabric 1.0. If I use channels then I will need to deploy two different contracts and the total number of channels I can create is limited to the network performance. Channels are not meant to be used to achieve property level privacy. I don't want to do it off-chain and also don't want to do on-chain encryption as I cannot apply smart operations on it. What is the best solution for achieve this?

Answer 1

Have a look at Fabric 1.2's Private data. See the official documentation here. It provides a side DB that is mentioned in one of the answers.

Answer 2

The Side DB for private channel data is planned as an upcoming feature for Hyperledger Fabric, where it will be able to restrict data only to a subset of peers while the evidence of data exposed to all in the channel. More info here (https://jira.hyperledger.org/browse/FAB-1151)

Answer 3

You can use the Composer Access Control Language to implement this, however unfortunately we have not (yet) written the code to enforce property level access control. The ACL engine enforces access control for namespaces and resources, and resource instances, however we have plans to extends this to properties on classes.

So, in the absence of declarative access control from the ACL engine you would have to use the getCurrentParticipant() runtime API and add procedural access control checks to your transaction processor functions.

You can read about the ACL language here: https://hyperledger.github.io/composer/reference/acl_language.html